1. Who We Are

GloucesterSquare.org is operated on behalf of the Gloucester Square Garden Committee, their appointed agent, and the website administrator. This website address is: https://gloucestersquare.org.

For UK data protection law, personal data processed via this website is jointly controlled by:

• Gloucester Square Garden Committee
• The appointed agent acting on behalf of the Committee
• The website administrator of GloucesterSquare.org

References to “we”, “us”, or “our” mean the above parties collectively.

2. Definitions

Personal Data: any information that can identify a living individual.

Processing: any operation performed on personal data.

Data Controller: the entity determining the purpose and means of processing.

Data Processor: a third party processing data on our behalf.

3. Information We Collect

Information provided directly

We may collect your name, email address, telephone number, property or residency details, the content of messages or enquiries, attachments you upload, and any comments you leave on the site.

Information collected automatically

We may collect your IP address, browser type and user agent, pages visited, time spent on the site, and diagnostic logs generated by WordPress and security plug-ins.

Comments

When visitors leave comments, we collect the data shown in the comments form along with the visitor’s IP address and browser user agent string for spam detection.

An anonymised hash of your email address may be provided to the Gravatar service. After approval of your comment, your profile image may appear publicly.

Media uploads

If you upload images, avoid including location data (EXIF GPS) as visitors may download and extract such information.

Children

This website is not intended for children under 16 and we do not knowingly collect data from children.

We do not request or intentionally collect special-category data.

4. Cookies

GloucesterSquare.org uses cookies for WordPress functionality, login recognition, screen preferences, and comment convenience.

Comment cookies

If you leave a comment, you may opt-in to saving your name, email, and website in cookies that last for one year.

Login cookies

When you visit the login page, a temporary cookie is set to test whether your browser accepts cookies. Login and screen options cookies may also be set and retained for varying durations.

Essential operational cookies

These cookies are necessary for basic site operation and security.

5. Embedded Content

Articles may include embedded content (videos, images, articles). Embedded content behaves exactly as if you visited the external website, which may collect data, use cookies, and track your interactions.

6. How We Use Your Data

Your data is used to respond to enquiries, manage Garden matters, handle requests, operate and secure the website, fulfil legal obligations, and maintain administrative records.

We rely on the following lawful bases under UK-GDPR:

• Consent
• Legitimate Interests
• Contractual Necessity
• Legal Obligation

We do not use your data for marketing without explicit permission, and we do not use automated decision-making or profiling.

7. Who We Share Your Data With

Your data may be shared with:

• Members of the Gloucester Square Garden Committee
• The appointed agent
• The website administrator
• Specialist contractors (IT, security, maintenance)
• Hosting and email service providers
• Automated spam detection services

If you request a password reset, your IP address may be included in the reset email.

We never sell or trade personal data.

8. International Transfers

Your data may be processed on servers outside the UK, though we make every effort to utilise local servers where practically available.

9. Data Retention

We retain data only as long as necessary:

• Comments: retained indefinitely
• Registered user profiles (if applicable): stored until deleted
• General enquiries: up to 15 years
• Administrative emails: up to 15 years
• Technical logs: 14–90 days

You may request deletion where appropriate.

10. Your Rights

You have the right to access, rectify, delete, restrict, object to processing, and request data portability. You may also withdraw consent at any time.

You may lodge a complaint with the Information Commissioner’s Office (ICO): https://ico.org.uk

11. Where Your Data Is Sent

Visitor comments may be checked through automated spam-detection services. Backups and emails may pass through secure cloud systems.

12. Security

We implement SSL encryption, access controls, secure hosting, regular updates, and security plug-ins. No website can fully guarantee security.

13. Consequences of Not Providing Data

If information is required to fulfil your request (e.g., key requests, event bookings), we may be unable to proceed without it.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically. The latest version will always appear on this page.

15. Contact Us

For questions or data protection requests, please contact us using the details provided on our Contact page.