We are registered with the Information Commissioner's Data Protection Register no. Z1179257
This policy explains how the Open Rights Group uses any information you provide to us.
1. The Open Rights Group is operated by Open Rights (a company limited by guarantee and registered in England and Wales with Company Number 05581537) ("us"). You may contact us at the following address:
Open Rights Group 12 Duke's Road London WC1H 9AD
2. The information you provide to us will be used to develop and maintain the community, in particular to offer opportunities to engage with our activities and defend your rights. We may contact you when we start new campaign activities, such as petitions or writing to your MP. You may opt out from receiving such invitations. Supporters will also receive core updates - monthly campaign emails and occasional fundraising notices - on an opt-out basis. New campaign email lists will be maintained on an opt-in basis.
3. We shall never voluntarily share your information with a third party for their own use, and will fight to the degree that we are able any legal or government action that attempts to obtain such data. We will keep a public list (click to view) of any third party service providers that we use to further our stated purposes. Supporters will be given 14 days notice before any changes to this list.
4. We will not transfer any information that we hold on you to anyone outside the European Economic Area. Unless there is an equivalent data protection regime, as provided for example by the US Safe Harbour agreement.
Cookies, logging and tracking
5. Where cookies are used on our sites they are used for technical and security purposes, such as logins, and not for general visitor profiling.
We use a self-hosted analytics software, Piwik, that has been configured to only partially track IP addresses (the first three octets of an IPv4 address) and is configured to respect the DNT header when sent.
In some circumstances, where third-party services are embedded within pages (e.g. forms), other tracking services may be introduced.
Server access logs are kept for a short period and only used for technical and security purposes and not for general visitor profiling.
Subject access requests
6. Under the Data Protection Act, you may at any time request a copy of the information we hold on you (for which we may charge a small fee to offset our administration costs) by writing to us at the above address.