What personal data we collect when you use our website and why we collect it
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to our website (or to our social media pages), you should avoid uploading images with embedded location data (EXIF GPS) included. Other visitors to the website can download and extract your location data from images on the website.
Contact forms
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Google Analytics cookies – these are set for monitoring and tracking visitors behavior on the site.
Limit Login Attempts cookies – this is used by our security software to provide brute force security in logins by monitoring user cookies.
Newsletter Signup
Woodcote Pre-school will collect and store information you submit to us when completing the Newsletter form, for the purpose of sending information, news and / or contacting your directly. We will also record the IP address of the computer that you used when you completed the sign up form. You can unsubscribe from our newsletters at any time.
Embedded content from other websites
Woodcote Pre-school makes use of Google services to generate maps and provide autocompletion when searching for events by location, which may collect data via your browser in accordance to Google’s privacy policy.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Login to see your data that we store if you have made registration arrangements for the site.
You may log into your use profile at any stage to see what records we have on you and may change / delete your records as you wish or request us to alter or remove your records.
Who we share your data with
If you use one of the contact forms, the message can only be seen by our business administration team. We will not disclose your data to any other third-party without your consent.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
How we protect your data and what data breach procedures we have in place
We protect customer data with the following site features:
We are entirely using SSL/HTTPS throughout all our sites. This encrypts our user communications with the servers so personal identifiable information is never captured by third parties without authorization.
Databases are sanitized (actual user personal details are removed) before deploying to development or testing environment.
In case of a data breach, System administrators will immediately go through affected users and will attempt to reset passwords if needed after informing the user.
What third parties we receive data from:
None.
What automated decision making and/or profiling we do with user data
No – it is only used for target market profiling and for marketing our services to you.
Industry regulatory disclosure requirements:
None.
Additional information
Do your plugins track any data?
We do not track any user data via our plugins. But if our plugin depends on any third party service, they might track user data. This can happen in following two ways:
(1) Embedded Widgets
Some of our plugins have features to integrate embedded widgets as is, from third party services (like Facebook Like, Facebook Recommend, Twitter Tweet official buttons). It is very likely that these widgets will become GDPR compliant before May 25th. Apart from this, you can include relevant text in the privacy policy of your website that we have mentioned below.
(2) Third-party APIs/Connections
Our plugins send request to third party APIs via website-visitor’s web browser to fetch information (like social shares, social comment count). This request made by web browser may include IP address, which can then be seen by the third-party that it’s being requested from. This API request doesn’t include any personal data of the website user other than the IP address. To make your users aware of this, you can include relevant snippets in your website’s privacy policy.
Where is the data collected by your plugins stored?
We do not store any data fetched by our plugins on our servers, neither we share that data with any third party. Our plugins run absolutely on your website and store the data in the database of your website.
Do your plugins load any external scripts?
As mentioned before, our plugins run absolutely from your website and hence load the scripts too from your website with exception of third-party embedded widgets (like Facebook Like/Recommend official button, Twitter tweet official button, Facebook Comments) which require our plugin to load scripts from the servers of relevant service. You can include relevant snippets in the Privacy Policy of your website stating how these services handle privacy of your users.
Plugin: Smush
Note: Smush does not interact with end users on your website. The only input option Smush has is to a newsletter subscription for site admins only. If you would like to notify your users of this in your privacy policy, you can use the information below.
Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.
Source: Snapshot Backup software
(1) Third parties
This site may be using a third-party to store backups of its files and database where personal information is collected. These services include Google Drive, Dropbox, Amazon S3, FTP/SFTP for other servers and WPMU DEV cloud storage.
(2) Additional data
This site gives the option to its administrators to set up third-party destinations for sending and receiving backups. To create these destinations, personal data is stored. This data includes the administrator’s name, email, UID and country for Dropbox accounts and credentials for FTP accounts.
(3) Cookies
This site might be using cookies on the admin side for establishing connections with third-party vendors for sending and receiving backups. These vendors include Google Drive, Dropbox, Amazon S3 and phpseclib for FTP accounts. Additionally, cookies may be set for potentially fixing cron requests at erratic servers. These cookies will last for 14 days.
Social Media and Analytics
We use Google Analytics to track social shares made at our website. Google automatically collect and store certain information in their server logs which includes device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL, cookies that may uniquely identify your browser or your Google Account, in accordance with their data privacy policy: https://policies.google.com/privacy
Facebook Like, Facebook Recommend, Facebook Share official buttons
We embed a Facebook widget to allow you to see number of likes/shares/recommends and “like/share/recommend” our webpages. This widget may collect your IP address, your web browser User Agent, store and retrieve cookies on your browser, embed additional tracking, and monitor your interaction with the widget, including correlating your Facebook account with whatever action you take within the widget (such as “liking/sharing/recommending” our webpage), if you are logged in to Facebook. For more information about how this data may be used, please see Facebook’s data privacy policy: https://www.facebook.com/about/privacy/update
Twitter Tweet official button
We use a Twitter Tweet widget at our website. As a result, our website makes requests to Twitter’s servers for you to be able to tweet our webpages using your Twitter account. These requests make your IP address visible to Twitter, who may use it in accordance with their data privacy policy: https://twitter.com/en/privacy#update
GooglePlus, GooglePlus Share official buttons
We use a GooglePlus widget at our website. As a result, our website makes requests to Google’s servers for you to be able to share our webpages using your GooglePlus account. These requests make your IP address visible to Google, who may use it in accordance with their data privacy policy: https://policies.google.com/privacy
Linkedin Share official button
We use a Linkedin Share widget at our website to allow you to share our webpages on Linkedin. These requests may track your IP address in accordance with their data privacy policy: https://www.linkedin.com/legal/privacy-policy
Pinterest Save official button
We use Pinterest Save widget at our website to allow you to pin images to Pinterest from our webpages. These requests may track your IP address in accordance with their data privacy policy: https://policy.pinterest.com/en/privacy-policy
Instagram Save official button
We use Instagram Save widget at our website to allow you to pin images to Instagram from our webpages. These requests may track your IP address in accordance with their data privacy policy: https://help.instagram.com/325135857663734/?helpref=hc_fnav&bc[0]=Instagram%20Help&bc[1]=Privacy%20and%20Safety%20Center
