Jump to content

Privacy Policy

Derby County FC Fans Forum


updated 15th February 2018



Please read the following Privacy Policy carefully to understand how we use and protect the information that you provide to us.

By using www.dcfcfans.uk (“Site”) you consent to the collection, use and transfer of your information under the terms of this Privacy Policy.

This notice is issued by Derby County FC Fans Forum, owned and operated by Mr David Hinds, ("we", "us", “our”) and we are committed to protecting and respecting your privacy.

This Privacy Policy together with our Terms of Use and any other documents referred to on our Site) sets out the basis on which your personal data will be processed by us.

For the purpose of the Data Protection Act 1998 (the “Act”), and the General Data Protection Regulation (“GDPR”) the data controller is Mr David Hinds. 

We may make changes to our Privacy Policy from time to time and when we change the policy in a material way [a notice will be posted on our Site along with the updated Privacy Policy.

You are not required to provide the personal information that we request, but, if you choose not to do so, it may not be possible for us to provide the level of service that you would otherwise receive.

1. Information we may collect from you

1.1. Information collected directly from you

1.We may collect the following information directly from you: 

(a) Your name, gender, e-mail address; and

(b) Information that you provide by engaging in forums on the website, by filling in forms on www.dcfcfans.uk; or by corresponding with us by e-mail or otherwise, for instance, through surveys.

2. We may also collect information when you:

(a) report a problem with the Site; 

(b) register to use the Site; 

(c) enter a competition, promotion, or survey; or

(d) participate in discussion boards or other social media functions on the Site (including our blog).

1.2 Information collected automatically
We may collect some information automatically and store it in log files. This information includes Internet Protocol (“IP”) addresses, browser type and language, Internet Service Provider (“ISP”), referring and exit websites and applications, operating system, date/time stamp, and clickstream data.

We use this information to understand and analyse trends, to administer the Site, to learn about, subscribers’, users’, visitors’, members’ or guests’ (“Visitor”) behaviour on the Site, to improve our product and services, and to gather demographic information about our Visitors as a whole.

1.3 Information collected via Third Parties

We may collect the information via trusted third parties who provide services to you through different websites we operate or other services we provide including business partners, sub-contractors, advertising networks, analytics providers, search information providers, credit reference agencies, and website, hosting and maintenance providers.

2. Cookies

2.1. Our Site uses cookies to distinguish you from other Visitors to our Site. This helps us to provide a better experience when you browse our Site and also allows us to make improvements. 

2.2. Unless otherwise indicated, the Site does not store any information that would, on its own, allow us to identify Visitors without their permission. Any cookies that may be used by this Site are used either solely on a per session basis or to maintain Visitor preferences. Cookies are not shared with any third parties.

2.3. Google, as a third-party vendor, uses cookies to serve advertisements on the Site. Google's use of the DART cookie enables it to serve advertisements to Visitors based on their visit to the Site and other sites on the Internet. Visitors may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy at the following URL - http://www.google.com/privacy/ads/. Some of our advertising partners, such as Google Adsense, may use cookies and web beacons on our Site.

2.4. If you wish to disable cookies, you may do so through your individual browser options. More detailed information about cookie management with specific web browsers can be found at the browsers' respective websites.

3. Uses made of the information

3.1. We use information held about you in the following ways:

3.1.1 to manage any registered accounts that you hold with us;

3.1.2 to verify your identity; 

3.1.3. to train our employees in respect of providing services to Visitors; 

3.1.4. to ensure that content from our Site is presented in the most effective manner for you and for your computer and as part of our efforts to keep our Site safe and secure;

3.1.5. to administer our Site; 

3.1.6. to carry out internal operations, including troubleshooting, data and statistical analysis, testing and research;

3.1.7. to send you our promotional materials (or promotional materials of Derby County Football Club) or provide you with information regarding special offers and new ranges that you request from us or which we feel may interest you;

3.1.8. to monitor and understand the interests and preferences of fans of Derby County Football Club and Visitors;

3.1.9. to allow you to participate in interactive features of our service, when you choose to do so;

3.1.10. to notify you about changes to our service; and

3.1.11. where we have a legal duty to use or disclose your information (for example, in relation to an investigation by a public authority or in a legal dispute).

4. Legal basis for us processing your personal data

4.1 General 

In general, we only rely on consent as a legal basis for processing in relation to sending direct marketing communications to you via email or post. 

You have the right to withdraw consent at any time and where consent is the only legal basis for processing, we will cease to process data after your consent is withdrawn.

4.1.1. We collect and use your personal data because it is necessary for:

(a) complying with our legal obligations; or

(b) the pursuit of our legitimate interests including but not limited to:

(i) supplying services to you;

(ii) protecting Visitors, employees and other individuals and maintaining their safety, health and welfare;

(iii) promoting, marketing and advertising our products and services or those of Derby County Football Club;

(iv) understanding our Visitors’ behaviour, activities, preferences, and needs;

(v) improving existing services and developing new ones;

(vi) complying with our legal and regulatory obligations;

(vii) preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;

(viii) handling Visitor contacts, queries, complaints or disputes;

(ix) protecting us, our employees and Visitors, by taking appropriate legal action against third parties who have committed criminal acts, or are in breach of legal obligations to us;

(x) effectively handling any legal claims or regulatory enforcement actions taken against us;

(xi) training our employees in respect of providing services to Visitors. 

5. Disclosure of your information to third parties

5.1. Service Providers

1. In order to make certain services available to you, we may need to share your personal data with members of our group and some of our service partners including:

(a) Derby County Football Club in order to assist them in tailoring their communications to you and understanding the interests and preferences of their fans and Visitors;

(b) advertisers and advertising networks that require the data to select and serve relevant adverts to you and others;

(c) analytics and search engine providers that assist us in the improvement and optimisation of our Site;

(d) business partners, suppliers and sub-contractors for the performance of any contract we enter into with them in relation to processing or delivering your goods; and/or

(e) any other business partner, supplier or subcontractor.

5.2. Other Third Parties

5.2.1 Aside from our service providers and/or Derby County Football Club, we will not disclose your personal data to any third party, except as set out below and we will never sell or rent your data to other organisations for marketing purposes.

5.2.2 We may, however, share your data with:

(a) prospective sellers or buyers, in the event that we sell or buy any business or assets, in which case we may need to disclose your personal data to a prospective buyer or seller; and

(b) prospective third parties which acquire our assets, in the event that we are acquired by a third party, in which case personal data we hold will be transferred to the third party acquiring our other assets.

(c) Governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers:

(i) in order to enforce or apply our terms of website use or terms and conditions of sale and other agreements;

(ii) to protect the rights, property, or safety of, our Visitors, or others (this includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction; or

(iii) where we are required to do so to comply with our legal obligations, to exercise our legal rights (for example in court cases), for the prevention, detection, investigation of crime or prosecution of offenders; and for the protection of our employees and Visitors.

6. Where we store your personal data

6.1. The personal data that we collect from you may be transferred to, and stored at a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

7. How we protect your data

7.1. We are committed to keeping your personal data safe and secure. 

1. Our security measures include: 

(a) encryption of data;

(b) regular cyber security assessments of all service providers who may handle your personal data;

(c) regular scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents;

(d) monthly penetration testing of systems; and

(e) security controls which protect our entire infrastructure from external attack and unauthorised access.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk.

8. Duration of storage

8.1. We will not retain your data for longer than necessary for the purposes set out in this policy unless a longer retention period is required or permitted by law.

9. Links to other Websites

9.1. Our Site may contain links to third party websites, and some of our services provide you with access to third party services (such as social networks).

9.2. We have no control over how third-party websites and services process your personal information. We do not review third party websites and services, and we are not responsible for such third-party websites and services or their privacy practices. Please read the privacy statements of any third-party websites or services that you access from our websites or services.

10. Your rights

10.1. The rights that you have in your personal data are due to be expanded significantly after a new law, the GDPR, comes into force on 25 May 2018. 

10.2. We are committed to handling your personal data in the right way and we welcome the new rights introduced; your enhanced rights as from 25 May 2018 are set out below:

10.2.1. You may opt out of any marketing communications that we send you, even after initially consenting.

10.2.2. Your information will be treated securely and strictly in accordance with the Data Protection Act 1998 (and the GDPR, when it comes into force).  

10.2.3. You have the right to access information held about you. Any access request may be subject to a fee specified by law (currently of £10.00). After 25 May 2018, we will not charge a standard administrative fee of £10.00 but please note we may still be able to recover costs from you where your request is vexatious or very repetitive in nature.

10.2.4. You have the right to ask us (at no cost) to update and correct any personal information which is out of date or incorrect. 

10.2.5. You have the right to ask us to erase your personal data or restrict our processing of the data if you wish. 

10.2.6. Where you have consented to our processing your data in a certain manner, you have the right to withdraw that consent at any time. 

10.2.7. You have the right to make a complaint directly with the Information Commissioner’s Office (“ICO”). In order to report a concern, you should follow the directions given on www.ico.org.uk which contains details about available methods of complaint.   

10.2.8. You have the right to receive from us a copy of the personal data in a commonly used, machine readable format and the right to store it for further personal use on a private device.

You have the right to transmit the personal data to another entity where this is technically possible. 

You can help ensure that your contact information and communication preferences are accurate, complete, and up to date by contacting us via the Contact Us page available here.

If you want to learn more about the rights you have in respect of your personal data, you should visit the ICO’s website at www.ico.gov.uk.

11. Contact

Questions, comments and requests regarding this privacy policy are welcomed, please use the Contact Us page, available here.

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.