Who we are

Our website address is: https://cricketsocietytrust.org.uk. We request that you contact us via our Contact form.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Cookies

If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

Your IP may be passed with anonomysed data to plugins which defend and protect our site from malicious access, such as Cloudflare, to plugins which track visits, such as Google Analytics, or Akismet, Jetpack and other Automattic products in the use of this blog. All data is anonomysed and is frequently a hash and IP address or simply an IP address, the time on the site and any actions you take, such as the areas of the site you interact with. Submission of comments or forms mean we could match your data to areas of our stats, but we choose not to use our data in this way and use anonymous processing only.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. You may do so on our ‘erase request’ page.

Where we send your data

Visitor comments may be checked through an automated spam detection service. Form submissions are stored with all data submitted, including your IP address and emailed to both our host, and our team. Nothing is sent outside of the company.

What we do if we are breached

In the unlikely event of a discovered or reported breach, our host will audit and inform us if your data has been compromised. As our donation collection is through a third party, and we do not serve or retain your donation information or payment information, the worst case scenario is a loss of emails and password, if you create an account with us. As all comments are public, the worst case scenario with that data is they could link your name, email and IP at time of comment. As all personally identifiable information is of some use, we take our responsibility to protect this seriously, so, if you are commenting via a created an account, we advise as all sites do that you use a unique password. We will inform you within 15 working days of any breaches we are made aware of, and let you know what we’ve done to remedy it. We actively work to prevent these attacks via our host and proactively remaining up to date.

Our DPO contact

Our DPO contact is info@cricketsocietytrust dot org.uk. Please correct the dot of our email address into the symbol to contact us. You may contact us there, or via our contact form with any questions you may have.

Plugin specific data collection

We use a number of plugins which have extra features that we may have mentioned, but for completeness, have outlined the actions of each here.

Forminator (Contact forms, polls, quizzes)

Suggested text:When visitors or users submit a form, we capture the IP Address for spam protection. We also capture the email address and might capture other personal data included in the Form fields.

How long we retain your data

When visitors or users submit a form we retain the data for 30 days.

Where we send your data

All collected data on our contact forms:
We use this to process and answer any queries you have.
Any data collected in our quizzes or polls:
We use this internally for market research, fun, or anonymised whitepapers. We may share information with allied partners, but never sell or distribute your data to third parties.

Beehive Pro

This website uses Google Analytics to track website traffic. Collected data is processed in such a way that visitors cannot be identified.

Hummingbird

Hummingbird uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s privacy policy can be found here.

WP Smush

Smush uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s privacy policy can be found here.

Litespeed

This site utilizes caching in order to facilitate a faster response time and better user experience. Caching potentially stores a duplicate copy of every web page that is on display on this site. All cache files are temporary, and are never accessed by any third party, except as necessary to obtain technical support from the cache plugin vendor. Cache files expire on a schedule set by the site administrator, but may easily be purged by the admin before their natural expiration, if necessary. We may use QUIC.cloud services to process & cache your data temporarily.

Please see https://quic.cloud/privacy-policy/ for more details.

Akismet

We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

Cloudflare

Cloudflare uses a CDN to serve people, and tracks IP addresses for basic analytics in an anonymized way.

Backups

We use two backup systems on our site – a weekly, incremental backup which expires after 89 days to be replaced by the latest incremental backup, and our host stores daily backups. Both are exempt from ‘erase me’ requests, but to ensure that should we need to remove you after backup removal, we retain remove me requests via contact form or the internal system if you have an account on our site for up to 180 days, at which point they should expire off our backups and will no longer be needed. Our internal tracking for ‘erase me’ requests depend on the type of request. To prove we have not breached contact rules and you have requested contact, we keep these items for up to three years and these records can be accessed by any party who legally requires that access, including the criminal justice system, police and any third parties we’ve interacted with in good faith based on your request.
You can read more on why this is accepted practice under current GDPR provision here.

Third party privacy policies

We use various third parties to ensure a smooth and feature rich environment. Please review these policies if you have any questions about their policies. We cannot erase your data with them, their policies outline their retention and erasure rules.

Versioning

Created and updated 27th August 2021