UK Modern Slavery Statement text goes here.
Vivamus Frna Diam Feugiat Sit
8. The information should be provided in all languages in which the website is offered and in particular in the language of the country where personal data are collected, or, in other words, in the language of the audience at who the website is aimed.
9. If cookies are placed or collected on the equipment (including mobile equipment) of the website’s users, or if access to the users’ equipment is obtained, the user should:
(2) be asked to provide explicit consent (opt in) before placing or using the cookies or obtaining access to the equipment. All other cookies, (in particular first- or third-party tracking cookies used for visitor profiling and tracking surfing and searching behaviour) require prior consent.
10. Please note that this opt in requirement does not apply to those cookies which are strictly necessary (i) for services explicitly requested by the user or (ii) to facilitate communication. All other cookies, (in particular first- or third-party tracking cookies used for visitor profiling and tracking surfing and searching behaviour) require prior consent. Please note that the use of Google Analytics also requires consent. For an overview of all exempted cookies, we refer to the opinion of the Article 29 Working Party (the European privacy regulator).
11. When consent is required, it must be provided explicitly and prior to placing or using cookies or to obtaining access. Consent must be freely given, specific, informed and an unambiguous indication of the wish to agree with the processing of personal data. It is therefore insufficient to provide visitors merely with a possibility to “opt out”.
12. Consent could be obtained using a banner, pop-up or splash screen which appears when a visitor reaches the website. Consent must be informed, and thus the user should be informed about (i) the controller’s identity, (ii) the purpose of processing data, (iii) what (type of) data will be collected and used, (iv) the existence of the right to withdraw consent, and (v) information about the use of the data for decisions based solely on automated processing, including profiling. Further, if consent is asked for transferring data to third countries, the user should be informed about the possible risks of data transfers to third countries in the absence of an adequacy decision and appropriate safeguards. This information should be provided in clear and plain language and in easily accessible form. If consent is to be given by electronic means, the request must be clear and concise.
13. As a controller, the GDPR requires that you maintain a record of processing activities under your responsibility. The record should contain the following information:
(1) the name and contact details of the controller and, where applicable, the joint controller, the controller’s representative and the data protection officer;
(2) the purposes of the processing;
(3) a description of the categories of data subjects and of the categories of personal data;
(4) the categories of recipients to whom the personal data have been or will be disclosed including recipients in third countries or international organisations;
(5) where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1), the documentation of suitable safeguards;
(6) where possible, the envisaged time limits for erasure of the different categories of data; and
(7) where possible, a general description of the technical and organisational security measures referred to in Article 32(1).
14. Under the GDPR, each processor and, where applicable, the processor’s representative shall maintain a record of all categories of processing activities carried out on behalf of a controller, containing:
(1) the name and contact details of the processor or processors and of each controller on behalf of which the processor is acting, and, where applicable, of the controller’s or the
(2) the categories of processing carried out on behalf of each controller;
(3) where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1), the documentation of suitable safeguards;
(4) where possible, a general description of the technical and organisational security measures referred to in Article 32(1).
15. These records should be in writing and this may take an electronic form. Should a supervisory authority request access to the records, you should make these records available to them.
Terms and Conditions
(1) a pop-up window allowing visitors to agree to the terms and conditions
(2) a pop-up window displaying the general terms and conditions
(3) placing text at the top of the website: “By using this site you agree to the applicability of our website user terms and conditions. These terms and conditions may be changed over time. Users of the site are advised to regularly read the terms and conditions for possible changes. Click here to read, print or download these conditions.”
(4) placing a sufficiently visible and specific link to provide the visitor with sufficient information about the content, e.g., “Terms applicable to the use of this site” or “Website terms and conditions”.
Although defensible, it is not certain that the terms and conditions will have binding legal effect by using alternative (2) and even less certain by using alternative (3) or (4).