Privacy Policy
How we collect, use, and protect your personal information in compliance with UK GDPR and data protection laws.
1. Who We Are
Chiswick News Ltd is a local news publisher serving the Chiswick community in West London. We are the data controller for the personal information we collect and process.
Data Controller Details:
- Company: Chiswick News Ltd
- Email: news@chiswicknews.co.uk
2. Information We Collect
We collect information about you when you:
- Create an account or register for our services
- Subscribe to our newsletter
- Comment on articles
- Contact us via our contact forms
- Visit our website (through cookies and similar technologies)
- Submit content, press releases, or event listings
Personal Information We Collect:
| Type of Data | Examples | Purpose | Legal Basis |
|---|---|---|---|
| Account Information | Name, email address, display name, password | Account management, authentication | Contract performance |
| Communication Data | Email content, contact form submissions | Responding to enquiries, customer service | Legitimate interests |
| Usage Data | Page views, article preferences, reading history | Website improvement, content recommendations | Legitimate interests |
| Technical Data | IP address, browser type, device information | Security, analytics, website functionality | Legitimate interests |
| Marketing Data | Newsletter subscription preferences | Email marketing (with consent) | Consent |
| User Content | Comments, submitted articles, photos | Publishing user-generated content | Consent/Legitimate interests |
3. How We Use Your Information
We process your personal information for the following purposes:
3.1 Service Provision
- Creating and managing your account
- Enabling you to comment on articles
- Processing your submissions (articles, events, press releases)
- Providing customer support
3.2 Communication
- Sending you our newsletter (with your consent)
- Responding to your enquiries and feedback
- Sending important service updates
- Notifying you about changes to our policies
3.3 Website Improvement
- Analysing website usage to improve our services
- Understanding which content is most popular
- Optimising website performance and user experience
3.4 Legal and Security
- Protecting against fraud and abuse
- Enforcing our terms of service
- Complying with legal obligations
- Protecting our rights and interests
4. Legal Basis for Processing
Under UK GDPR, we must have a legal basis for processing your personal information. We rely on:
Consent
For newsletter subscriptions, marketing communications, and publishing user-generated content.
Contract Performance
For providing services you've requested, such as account management and commenting functionality.
Legitimate Interests
For website analytics, security, improving our services, and responding to enquiries.
Legal Obligation
For complying with legal requirements, such as responding to law enforcement requests.
5. Who We Share Your Information With
We do not sell your personal information to third parties. We may share your information with:
5.1 Service Providers
- Web hosting providers: For website hosting and maintenance
- Email service providers: For sending newsletters and communications
- Analytics providers: For website analytics (anonymised data)
- Security services: For website security and fraud prevention
5.2 Legal Requirements
We may disclose your information if required by law, such as:
- In response to court orders or legal process
- To comply with regulatory requirements
- To protect our rights or the rights of others
- In cases of suspected criminal activity
5.3 Business Transfers
If our business is acquired or merged, your information may be transferred to the new entity, subject to the same privacy protections.
6. Data Retention
We retain your personal information only as long as necessary for the purposes outlined in this policy:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Until account deletion + 1 year | Legal obligations, fraud prevention |
| Comments and User Content | Indefinitely (unless deletion requested) | Public record, editorial integrity |
| Newsletter Subscriptions | Until unsubscription + 1 year | Compliance records |
| Website Analytics | 26 months (anonymised after 14 months) | Website improvement |
| Contact Form Submissions | 3 years | Customer service records |
| Security Logs | 1 year | Security and fraud prevention |
7. Your Rights Under UK GDPR
You have the following rights regarding your personal information:
Right to be Informed
You have the right to know how your data is being processed (this privacy policy).
Right of Access
You can request a copy of the personal information we hold about you.
Right to Rectification
You can ask us to correct inaccurate or incomplete information.
Right to Erasure
You can request deletion of your personal information in certain circumstances.
Right to Restrict Processing
You can ask us to limit how we use your information in certain circumstances.
Right to Data Portability
You can request your data in a portable format to transfer to another service.
Right to Object
You can object to processing based on legitimate interests or for marketing purposes.
Rights Related to Automated Decision Making
Protection from automated decision-making and profiling (though we don't currently use these).
Exercising Your Rights
To exercise any of these rights, please contact us at news@chiswicknews.co.uk. We will respond within one month of receiving your request. In some cases, we may ask for additional information to verify your identity.
8. Cookies and Tracking Technologies
Our website uses cookies and similar technologies to improve your browsing experience.
Types of Cookies We Use:
- Essential Cookies: Required for website functionality (e.g., login sessions)
- Analytics Cookies: Help us understand how visitors use our website
- Preference Cookies: Remember your settings and preferences
- Marketing Cookies: Used for advertising purposes (with consent)
You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality.
9. Children's Privacy
Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will delete it immediately.
For users aged 13-18, we require parental consent for certain activities, such as newsletter subscriptions and account creation.
10. Data Security
We implement appropriate technical and organisational measures to protect your personal information:
- Encryption: Data transmitted to our website is encrypted using SSL/TLS
- Access Controls: Limited access to personal information on a need-to-know basis
- Regular Updates: We keep our systems and security measures up to date
- Staff Training: Our team is trained on data protection and security practices
- Incident Response: We have procedures in place to respond to security incidents
11. Data Protection Impact Assessments
We conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities to ensure privacy by design and by default.
12. Changes to This Privacy Policy
We may update this privacy policy from time to time. We will notify you of significant changes by:
- Posting a notice on our website
- Sending an email to registered users
- Updating the "last modified" date at the top of this policy
13. Complaints and Contact Information
If you have concerns about how we handle your personal information, please contact us first so we can address your concerns.
Contact Our Team
Right to Complain to the ICO
You have the right to complain to the Information Commissioner's Office (ICO) if you believe we have not handled your personal information appropriately:
