Privacy Statement for User Data Submitted via Web Forms

At the CSGLO, we are committed to protecting the privacy and personal data of all individuals who interact with us. This statement outlines how we collect, process, store, and protect personal data submitted through our web forms, in compliance with the General Data Protection Regulation (GDPR).

1. Purpose of Data Collection

When you submit a message via our web form, we collect any personal data that you provide, including:

1. Name
2. Email address
3. Additional information provided in the message

This data is collected to:

1. Respond to your query or request.
2. Provide the services or information you have requested.
3. Ensure efficient communication with you.

2. How Your Data is Processed

1. Transmission:
2. Data submitted through our web form is transmitted securely using SSL/TLS encryption to our servers.
3. Hosting and Processing:
4. Our web and email services are hosted on secure servers managed by trusted third-party service providers. These providers act as data processors under GDPR and are contractually bound to process data only as instructed by us and to maintain appropriate security measures.
5. Access:
6. Data is accessed only by authorised staff through a secure browser-based email portal, protected by encryption (SSL/TLS), authentication, and access controls.

3. Data Security Measures

We take all reasonable precautions to ensure the security of your personal data, including:

1. Encryption in Transit:
2. All data transmissions between users and our servers are encrypted using SSL/TLS protocols to prevent unauthorised interception.
3. Access Controls:
4. Access to personal data is restricted to authorised personnel who use secure devices and are trained in GDPR compliance.
5. Hosting Security:
6. Our hosting providers implement industry-standard measures, including encryption, physical security, and regular monitoring, to protect data.

4. Retention of Personal Data

Your personal data will be retained only for as long as necessary to address your query or request. Specifically:

1. Your personal data will be retained for as long as necessary to address your query or request.
2. Due to the nature of our services, which involve navigating complaints and disputes, we may retain communications indefinitely where necessary to ensure continuity, prevent harm, or provide evidence for dispute resolution or accountability purposes.
3. We periodically review retained communications to ensure their ongoing relevance. Data that is no longer necessary will be securely deleted.
4. If you wish to request deletion of specific data, please contact us. We will consider your request in line with our legal obligations and legitimate interests.

5. Your Rights Under GDPR

As a data subject, you have the following rights:

1. Right to Access: You may request a copy of the data we hold about you.
2. Right to Rectification: You can request corrections to inaccurate or incomplete data.
3. Right to Erasure: You can request that your data be deleted, subject to legal or contractual obligations.
4. Right to Restrict Processing: You can request limited processing of your data in certain circumstances.
5. Right to Data Portability: You can request your data in a structured, commonly used format for transfer to another organisation.

To exercise your rights under GDPR, please contact our Data Protection Officer at data-request@csglo.org.

6. Contact Information

We take extensive precautions to ensure the security of your personal data, including the use of SSL/TLS encryption for email communications.

If you prefer an alternative communication method, such as phone or secure messaging, please contact us using the contact details provided on the Contact page.