NCB Area No.5 Fishing Club
Privacy
Policy
We keep things simple: we only collect what we need, we don't sell your information, we don't send marketing emails, and we don't use tracking cookies.
This is the privacy policy for the NCB Area No.5 Fishing Club ("the club", "we", "us"). It explains what information we collect when you visit our website at ncbno5areafishingclub.co.uk, what we do with it, and what your rights are.
This policy is written to comply with UK and EU data protection law (UK GDPR, EU GDPR, and the Data Protection Act 2018).
About Us
Who we are
We are the NCB Area No.5 Fishing Club, a non-profit fishing club based in Derby. If you want to get in touch about anything in this policy, please use our contact page.
What & Why
What we collect and why
There are three things we collect, and we use each of them for a specific reason.
1 — Section
The contact form
When you fill in our contact form we ask for your full name and email address along with your message. We use these only to reply to you. That’s it — we don’t add you to a mailing list and we don’t share your details with anyone else.
2 — Section
Server access logs
Our website is hosted on Cloudflare Pages, and Cloudflare also sits in front of the site to keep it fast and secure. As part of this, Cloudflare automatically logs information about visits — including your IP address, the date and time, the page you looked at, and your browser type. This is used to keep the site running, spot problems, and block abuse such as attacks or spam. We don’t use this information to identify individual visitors, and Cloudflare deletes the logs in line with their standard retention periods.
3 — Section
Cloudflare Web Analytics
We use Cloudflare Web Analytics to see roughly how many people visit the site and which pages are popular. It’s a privacy-friendly tool: it doesn’t use cookies, doesn’t track you across other websites, and doesn’t collect anything that identifies you personally. Because no cookies are set and no personal profile is built, we don’t need to ask for your consent to use it.
4 — Section
Email handling
Messages sent through our contact form are delivered to a club email address using Cloudflare Email Routing, which forwards them on to a Gmail inbox managed by Google. As part of this, Cloudflare and Google may briefly process your email address and the contents of your message in order to deliver it. We only use the message itself to reply to your enquiry.
Tracking
Cookies
We don't use any tracking, advertising, or analytics cookies on this site. The only cookies you might encounter are essential ones needed for the website to function (for example, to keep the site secure). These don't require your consent under data protection law.
GDPR
Our lawful basis
Under GDPR we have to tell you why we're legally allowed to handle your information. The reasons are:
Contact form: your consent — you chose to send us a message.
Server logs: our legitimate interest in keeping the site working and secure.
Cloudflare Web Analytics: our legitimate interest in understanding how the site is used so we can improve it. The data is anonymous and the impact on you is minimal.
Third Parties
Who we share it with
We don't sell your information and we don't share it for marketing. The only places it goes are:
- Cloudflare — hosts our website (Cloudflare Pages), routes traffic, provides our analytics, and forwards emails sent through our contact form (Cloudflare Email Routing).
- Google (Gmail) — the inbox where forwarded emails land, used to read and reply to your message.
These providers may process data outside the UK and EU. Where they do, they use the standard safeguards required by data protection law (such as Standard Contractual Clauses) to protect it.
We'd only ever pass your information to anyone else if the law required it (for example, a court order).
Retention
How long we keep things
Contact form messages (in Gmail): usually until we’ve replied and the conversation is finished, plus a short period afterwards in case you come back to us. We aim to clear them out within 12 months.
Server logs (held by Cloudflare): kept by Cloudflare in line with their standard retention periods. We don’t store these logs ourselves.
Cloudflare analytics data: kept by Cloudflare in line with their standard retention policy. No data is held that personally identifies you.
You're in control
Your rights
GDPR gives you a set of rights over information we hold about you. You can ask us to:
Show you what we have on you
Correct anything that’s wrong
Delete it
Stop using it, or limit how we use it
Send it to you in a portable format
Object to us using it
Just get in touch via our contact page and we'll sort it out within a month.
If you're not happy with how we've handled your data, you can complain to the Information Commissioner's Office (ICO) at ico.org.uk, or your local data protection authority if you're in the EU. We'd rather hear from you first though, so we have a chance to put it right.
Security
Keeping it safe
Our website uses HTTPS so anything you send through the contact form is encrypted in transit. Access to the inbox where messages land is limited to the people who run the club. No system is ever 100% secure, but we take reasonable steps to protect your information.
Under 13s
Children
Our website isn't aimed at children under 13. If you're a parent or guardian and think your child has sent us a message, get in touch and we'll delete it.
Updates
Changes to this policy
If we change this policy we'll update the date at the top. Big changes will be flagged on the site.
Questions about your data?
Get in touch with the club secretary and we'll be happy to help.