Robot Day's Data Terms and Conditions
Please read our information about how we handle your data, and terms and conditions.
What we collect
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, depending on how you use the site, we collect the Internet protocol (IP) address used to connect your computer to the Internet; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse to or away from the page. When you conduct a transaction on our website or interact with Robot Day in any other way, as part of the process, we also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, reviews, recommendations, and personal profiles. Your personal information will be used for the purpose(s) of your interactions with us or that you otherwise agree to only.
How we collect data
Our website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to share our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS (Payment Card Industry Data Security Standard) requirements help ensure the secure handling of credit card information by our store and its service providers. Our payments provider is SumUp (https://www.sumup.com). SumUp is PCI DSS approved.
How we communicate with you
We may contact you to notify you regarding payments, to troubleshoot problems with, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about Robot Day, or as otherwise necessary to contact you to enforce applicable national laws and any agreement we may have with you. We will only contact you for essential purposes and other purposes that you have agreed to. For these purposes we may contact you via email, telephone, text messages, and postal mail.
To learn more about cookies and why they are used, visit https://allaboutcookies.org
Wix.com may place the cookies listed at this site on your computer: https://support.wix.com/en/article/cookies-and-your-wix-site#types-of-cookies
We also incorporate the Meta Pixel technology on our site: https://www.facebook.com/privacy/policies/cookies/
The following links explain how to access cookie settings in various browsers:
To opt out of being tracked by Google Analytics across all websites, visit this link: http://tools.google.com/dlpage/gaoptout.
Data shall be held by Robot Day as follows:
Data shall be held in accordance with the law in the country where the data is held, in UK to include GDPR and Data Protection laws;
Ensure that data is held in a secure computer device with an adequate up-to-date firewall protection;
Ensure that all data is backed up onto a secure cloud storage service;
Ensure that suspected and actual contraventions of data safeguarding are investigated and the investigation reported to the Robot Day Committee;
Ensure that the recommendations of the Robot Day Committee are carried out;
Report to the Robot Day Committee that their recommendations have been carried out or otherwise.
The Data Controller for Robot Day is Derrick Willer who is registered with the Information Commissioner.
Name: DERRICK WILLER
Registration reference: Z8242331
All committee members, volunteers and parties acting on behalf of Robot Day shall observe this policy, having regard to guidance published by the Information Commissioner including Good Practice Notes.
The DPA provides individuals with important rights, including the right to find out what personal information is held on computer and most paper records. You also have the right to to access, correct, amend or delete any personal information we have about you.
Enquiries should be directed to: firstname.lastname@example.org
Data Protection Principles
The principles of the act are summarised as:
Personal data should be obtained and processed fairly and lawfully
Personal data can be held only for specified and lawful purposes
Personal data should be adequate, relevant and not excessive for the required purpose
Personal data should be accurate and kept up-to-date
Personal data should not be kept for longer than is necessary
Data must be processed in accordance with the rights of the data subject
Appropriate security measures must be taken against unauthorised access
Personal data cannot be transferred to countries outside the E.U. unless the country has similar legislation to the DPA.
All Robot Day Personnel shall maintain as confidential all information gained in the course of business from whatever source. This includes but is not restricted to all Robot Day information and all personal information about all Robot Day contributors, partner and visitors.
Personnel are reminded of their duties at frequent intervals.
Personnel suspecting that a breach of confidentiality has occurred or is suspected shall immediately inform a committee member who shall investigate.
Breaches shall be investigated and managed having regard to Guidance On Data Security Breach Management published by the Information Commissioner.
The Data Controller shall be responsible for the security of all Robot Day data and shall ensure that the following requirements are met:
All IT equipment shall have automatically updated firewalls;
Access to data stored on computers and servers shall be limited to named individuals and be password controlled. All passwords must: contain alpha, numeric and non-alphanumeric characters; be at least 8 characters long; and be different from those used to access personal computers and accounts;
Disposal of IT equipment shall include the removal of all data on the equipment and the media reformatted to ensure obliteration before disposal;
Data shall be stored in defined folders according to the nature of the data. Access to specified files and folders requiring heightened security, e.g. database, personal records, accounts, shall be limited to committee members and other named persons;
Data held as hard copy in files shall be held in cabinets that are locked when not in use and destroyed at the earliest opportunity when no longer required;
Subcontractors and partners used to provide services shall have policies implemented to prevent unauthorised access to Robot Day data provided to and held by the subcontractor.
Updates to this policy
This Data Protection Policy shall be audited at least once annually by the Robot Day committee.