Here at ActiveHistory we collect the minimum data necessary to activate subscriptions, and delete records after use.
Information we hold
The site runs on a secure server making use of SSL technology.
The information on cusomters we hold on our servers is limited to that required for login and billing.
This is only accessible to the director of the company and the accounts manager.
This consists of user name, login name, password, institution name and address.
Any further information necessary (e.g. for online payment processing) is held by reputable online providers (PayPal and WorldPay) and is protected by them.
None of the personal data we hold about customers is shared outside of the company.
Once logged in, customers are able to see for their benefit a record of their subscriptions and when their current subscription expires.
When signing up, individuals have the right to opt-out of our periodic newsletter.
We collect the minimum data necessary and delete records after use.
After an account expires, personal data is deleted from the servers within 3 months.
It is not deleted before this point in case the customer decides to reactivate their account
Subject access requests
Customers can request a reminder of the data we hold and how we protect it at any point.
Lawful basis for processing personal data
Personal data is required to allow subscribers to make online or invoice payments, and to subsequently log in to the site.
All customers have to agree to the existing terms and conditions of the website (which focus on not sharing the password / resources from the site outside of the subscribers' rights) before they can proceed to obtain their first subscription. These terms continue to apply when the subscription is renewed.
Access to the site is by paid subscription, covered either through an online payment or an invoice paid by cheque. As such children are unlikely to gain access to the subscription area except after being given a password by a consenting adult for educational purposes.
Upon being informed of any potential data breaches, the website administrator will immediately alert the server hosts and the website security platform which is also provided.