Your Privacy and GDPR
As part of running our websites, the CMS Made Simple Foundation sometimes needs to collect, maintain and use personal data about you. That will primarily be if you are a member of our online community (hereafter known as the CMSMS community). In keeping with European directives on personal data, known as the General Data Protection Act, this document lays out information about the data that we may keep about you. If you live within a country that has ratified the GDPR into law this document is the first place you should refer to in order to check your rights.
Just so you know, the legal basis that we have to process your data falls into three categories: Firstly, if you have a contract with us – for example if you are an existing supplier. Secondly, if you’ve provided consent – for example, if you’ve consented to receive a newsletter from us or joined our online community. Thirdly, if we have a legitimate reason – for example, you have asked us for a quote using our ‘hire-a-dev’ process and we have entered you into our project management system to manage the process.
Any personal information you give us, either on this website (for example, via a contact form), via email or direct mail, phone contact or direct contact in person will never be sold, rented or made public without your consent.
We take your privacy seriously. We’ll only use your information to administer your account or provide the services and/or information you’ve asked for. Sometimes, to do that we might need to pass information on to a third party (for example your email into a newsletter sending system). When we do, we’ll use safe, reliable, GDPR compliant services who won’t pass your personal details anywhere else.
Information we collect
- Site visits tracking
We collect visitor behaviour on our website. This tells us which pages are visited, the sorts of searches that are used to find us what people do on the site when they are there. It doesn’t tell us anything personal about the people visiting the site, just how they click around.
If you want to know more about cookies visit www.aboutcookies.org.
We use the data to make changes on our website based on what we see visitors are doing.
- Contact by form, email link and telephone
If you email us, either using a website contact form or by sending a direct email, we’ll get that information in an email. That data isn’t stored on our website.
If you contact us using any other method and we need to store your details for any of the legal bases explained, we’ll store it safely on computers that are regularly maintained and safely kept.
We may keep a record of contacts (such as emails that have been sent and received), but again we won’t use the details for anything other than the relevant legal reasons stated.
On occasion, we’ll send marketing and information emails. We’ll only send these emails if you’ve asked to get emails via a newsletter signup form / documented social media request.
If you’ve asked to get our marketing, you may opt out any time. There’ll be an unsubscribe link in each newsletter or you can contact us (see below).
If you are under 16? Legally you must obtain parental consent before joining email newsletters.
- Online membership to our websites and/or forums
If you are part of the CMSMS Community, you will have joined one or more parts of it using online signup forms. By joining the parts, you have provided consent for us to store some information. The main parts of the community that you may have joined are:
· The CMSMS Forums – a user forum providing various community boards to support users of CMSMS
· The themes site - a repository for CMS Made Simple website themes that allows registered members to make their themes available for commercial and/or free download.
· The Forge – a repository for CMSMS modules that allows signed up members to make their modules available for community use, submit bug reports on other modules and collaborate on the sharing or appropriate information.
· The Translation Center – A community for translation projects to get CMSMS into multiple languages. This uses the same signup as the forge.
What we do with that information
Where appropriate, we’ll use the information we keep about you to:
- Allow access through login to the CMSMS Community.
- To send you information that you’ve asked for.
- To carry out our obligations arising from any contracts entered into between you and us.
- To keep you informed about CMS Made Simple and the community through newsletters
Access to your information and correction
You have a number of rights including the right to request a copy of the information that is held about you. If you’d to know what information is held, please email us and we'll reply to you by email. Legally that’s within one working month, but we’ll aim to reply as soon as we can. We want to make sure that your personal information is accurate and up to date. So, once you have any information, you can ask us to correct or remove anything you think is wrong. For a full list of your rights, have a look at the appropriate GDPR governing body’s website for your country.
We’ll normally be happy to help at no charge, however where requests are manifestly unfounded, excessive, or repetitive after an initial, responded to, request, we’ll potentially charge an admin fee to cover the time taken to fulfil the request.
Third Party Processors
We use a number of third parties to process personal data for us. These third parties have been carefully chosen and, to the best of our knowledge, all of them comply with current legislation where applicable for their country. We may need to share your information with them in order to process products or services. This may be within the UK or outside including the United States and countries outside of Europe.
We will report any unlawful data breaches of data held by us to the ICO as required by the appropriate country where the data breach has taken place. Where possible this will be within 72 hours of becoming aware of a breach taking place if it is apparent that personal data stored in an identifiable manner has been stolen.
Where possible (transferral of files) between this website and your web browser is encrypted and delivered over HTTPS. At the time of writing this policy, this is all websites apart from the forge.
As a small organisation, we don’t need to have an official Data Protection Officer. Please contact us using the form below to make an enquiry specifically relating to data protection, the GDPR and you.