This policy was last updated on 13 November 2018 by agreement of the UKSEDS Executive Committee.
Older versions are available on request.

TL;DR;

Our policy in 4 points:

We record anonymous information about you when you visit our websites. We do this primarily through Google Analytics and server logs. Third party content like YouTube videos and Facebook ‘Like’ buttons probably track you, but we can’t do anything about that.
When you give us your personal information (name, email etc.) we use it for the purpose you gave it to us (email newsletter, purchase receipts etc.), share it with relevant third parties (like PayPal and Mailchimp), and store it.
We share and sell totally anonymous aggregate information with space companies, and with our sister organisations in other countries. Aggregate data means grouped data like ‘X% of our members study Physics’.
We take data security very seriously and do everything in our power to keep your personal information secure. We limit access to the people in our team who need it, we keep the amount we hold to a minimum, we try not to hold on to it for longer than is necessary, and we protect it with passwords and other security measures.
You have the right to access and correct the personal data we store about you, to restrict what we do with it, and to ask us to remove it entirely.

Introduction

This document covers all the interactions you can have with us in which we collect personal data. It does not cover interacting with us on Facebook, Twitter, Google+, Flickr, Instagram, or any other social media website we have an official account on.

UKSEDS

In this document ‘UKSEDS’, ‘we’, and ‘us’ refers to UK Students for the Exploration and Development of Space, registered charity number 1158580, represented by its Executive Committee, Staff, and Board of Charitable Trustees. SpaceCareers.uk is a website and brand wholly owned and operated by UKSEDS.

The Executive Committee is elected by the membership of UKSEDS at our Annual General Meeting at the National Student Space Conference. A list of current Executive Committee members can be found on our website, and the names of our Staff and Charitable Trustees are available on request. The names of our Charitable Trustees are also available from the Charity Commission for England and Wales.

Contacting Us

If you would like to see this policy include something else, or have any questions, please email us at [email protected]. You can also raise data privacy concerns directly with the Information Commissioner’s Office.

Amendments

This document may be updated from time to time by agreement of the Executive Committee. We will notify you by email if we store your personal information and you will be affected by the changes.

Definitions

We use a number of technical terms in this document that you may be unfamiliar with. These are explained below.

Anonymised Aggregate Data

We share anonymised aggregate information with a number of third party organisations and the general public.

This means data that has been stripped of any identifiable information (such as your name, email address, postal address, or phone number) and combined with other data to give a picture of a group of people as a whole. Your information is always grouped with others and never traceable back to you personally.

Typical examples of anonymised aggregate data includes:

We get X visitors to our website per day
We have X email subscribers studying Physics
We have X% conference delegates from Russell Group universities
X% of newsletter subscribers open our emails
We sell X% of tickets in the week before an event

This data is used in our advertising materials and publications, to help people understand what we do, as well as for internal purposes, to help us understand the people we are working for.

Google Drive

Google Drive is a cloud storage service provided by Google. We use it to store the majority of our organisational documents, as well as some of the personal data we collect. Google Drive keeps track of all revisions to documents, which means that it is very difficult to permanently delete information once it has been stored on Google Drive.

Hashing

Hashing some information irreversibly transforms it into something unintelligible but unique. Hashing information is a way of protecting it whilst still making it possible to compare it against other information.

Lawful Bases

A lawful basis is a legal reason why we store and processes personal data. There are six available lawful bases as outlined in the General Data Protection Regulation (GDPR).

Legitimate Interest

Legitimate interest means using data in ways you would reasonably expect, and which have a minimal privacy impact. It is the basis for most of our processing. For example, we use email addresses to send emails, and names to make name badges.

Whenever we don’t have a compelling reason to need personal data, we ask for consent and/or make the fields optional.

Consent

Consent means asking for permission to store and process personal data. We usually ask for consent even when it is not legally required, to make it explicitly clear that we will be processing your information.

Legal Obligation

Some data we are required to retain by law. This primarily applies to transaction data, which the Charities Act requires we keep for 6 years following the end of the financial year.

Contract

Some data we require in order to fulfil our contractual obligations. For example, if you represent a company that sponsors us, we need your details in order to contact you and provide the services we have offered.

Websites

Our websites are various webpages found at the ukseds.org and spacecareers.uk domains.

Web Servers and Databases

When we refer to our web servers, we are talking about computers owned and operated on our behalf by Tsohost, our hosting provider. These servers store the files and database for our websites and provide them to website visitors and our team.

Data We Collect

This section covers all the interactions you can have with us in which we collect personal data. For each interaction, we have detailed:

What data is collected
Where is it stored, and for how long
What is it used for
Whether it is shared with any third parties

If you do not provide information marked in a data collection form as mandatory, we will not be able to provide the services you have requested. Most of our collection forms will not allow you to proceed if you do not provide the required information.

Accessing our Websites

We store up to three distinct kinds of records when you access one of our websites. The data is processed to compile statistical reports on website activity. We use these reports to evaluate aggregate visitor usage so that we can optimise the content and identify what is performing well and why.

Server Logs

Our web server automatically logs all requests for webpages. This is standard procedure for most websites.

This means that whenever anyone or anything loads one of our webpages or submits data, the action will be logged. Each log entry contains the requester’s IP address, some details about the browser they are using, and the name of the page that has been requested (more information can be found here). All such logs are anonymous.

Server logs are stored by our web host on their servers. We can request access to the last 30 days of logs. We rarely use full server logs. From time to time they are analysed by our Systems team to troubleshoot problems, particularly spam attacks.

Internal Logs

Additionally we run our own logging system that operates in a similar way but only logs the visitor’s IP address and the details of the page they are visiting. All such logs are anonymous, and are stored in our database indefinitely.

Google Analytics

On top of this we run Google Analytics, which uses “cookies” (small text files placed on your computer) to collect standard internet log information and visitor behaviour information in an anonymous form. Typical examples of the information that’s recorded are:

Which links you clicked
Whether you’ve ever visited our website before
How long you spent on a page

Google Analytics data is stored on Google’s servers. Data associated with cookies, user identifiers or advertising identifiers is retained for 26 months after last user access. Anonymous aggregated data is stored forever. You can disable this tracking by altering your browser settings or installing software which blocks third party tracking.

SpaceCareers.uk Login

When you register as an employer or candidate on SpaceCareers.uk, you must provide your name and email address. We store this information in a database and on Google Drive indefinitely.

As a candidate, extra information you provide as part of your candidate profile is stored in a database. It may be shared with the public and organisational partners as anonymised aggregate data. We do this as part of our advocacy work to promote student involvement in the space sector.

If you delete your account, we hash your email address rather than destroying it so that we can analyse trends in the number of accounts, without compromising your anonymity.

Emailing Us

When you email any @ukseds.org or @spacecareers.uk address, copies of your email are stored on Google’s Gmail servers. Some addresses, including [email protected] and [email protected], are managed using service desk software, which means a separate copy of your email will be stored in our own databases. We use this data to communicate with you.

Subscribing to our Newsletters

When you register for one of our email newsletters, we ask you to provide your email address so that we can email you.

Data for our Ecliptic mailing list (UKSEDS news) is stored by Mailchimp, our email marketing provider, until you unsubscribe. Data for our Liftoff mailing list (SpaceCareers.uk job posts) is stored in our database until you unsubscribe, and shared with Amazon Web Services, who send the emails. Amazon do not store your email.

We may prune our mailing list from time to time, removing subscribers who do not open our newsletter. You will not be notified of your removal.

Registering as a Member or Alumnus

When you register as a Member or Alumnus of UKSEDS, you must complete a form which asks for your name, email, and age, as well as other optional information. We also ask for consent to use and store your personal data as outlined in this policy.

Data	Reason	Duration	Shared?
Name	Identifying members	Until membership expires. Then hashed.	No
Email address	For contact, and for mailing list	Until membership expires. Then hashed.	Yes, with Mailchimp
Age	Checking if over 18, Aggregate Analysis	Indefinite. Anonymised on membership expiry.	Yes, in anonymous aggregate form
All other optional fields	Aggregate analysis	Indefinite. Anonymised on membership expiry.	Yes, in anonymous aggregated form

We store membership information in databases, and your email address is also stored by Mailchimp.

Our Constitution requires us to have accurate contact details (name and email) for all of our members so that we can notify them about what we are doing. In order to do this we subscribe them to our email newsletters.

We ask for your age so that we know whether or not we are dealing with under 18s, and to better understand the demographics of our membership.

All other optional information is analysed in anonymised aggregate form to understand the composition of our membership and better meet their needs.

Membership Expiration

Your membership expires after one year. You will be given the choice to renew it, register as an alumnus, or to do nothing. If you do nothing, we will anonymise your data by hashing your name and email. Hashing irreversibly transforms your name and email into something unintelligible. We keep the rest of your membership record so that we can analyse how our membership has changed over time.

We sometimes need to check if someone was a member previously. To do this we take the name or email we’d like to check, and then perform the same hashing process. If the result matches one of our existing hashes, we know that person was a member.

Alumni registration never expires.

Registering a Branch

When you register a society as a branch of UKSEDS, we ask for your email and phone number so that we can contact you. We retain this until the end of the following academic year.

For example if you register for the academic year 2017-18 (ending 31 July 2018) then your personal information will be destroyed at the end of the academic year 2018-19 (ie. 1 August 2019). We retain your name and any non-personal information about the branch indefinitely.

Data	Reason	Duration	Shared?
Name, email address, phone number	For contact	Max 2 years	No
All other fields	Aggregate analysis	Indefinite	Yes, in anonymous aggregated form

Buying from Us

Event Tickets

When you purchase a ticket for an event, we ask for various personal details, which we store in our database, and additionally in PayPal’s systems. Your financial information is processed directly by PayPal, and we cannot see your card or bank details. If you provide explicit consent, then we will add your email address to our mailing list.

Data	Reason	Duration	Shared?
Name, billing address	Legally required as part of the transaction record	Max 7 years, then destroyed	Yes, with PayPal
Email address	Legally required as part of the transaction record	Max 7 years, then hashed	Yes, with PayPal
Email address	For mailing list	Until unsubscribed	With Mailchimp, if consent given
All other fields	Aggregate analysis	Indefinite	Yes, in anonymous aggregated form

We are required under the Charities Act to keep transaction data for a period of 6 years after the financial year in which the transaction was made.

We hash your email address rather than destroying it so that we can see trends in how many events people attend, without compromising your anonymity.

Merchandise

We sell branded merchandise such as t-shirts through SpreadShirt, a third party. When you make a purchase DonorBox, we receive your postcode and the details of what you ordered. We do not store this information, but SpreadShirt does. Other information may be requested and stored by SpreadShirt and its partners, but is not shared with us and is not under our control.

Donating to Us

We handle donations through Donorbox, a third party. When you donate through Donorbox, we receive your name and email address, unless you choose to donate anonymously. We store this information on Google Drive indefinitely. Other information may be requested and stored by Donorbox and its partners, but is not shared with us and is not under our control.

Attending one of our Events

If you attend one of our events we ask for your name and email address, which we store in our database, as well as some other optional information.

If someone else bought your ticket, then they will have provided this information on your behalf.

Data	Reason	Duration	Shared?
Name	For contact	1 year, then destroyed	Yes, with venue if required.
Email address	For contact	1 year, then hashed.	No
All other fields	Aggregate analysis	Indefinite	Yes, in anonymous aggregated form

We hash your email address rather than destroying it so that we can see trends in how many events people attend, without compromising your anonymity.

Speaking at one of our Events

When we invite you to speak at one of our events, we ask for your name, email, and phone number so that we can communicate with you. The data is stored in Google Drive indefinitely. We are usually required to share your name with the venue as they are often required to vet any external speakers. We will not share your contact details.

Sponsoring one of our Events

When your company agrees to sponsor one of our events, we ask for your name, email, and phone number so that we can communicate with you. The data is stored in Google Drive indefinitely.

Competing in one of our Competitions

When you participate in one of our competitions, we ask for your name, email address, and university affiliation. We use this data to communicate with you about the competition, and store it in Google Drive indefinitely.

Volunteering with Us

When you apply to be a volunteer with us, we ask for your name, email address, phone number and university/organisation. We use this data for communication and store it in Google Drive indefinitely. Your information is shared internally with the rest of the team, and will publish your name on our website.

Requesting Reimbursement

When you apply for reimbursement of expenses, we ask for your name, email address, and bank details. We use this data for communication and to pay expenses. It is stored in Google Drive indefinitely.

Third Parties

We share and sell information only in the ways explained below. When sharing identifiable personal information, we only share what is necessary.

Data Processors

We share certain identifiable personal data with third parties who do processing on our behalf.

Party Name	Purpose	Data We Share
PayPal	To process financial transactions on our behalf.	Name, Email address, Billing address
Spreadshirt, Donorbox	To process financial transactions on our behalf.	None
Tsohost	To provide data storage for our data and a platform on which we build our websites	All data
Google	To provide cloud-based email services, hosting, storage and processing services to assist and/or enable us to manage personal data, and deliver, analyse and improve our services.	All data
Mailchimp	To provide bulk mailing services for our email newsletter.	Email address
Amazon Web Services	To provide bulk mailing services for our email newsletter.	Email address

Service Partners

Some data we have to share with third parties in order to provide the services you are expecting from us. We do not always know in advance what we will have to share or with whom, but we will always minimise the amount of information that is shared.

Media Companies

Some of the content on our website is embedded from somewhere else. For example a video from YouTube, or Facebook’s ‘Like’ button.

We do not explicitly share any personal data with these companies in this way, but embedded content may track your interaction with our content. We cannot disable this tracking, but you can do so by altering your browser settings or installing software which blocks third party tracking.

Event Partners

We may share information such as your name and university affiliation with our event partners (for example the university hosting a workshop) where necessary, but we will not share your contact details.

Organisational Partners and the Public

We share and publish anonymised aggregate data in a variety of formats.

The Public

We share anonymised aggregate data in reports we publish publicly. We do this as part of our advocacy work to promote student involvement in the space sector.

Space Organisations

We share anonymised aggregate data with organisations in the space industry who sponsor us or advertise with us, or might do so in the future. We do this so that we can get money and support to fulfil our charitable objectives.

Partner Organisations

We have information sharing agreements with SEDS-USA, EUROAVIA, and some other organisations. These are organisations very much like UKSEDS in the United States and Europe. We swap aggregate information with them to learn from their experiences of running similar events.

Government and Statutory Bodies

If we are legally compelled to hand over information we will comply. This could include to law enforcement, or as part of audits.

How we Protect Data

We take data security very seriously and do everything in our power to keep your personal information secure.

We audit our data to ensure we are keeping only information we need
We carefully limit what can be accessed publicly, and protect the rest with passwords
We use protocols such as HTTPS, Single Sign On, and Two Factor Authentication to minimise the chances of someone intercepting data or one of our passwords
We set monitor our servers and databases for suspicious activity

Data Breaches

We have a comprehensive action plan and checklist for data breach incidents. If we identify that personal data has been exposed, we will make this news public and notify any affected individuals. We will also act to identify the cause of the breach and take steps to prevent it from happening again.

Your Rights

Your rights relating to your data are written into law under the Data Protection Act, and the General Data Protection Regulation. These are:

The right to be informed – You have a right to be informed about how we collect, process, and store your personal data. This information is provided in this document.
The right of access – You have a right to access the personal data we store about you.
The right to rectification – You have a right to have inaccurate details corrected.
The right to erasure – You have a right to have personal data erased.
The right to restrict processing – You have a right to restrict the way in which we process your personal data.
The right to data portability – You have the right to obtain the personal data we store about you in a structured machine readable format.
The right to object – You have the right to object to the way in which we process your personal data.
Rights in relation to automated decision making and profiling – This right does not apply to UKSEDS as we do not engage in automated decision making or profiling.

To exercise any of the rights listed above, please email us including your name and outlining the ways in which you have interacted with us. You must also provide proof of identity, which can include sending the email from an address we have on record.

Privacy Policy