Temporary GDPR Statement for The Robins Nest Forum

Talk about anything to do with Cheltenham Town, CTFC 500 Club, League 1, ex players & Managers

Moderators: Admin, Ralph, asl, Robin

Admin
Site Administrator
Posts: 892
Joined: 19 Nov 2009, 21:34
As the Robins Nest Forum is run as a 'personal project', I haven't had full time to create the full privacy policy regarding GDPR. For that reason I have prepared the following temporary information:
  • The Robins Nest Forum holds certain data about registered members. This might include username and email address as these are required to use the forum itself. We may also hold other details such as name and birth date if you have chosen to provide this info upon signing up.
  • Registered members may, at any time, request that their details are deleted from the database. This will be completed via a manual deletion directly in the database and no details will be kept. This means you will not be able to re-use a previous member username in future without signing back up again.
  • As administrator, the only time the database is accessed is if there is a technical fault.
  • No member details are shared with any other person or organisation whether that be for monetary reward or otherwise.
  • Member details are only accessed by the administrator or mods if there is a requirement due to a technical issue with that member that they have reported or if that member has been reported for a violation of our own rules or the laws of the UK.
  • We set some cookies when using the forum. This relate to Google Analytics and to Google Adsense. Google Adsense is utilised to help fund the ongoing cost of running the forum. These cookies can be blocked, if you so wish, by using a third party software or browser add on such as Ghostery. You can also change your settings by clicking in the corner of any advert where you see an 'i'.
  • Security is taken seriously and we are always looking to keep the forum up to date.
  • You do not have to use your real details when using this forum.
  • We will never use your details for sending emails unless this is an important announcement which relates directly to the ordinary working of the forum.
User avatar
Nesty
Posts: 6652
Joined: 18 Jun 2011, 09:17
thank you for setting up and running the forum
User avatar
cagliostro
Posts: 268
Joined: 29 Nov 2009, 14:11
Location: London
Contact:
If you need any advice re GDPR ping me at graeme.mcgowan@globalcyberacademy.com or graeme.mcgowan@optimalrisk.com. Am Senior Tutor and Cyber Advisor to the Global Cyber Academy http://www.globalcyberacademy.com" onclick="window.open(this.href);return false; and Director Cyber for Optimal Risk Management Ltd.

That's blown my cover LOL.
Cag
User avatar
Ihearye
Posts: 3428
Joined: 05 Jan 2018, 08:08
Thanks for the clarification. It is however somewhat at odds to Ralph as a Mod constantly alluding to the fact that he has access to and does access personal information. With his constant ;i know you have more than one account' remarks. If you are saying steps are in place to prevent his access of personal data then that is OK, but if you are saying that he still has unrestricted access to non anononmised personal data, then that is clearly not OK. I shall be monitoring his posts to ensure that GDPR is being adhered to and not just lip service.
RegencyCheltenhamSpa
Posts: 29757
Joined: 21 Nov 2009, 03:27
cagliostro wrote:If you need any advice re GDPR ping me at graeme.mcgowan@globalcyberacademy.com or graeme.mcgowan@optimalrisk.com. Am Senior Tutor and Cyber Advisor to the Global Cyber Academy http://www.globalcyberacademy.com" onclick="window.open(this.href);return false; and Director Cyber for Optimal Risk Management Ltd.

That's blown my cover LOL.
Cag
Added you to my marketing mailer list.
User avatar
cagliostro
Posts: 268
Joined: 29 Nov 2009, 14:11
Location: London
Contact:
No you didn't - I did not give you consent ;-p)
Cag
PS - GDPR is pretty serious stuff and am happy to ping guidance to any business owner out there....regardless of size, it affects you and you need to be compliant or a s#!t-load of bricks will tumble down on you :-(
RegencyCheltenhamSpa
Posts: 29757
Joined: 21 Nov 2009, 03:27
cagliostro wrote:No you didn't - I did not give you consent ;-p)
Cag
PS - GDPR is pretty serious stuff and am happy to ping guidance to any business owner out there....regardless of size, it affects you and you need to be compliant or a s#!t-load of bricks will tumble down on you :-(
Various interviews etc with the ICO suggests that small businesses who don’t do any marketing but just have professional contacts with arguably legitimate interest in keeping them in Outlook / CRM are not going to be discovered or investigated unless they suddenly start misusing the data.
User avatar
cagliostro
Posts: 268
Joined: 29 Nov 2009, 14:11
Location: London
Contact:
I have chatted to Elizabeth and the ICO is struggling to cope with all the many disparate business issues out there....I specifically raised with her the issue of sites like this and journalists/independent journalists et al.....a minefield..you all hold personal data and when hacked and the data is put up for sale on the Deep/Dark Web.....sxxt will happen :-(
This Forum is not running on a secure server and could be hacked within seconds and all our data could be stolen. I only need 1 e-mail address to cause havoc and did so in an exercise with the second biggest bank in the US....it took 4 minutes to take them down due to stupidity.
I don't get out of bed for less than a grand a day to offer advice but for any member of our beloved Robins Nest Forum....that advice is free :-)
Some of our members are in business and this forum is the back door to bigger and better things for the Hacker and you could well be the stepping stone to a major target.
I just find it all so sad....Tim Berners Lee created something special but it is now the 5th battleground :-(
Cag
User avatar
cagliostro
Posts: 268
Joined: 29 Nov 2009, 14:11
Location: London
Contact:
PS - if Ralph as a Mod does that...he will be hung drawn and quartered...and we will report him to the ICO....but more importantly - who actually "owns this forum" and the personal details - they or their appointed DPO are responsible for all our data - and he/she/they will also be hung drawn and quartered should any members data be leaked :-(
I consented to my personal details being disclosed on my previous posts because I posted it...hence consent....but if I get unsolicited mails or calls because a member has passed that on....I will take them down....BIG TIME.
Happy to help/advise as posted on previous posts.
Cag
PPS - if I get one marketing e-mail from RCS re his reply earlier....beware the ICO reaper is coming LOL
RegencyCheltenhamSpa
Posts: 29757
Joined: 21 Nov 2009, 03:27
cagliostro wrote:PS - if Ralph as a Mod does that...he will be hung drawn and quartered...and we will report him to the ICO....but more importantly - who actually "owns this forum" and the personal details - they or their appointed DPO are responsible for all our data - and he/she/they will also be hung drawn and quartered should any members data be leaked :-(
I consented to my personal details being disclosed on my previous posts because I posted it...hence consent....but if I get unsolicited mails or calls because a member has passed that on....I will take them down....BIG TIME.
Happy to help/advise as posted on previous posts.
Cag
PPS - if I get one marketing e-mail from RCS re his reply earlier....beware the ICO reaper is coming LOL
I was joking! Never have and never will send anyone a marketing email. That’s not my game.

Worse on FGR forum where name, address and contact details have to be provided to register.
ctfc-fan
Posts: 1881
Joined: 06 Jan 2010, 12:00
Only thing I’d disagree with Cag is GDPR doesn’t stop you marketing to someone so long as it’s likely to be relevant, the marketing message has all your details on it and there is a way to instantly unsubscribe.

A lot of this comes under PECR and thankfully it doesn’t otherwise business would grind to a halt.
Ralph
Posts: 4830
Joined: 23 Dec 2009, 01:56
cagliostro wrote:PS - if Ralph as a Mod does that...he will be hung drawn and quartered...and we will report him to the ICO....but more importantly - who actually "owns this forum" and the personal details - they or their appointed DPO are responsible for all our data - and he/she/they will also be hung drawn and quartered should any members data be leaked :-(
I consented to my personal details being disclosed on my previous posts because I posted it...hence consent....but if I get unsolicited mails or calls because a member has passed that on....I will take them down....BIG TIME.
Happy to help/advise as posted on previous posts.
Cag
PPS - if I get one marketing e-mail from RCS re his reply earlier....beware the ICO reaper is coming LOL
Ralph isn't doing anything as he has no personal info and isn't the least bit interested in all that anyway. Unfortunately, Ihearye is mischief making as it would appear that I inadvertently used a word in a reply to someone (replying to a post of his) that he wasn't happy about. I did try to contact Ihearye by PM to explain what actually happened as it was a genuine mistake, but he never opens his PM's even when encouraged to do so and so therefore continues to hold a grudge for no reason
Ralph
Posts: 4830
Joined: 23 Dec 2009, 01:56
Ihearye wrote:Thanks for the clarification. It is however somewhat at odds to Ralph as a Mod constantly alluding to the fact that he has access to and does access personal information. With his constant ;i know you have more than one account' remarks. If you are saying steps are in place to prevent his access of personal data then that is OK, but if you are saying that he still has unrestricted access to non anononmised personal data, then that is clearly not OK. I shall be monitoring his posts to ensure that GDPR is being adhered to and not just lip service.
Ihearye - you are totally wrong with your statement and i have done no such thing and have no such info. Nothing more to say on it.
User avatar
Lord Elpuz
Posts: 691
Joined: 20 Jul 2011, 19:35
Ralph wrote:
Ihearye wrote:Thanks for the clarification. It is however somewhat at odds to Ralph as a Mod constantly alluding to the fact that he has access to and does access personal information. With his constant ;i know you have more than one account' remarks. If you are saying steps are in place to prevent his access of personal data then that is OK, but if you are saying that he still has unrestricted access to non anononmised personal data, then that is clearly not OK. I shall be monitoring his posts to ensure that GDPR is being adhered to and not just lip service.
Ihearye - you are totally wrong with your statement and i have done no such thing and have no such info. Nothing more to say on it.
Hope by now, you two have had time to:

Image

and

Image
User avatar
cagliostro
Posts: 268
Joined: 29 Nov 2009, 14:11
Location: London
Contact:
ctfc-fan wrote:Only thing I’d disagree with Cag is GDPR doesn’t stop you marketing to someone so long as it’s likely to be relevant, the marketing message has all your details on it and there is a way to instantly unsubscribe.

A lot of this comes under PECR and thankfully it doesn’t otherwise business would grind to a halt.
Wrong......it does not matter if it is relevant.....you need MY consent...GDPR is a business enabler...read it, understand it....and if you cannot be bothered to read millions of pages...talk to me.
Cag
ctfc-fan
Posts: 1881
Joined: 06 Jan 2010, 12:00
cagliostro wrote:
ctfc-fan wrote:Only thing I’d disagree with Cag is GDPR doesn’t stop you marketing to someone so long as it’s likely to be relevant, the marketing message has all your details on it and there is a way to instantly unsubscribe.

A lot of this comes under PECR and thankfully it doesn’t otherwise business would grind to a halt.
Wrong......it does not matter if it is relevant.....you need MY consent...GDPR is a business enabler...read it, understand it....and if you cannot be bothered to read millions of pages...talk to me.
Cag
From the ICO:

When can we make marketing calls to individuals?

You can call any individual who has specifically consented to receive marketing calls from you – for example, by ticking an opt-in box. See What counts as consent?

You can also make live calls without consent to a number if it is not listed on the TPS – but only if that person hasn’t objected to your calls in the past.

In practice, this means you will need to screen most call lists against the TPS register. You will also need to keep your own ‘do not call’ list of people who object or opt out, and screen against that as well.

For further information, see our guidance on direct marketing.


When can we make marketing calls to businesses?

The rules are the same as for calls to individuals. So, you can call any business that has specifically consented to your calls – for example, by ticking an opt-in box.

You can also make live calls to any business number that is not registered on the TPS or the CTPS, but only if they haven’t objected to your calls in the past.

You should remember that some businesses (sole traders and some partnerships) register with the TPS, and others (companies, some partnerships and government bodies) register with the CTPS. For business-to-business (B2B) calls, you will therefore need to screen against both the TPS and the CTPS registers, as well as your own ‘do not call’ list.


When can we rely on legitimate interests for marketing?

You can rely on legitimate interests for marketing activities if you can show the way you use people’s data is proportionate, has a minimal privacy impact, and people would not be surprised or likely to object to what you are doing – but only if you don’t need consent under PECR.
User avatar
Shade
Posts: 16823
Joined: 27 Sep 2010, 13:02
Location: Cheltenhamshire
It's all such ambiguous balls that we've generally gone for the all or nothing approach where I work. There are only 4 of us and we haven't got time to try and make money AND deal with all the red tape.
RegencyCheltenhamSpa
Posts: 29757
Joined: 21 Nov 2009, 03:27
Shade wrote:It's all such ambiguous balls that we've generally gone for the all or nothing approach where I work. There are only 4 of us and we haven't got time to try and make money AND deal with all the red tape.
Indeed. A common sense law and too many people are being too officious.

There are ten in our office. Apart from one consortium of partners we run and send quarterly updates too all our contacts are past companies we have supported or past / current clients and professional contacts.

We have sent out an email to the few mailing lists we have.

At one point the person looking into GDPR tried to say we had to do it for all our professional contacts which is obviously nonsense. Today for example I took a warm call from a half-colleague of a recent client who wanted to commission us to do a £5k piece of work. That’s how consultancy works; conversions, business cards, networks and relationships. GDPR is barely relevant to us.

The hype is mainly due to UK habit of being over zealous with EU laws.

Two examples spring to mind. UK applies the strictest zero tolerance state aid rules so we lose out to the French and Germans who give much more, but legal, state aid. We have open borders and benefits, when other west Europe nations apply restrictions and limitations perfectly allowed by EU law.
Post Reply