The Ferret is committed to maintaining your privacy and collects only the minimum information we need about you to provide our services effectively.
We will collect and use individual user details only if we have your permission or we have sensible business reasons for doing so.
For example, we need to process personal information to manage subscriptions and memberships, for marketing our content,events and products, or for providing statutory services to our members.
We do not sell, trade, or rent personal identification information to others. We can access and release personal information to keep to relevant laws and government requests, to operate our systems properly and to protect both us and our members.
Any organisations who access your information in the course of providing services on our behalf will be governed by strict contractual restrictions to make sure that they protect your information and keep to data-protection and privacy laws which apply.
Some of our webpages use plug-ins or code provided by other organisations. For example, this could include embedded media from Youtube or Twitter. If you browse our website, whilst also being logged into an account with these companies they may be able to link your use of The Ferret website to your account with them.
On our website, all registered users, once logged in, can access the “account” page. All registered users can manage and edit key personal information we hold about you from this page, as well as contact preferences.
If you do not update this information you may not receive important communications from us.
Our journalists may gather, receive and store personal information in the course of writing, producing and researching stories for this website.
The law sets out the basis on which we may do this. More information on regulations that apply are available on the Information Commissioners website.
We only keep material held for this purpose for as long as we require it, and we work to ensure that it is stored securely.
The Ferret is regulated by Impress and therefore required to comply with the Impress Standards Code. It has a specific section on privacy and related guidance materials.
The Ferret will only store your personal data for as long as it is necessary to provide you with a service or to comply with applicable laws and standards set-out by any relevant regulatory bodies.
In most circumstances we will not retain data for longer than three years from the date of last contact.
A cookie is a small file that stores information in your browser.
A tracking ‘tag’ is a piece of code that may gather information about your browser, and the way you use our website.
Our paywall is essential to the functioning of our service. When you visit our site we add a cookie to your browser that monitors how many restricted pages you have viewed in the current month. It does not pass any information to other third parties. If you wish to opt-out of this cookie from our site you should alter the settings in your browser.
Our security software also uses a cookie to keep our users safe and protect our site against unauthorised use.
Google Analytics is used to track visitors to our website. We use Google Analytics for statistical reasons. For example, it tells us how many users we have and how often they visit our websites. We collect information listing which of our pages are most frequently visited, and by which types of users and from which countries.
We aim to minimise the amount of information that is sent to Google Analytics. We ensure that the IP addresses of all our users are anonymised before they are processed by Google. You can also click here to Disable Google Analytics completely.
From time to time we may also use trackers provided by some third party organisations, in order to better understand the demographics of our audience and our members. This helps us to make the most efficient use of our digital marketing budget and may inform other management decisions.
We may use Google, Facebook, Twitter and Active Campaign tracking pixels on some pages. These help us to understand more about our audience.
The Ferret honours the Do Not Track standard which is supported by all modern browsers. Therefore, if you do not want these companies to access any information about your browsing on theferret.scot you can activate this setting in your browser. Find out how here: http://donottrack.us/
If you have an account with Google, Facebook or Twitter you can also manage how they treat the information they derive from tracking technologies on their sites.
If you are a registered member of our site you can also choose whether we use information you have supplied to inform our digital marketing activities or not, via the Account page.
Data Collected to Manage Your Membership
At checkout, we will collect your name, email address, username, and password. This information is used to setup your account for our site.
At checkout, we may also collect your phone number. This information may be used to contact you about our work and your membership. The phone number is saved by our site and it may also be passed to a third party text message service to allow us to contact you this way.
Any services we use for this purpose will never pass your phone number on to other organisations or use it for any purpose other than that set out in this policy. You will always be able to opt-out of receiving communications from us by text message by sending a message from your phone.
At checkout, we may also collect your credit card number, expiration date, and security code. This information is passed to our payment gateway to process your purchase. The last 4 digits of your credit card number and the expiration date are saved by our subscription management service providers to use for reference and to send you an email if your credit card will expire before the next recurring payment.
If you comment on a story you should be aware that anything you write or link to will be publicly available.
We may use automated third-party services such as Akismet to check comments for spam or prevent abuse. Comments may be retained by these services in order to help them improve.
You can only comment if you are registered with the site. We may set additional cookies to make it easier for you to add a comment.
Email is a vital tool for us to communicate with our members and supporters.
A link will be included in the footer of all of our emails, allowing you to opt-out of receiving communications from us in this way.
If you unsubscribe you should be aware that you may not receive some important member communications.
We use a service provided by OneSignal to provide optional browser based push-notifications.
We use a paid version of their service to ensure that data from our browsers is not shared by OneSignal with other advertising companies.
You can opt-out of OneSignal related data collection by revoking push notification permissions on your browser.
We will only send text messages to people who opt-in to receive them, and you can opt-out at any time by sending us a text message to let us know or changing your contact preference settings in the My Account page.
Payments and subscriptions
When you subscribe to The Ferret, online payments are managed on our behalf by Stripe.
We may also use GoCardless and Paypal to handle payments on our behalf. They also make some of your personal details available to us, but they do not share details of your payment card or bank account with us.
We use services called ChartMogul and Chargebee to help us manage our subscriptions. If you are a paying subscriber, some personal information about you, such as your name, and payment history, will be passed to these firms.
We may use third-party services to help us promote and manage events.
For example, we have used Eventbrite to help us sell tickets and promote our events. Therefore when you buy a ticket for one of our events you may share some personal information with these services.
We will use the information shared to us by these third-party services to contact you in connection with the event and also, if you agree, other subsequent Ferret initiatives you may be interested in.
If you attend an event organised through these services you will always be able to opt-out of any direct communications from us although this may mean that you do not receive important information relating to the event. You will also be able to contact the third party service provider to manage any data they may hold about you.
We audit these tools regularly to ensure that only appropriate people have access and that any personal data is not retained for longer than necessary.
Automated decision making
Sometimes we may perform automated analysis on the personal data that we hold. This analysis may also be informed by data from other publicly available information sources.
We do this in order to ensure the communications we send are as useful as possible and the marketing we undertake is appropriately targeted.
For example, we may analyse the responses we get to messages we send to identify people who frequently reply and people who rarely reply. We may try to group our audience by interest, location or contact preference, and send communications tailored to these groups. Similarly, we may send automated messages to people whose subscription is due to end in order to remind them that they need to renew their membership.
We do not sell the results of these analyses to any third-party organisations.
Your right of access
You may, at any time ask us to confirm whether or not we are processing Personal Data about you and, if we are, you shall have the right to access that personal data and to the following information:
- What personal data we have,
- Why we process them,
- Who we disclose them to,
- How long we intend on keeping them for (where possible),
- Whether we transfer them abroad and the safeguards we take to protect them,
- What your rights are,
- How you can make a complaint,
- Where we got your personal data from and
- Whether we have carried out any automated decision-making (including profiling) as well as related information.
Upon request, we shall (without adversely affecting the rights and freedoms of others including our own) provide you with a copy of the personal data undergoing processing within one month of receipt of the request, which period may be extended by two months where necessary, taking into account the complexity and number of the requests.
We shall inform you of any such extension within one month of receipt of the request, together with the reasons for the delay.
Downloading and deleting your personal data
If you are paying member, you can cancel your account by logging in and altering your billing details on the account page.
You can request a copy of all the data we hold about you, or request that we delete all the data we hold about you by asking us using our contact page.
This policy was last updated on 26/01/2020.