Data controller and data processor
The data controller with overall responsibility for deciding how data from the website is collected, used and stored is Colina Greenway Limited (registered in England, company number 7586807), referred to in this notice as “we” or “us”.
We may also act as data processor when you email us personal data using the contact details on the website. This is explained further below.
Our registered office and postal address is Sheraton House, Castle Park, Cambridge, CB2 0AX.
If you would like to contact us with any questions, concerns or requests regarding matters covered by this data privacy notice then you should email us at firstname.lastname@example.org, putting “data privacy” in the subject line.
Data collected from website users
If you simply browse the website then a limited amount of personal data is collected, as follows.
Server logs: Your access to the website is logged on the servers that host it. Information we collect includes IP addresses, browser type, referring/exit pages, platform type and time stamps. This information may be used by trusted third parties, in accordance with our instructions, for administration of the site and to assist in tracing the source of any attack on the website servers. This data will be deleted from the server logs after a maximum of 2 months.
Cookies used on this website
The website uses the following cookies:
Utilities: We use Google Maps on our contact page. We have no control over the content of the cookies set by Google but you do have the option to decline the cookie when you visit the contact page. In that case you will not be able to use Google Maps on the website but the rest of the website will function as normal. Most of the cookies are set to expire 10 years after your last visit to a page containing a Google Map. You can view Google’s privacy policies at policies.google.com/privacy.
Preferences: We set a cookie, either cc_cookie_accept or cc_cookie_decline to keep your cookies preference stored. Your preference will be stored for 1 year after you have set it.
How we process data emailed to us from the website
If you email us from the website we will use the data that you send to us, including your email address, any other contact details and details regarding the nature of your request to enable us respond to the query or message that you have sent. For these purposes we are acting as a data processor and we use the data that you have supplied solely to respond with the information that you are seeking.
If we do not form a business relationship with you as a result of your initial email communication we will not use the data you have supplied for any purpose other than responding to any subsequent requests from you (if applicable) or any request from a regulatory authority. We will not use any information that you send to us for marketing purposes unless we have received your express consent to do so. We do not operate any automated decision making processes on personal data we receive.
If following an initial contact using the email address on the website you form a business relationship with us, for example as a client or supplier, then we will process your personal data in line with our more detailed practice data privacy notice which you can download here.
How we store personal data and how long we keep it.
If you do not form a business relationship with us following your initial contact via the website then we will keep a record of our correspondence for up to six years. Our lawful basis for holding your data is legitimate interests, both ours and yours. Your legitimate interests are served if for example you come back to us at a later date regarding the same issue. Our legitimate interests are in being able to evidence the nature of our correspondence should we receive any complaints or enquiries from a regulatory authority.
We use a third party data processor to host our IT systems, which are cloud-based. Our website is hosted by Clook and our practice management systems by Select Legal Limited. Both our third party suppliers are contractually bound to keep your personal data confidential and not to use it for any purpose other than one we authorise. Our third party suppliers maintain best practice standards to ensure data security and both meet ISO27001. All your personal data is stored on servers within the UK.