What Is This Policy?
Who Are We?
Who Is the Data Controller?
Garry Lambert trading as Sgts Mess is the Data Controller (contact details below). This means he is responsible for how your personal data is processed and for what purposes.
What is Personal Data?
Personal Data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the Data Controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (“The GDPR”)1].
When you purchase something from our store, as part of the buying and selling process, we collect the personal data to enable us to complete your transaction
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
How We Process Personal Data.
The Data Controller complies with its obligations under The GDPR by keeping Personal Data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting Personal Data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect Personal Data.
We use your Personal Data for the following purposes:
- To operate the Sgts Mess web site and deliver the services that you have requested.
- To further develop and improve our goods and services.
- To measure, gauge, and improve the effectiveness of our advertising.
- To monitor and prevent any problems with our website, protect the security of our website, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect our rights and property, which may result in us declining a transaction.
- To maintain our own accounts and records.
The Legal Basis For Processing Your Data
These fall under either article 6 or article 9 of The GDPR and are dealt with separately below
Article 6 Processing
- Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract;
- The use is necessary for compliance with a legal obligation;
- We have a legitimate interest in using your information – to improve our goods and services, to safeguard our rights and property, to measure, gauge, and improve the effectiveness of our advertising or to to monitor and prevent any problems with our services;
- You have given us your consent–for example before we place certain cookies on your device and access and analyze them later on.
Article 9 Processing
- The Data Controller will never require any Sensitive Personal Information as described under Article 9 of The GDPR and will never request or process this category of Personal Data
What rights you have over your data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your Personal Data: –
- The right to request a copy of your Personal Data which the Data Controller holds about you, including any data you have provided to us;
- The right to request that the Data Controller corrects any Personal Data if it is found to be inaccurate or out of date;
- The right to request your Personal Data is erased where it is no longer necessary for the Data Controller to retain such data;
- The right to withdraw your consent to the processing at any time;
- The right to request that the Data Controller provide the you with your Personal Data and where possible, to transmit that data directly to another data controller.
- The right, where there is a dispute in relation to the accuracy or processing of your Personal Data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data.
- The right to lodge a complaint with the Information Commissioners Office.
How long we retain your data
The Data Controller will keep your personal data for no longer than reasonably necessary and we only retain your data for the following purposes:
- To maintain our own accounts and records and to comply with any legal obligations we may have.
- If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
- For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Who We Share Your Data With
The only other circumstances where we will share your Personal Data is if we are required to do so by Law
This website is hosted and maintained by Table Warfare Ltd. As part of this support and maintenance function Table Warfare Ltd may access Personal Data on a needs basis only. This may only occur as a part of technical troubleshooting, identifying effected parties in the event of a data breach, and providing backup and restoration services for the site. Table Warfare Ltd does not process any Personal Information for or on behalf of the Data Controller.
Where we send your data
Daily backups are also taken of the webserver, and contain the information required to rebuild the entire server in the event of catastrophic failure. Backups are copied to recordable media, and stored off-site for security.
Visitor comments may be also checked through an automated spam detection service.
What third parties we receive data from
When you make a purchase from our store we receive Personal Data from Paypal Holdings Inc in order to process your order and supply the purchased goods. We do not receive or retain any payment information, credit, debit or bank details.
What data breach procedures we have in place
While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so, such as multiple firewalls, connection encryption, daily malware scans, enhanced account security measures in addition to other breach detection and prevention measures.
How we protect your data
Our entire website is only accessible via https, meaning that any data sent between you and our servers is encrypted and cannot be easily viewed if intercepted by a third party. We do not store any credit card information locally, all payments being made through Paypal Holdings, Inc.
What happens if security is breached?
In the unlikely event of a security breach, the Data Controller will notify the the appropriate regulator and any affected parties in accordance with Articles 33 and 34 of The GDPR
What are Cookies?
Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.
Website Visitor Tracking
When someone visits https://sgtsmess.co.uk we use a third party service (Google Analytics) to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
The Privacy Policies for Google Analytics can be found in the resources section of this policy:
Adverts and Sponsored Links
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Downloads & Media Files
Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti virus software or similar applications.
Contact & Communication With us
Users contacting this us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.
Social Media Policy & Usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
External Website Links & Third Parties
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites, similar to; Table Warfare Ltd or www.monarchygame.com.)
Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: http://bit.ly/zyVUBo). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Email Mailing List & Marketing Messages
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages. The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.