Privacy Policy

Last updated: 03 November 2025

1. Introduction

Welcome to the British & Irish Studio Pottery Marks (BISPM) website. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website www.bispm.co.uk.

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

The data controller responsible for your personal data is:

Naomi Mott
Email: info@bispm.co.uk

3. What Data We Collect

3.1 For General Visitors

When you visit our website as a general user, we collect minimal data:

  • Essential Cookies: Session cookies required for website functionality (see our Cookie Policy)
  • Analytics Data (if you consent): Anonymous usage statistics via Google Analytics to help us improve the website

3.2 For Registered Users (Administrators)

If you are a registered administrator, we collect:

  • Account Information: Username, email address, and encrypted password
  • Login Data: IP address, login timestamps, and browser information for security purposes
  • Session Data: Secure session cookies to keep you logged in

4. How We Use Your Data

4.1 Legal Basis for Processing

We process your data under the following legal bases:

  • Legitimate Interest: Operating the website and providing access to the pottery marks database
  • Contract: Managing administrator accounts for website maintenance
  • Consent: Analytics cookies (only if you explicitly consent)
  • Legal Obligation: Complying with UK data protection laws

4.2 Purposes

We use your data to:

  • Provide access to the pottery marks database
  • Authenticate administrator users
  • Secure user accounts and prevent unauthorized access
  • Improve website functionality and user experience (with consent for analytics)
  • Respond to enquiries sent via email

5. Data Retention

  • Session Cookies: Deleted when you close your browser or log out
  • Analytics Cookies: Retained for up to 26 months (Google Analytics default)
  • Administrator Accounts: Retained while the account is active; deleted upon request
  • Login Attempt Logs: Retained for 24 hours for security monitoring

6. Data Sharing and Third Parties

We do not sell or rent your personal data. We may share data with:

  • Google Analytics: Anonymous usage statistics (only with your consent) - Google Privacy Policy
  • Hosting Provider: Website hosting services (data stored in the UK)
  • Legal Authorities: If required by law or to protect our legal rights

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data (subject to legal obligations)
  • Right to Restrict Processing: Request we limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for analytics cookies at any time

To exercise any of these rights, please contact us at info@bispm.co.uk. We will respond within one month.

8. Cookies

We use cookies to enhance your experience. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • HTTPS encryption for all data transmission
  • Secure password hashing using industry-standard algorithms
  • HTTP-only and Secure flags on session cookies
  • Login attempt monitoring and brute-force protection
  • Regular security updates and maintenance

10. International Data Transfers

Your data is stored and processed in the United Kingdom. If you access our website from outside the UK, your data may be transferred to the UK, which provides an adequate level of data protection under UK law.

11. Children's Privacy

Our website is not directed at children under 13. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions or concerns about this privacy policy or our data practices, please contact:

Naomi Mott
Email: info@bispm.co.uk

14. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Tel: 0303 123 1113
Website: www.ico.org.uk

This privacy policy was created in compliance with UK GDPR and the Data Protection Act 2018.