This privacy policy sets out how Bolton Wanderers Supporters Trust uses and protects any information that you give us when you use this website.

Bolton Wanderers Supporters Trust is committed to ensuring that your personal information is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy policy.

Please note that our website may contain links to third party websites provided for your convenience. We are only responsible for the privacy practices and security of our own website and advise you check the privacy and security policies and procedures of any other website you visit.

Bolton Wanderers Supporters Trust (BWFCST) Our Responsibilities as Data Controllers

As the Data Controller, BWFCST is responsible for your personal information as submitted through the BWFCST.co.uk website. The information you submit is used to grant an annual subscription-based membership. With your consent, we also use your email to send newsletters.

General Data Protection Regulation (GDPR) Individual Rights

All BWFCST members can access, correct, update and delete their account information using the secure login area on our website or visiting our contact page and selecting GDPR Compliance Delete / Download Data Request.

What are your data protection rights?

BWFCST would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request BWFCST for copies of your personal data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that BWFCST correct any information you believe is inaccurate. You also have the right to request Our Company to complete the information you believe is incomplete.

The right to erasure – You have the right to request that BWFCST erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that BWFCST restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to BWFCST’s processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that BWFCST transfer the data that we have collected to another organisation, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Data Protection Officer Details

For questions regarding our use of your personal information please contact our Data Protection Officer using the details below:

Bolton Wanderers Supporters' Trust
Data Protection Officer
Toughsheet Community Stadium
Burnden Way
Horwich
Bolton
BL6 6JW

This email address is being protected from spambots. You need JavaScript enabled to view it.

Information We Collect and How We Use It

When you sign up to BWFCST.co.uk for an online account we may collect and store any personal information you provide us with including name, email, telephone and address.

The main uses of your personal information are:

• to create a personal account profile
• to administer and provide an Annual Subscription Membership
• to communicate with your consent any news, events, products or services

How We Keep Your Personal Information Safe

The safety of your personal information is paramount to us. We have a dedicated IT department responsible for server and website security and also for maintaining and protecting your information in accordance to General Data Protection Regulation (GDPR) requirements.

We use a multi-faceted approach to securing our server and website known as “defense in depth”. Multiple layers of defense help us protect and maintain security and data.

All the security measures we implement below contribute to the security of our systems:

• Both hardware and multiple software firewalls at server and website level
• Antivirus software at server and website level
• Security hardened Linux server operating system with automated security updates
• Security hardened CMS website
• Routine manual server and website security reviews and updates
• Permanently monitored access to website to detect and prevent misuse of personal data
• Tightly restricted access to backend data on a “need to know” basis for maintenance, updates and security purposes only
• EV SSL, the highest level of security and protection implemented at checkout

For website members who have a personal password which enables you to view and amend account details and order history we advise you to keep this password confidential and do not share it with anyone.

Online safety, social media and safeguarding policy

Note:

the terms ‘child’ or ‘children’ apply to anyone under the age of 18

the term ‘parent’ applies to anyone with guardianship or caring and parental responsibility for the

child

the term ‘staff’ applies to members of staff and volunteers

Our online safety statement

This policy provides guidance on how BWFCST uses the internet and social media, and the procedures for doing so. It also outlines how we expect the staff who work for us, and the children who are members of our organisation, to behave online.

As an organisation, we commit to implementing this policy and addressing any concerns quickly and within these guidelines.

Aims

The aims of our online safety policy are:

to protect all children involved with our organisation and who make use of technology

to provide staff with policy and procedure information regarding online safety and inform them how to respond to incidents

to ensure our organisation is operating in line with our values and within the law regarding how we

behave online

Understanding the online world

As part of using the internet and social media, our organisation will:

assess and manage the safety aspects – including what is acceptable and unacceptable behaviour

for staff and children when using websites, social media including Facebook, X, Instagram or Snapchat, apps and video conferencing platforms including Zoom or Teams

be aware of how staff in our organisation and the children they work with use social media both inside and outside of our setting

ensure that we adhere to relevant legislation and good practice guidelines when using social media or video conferencing platforms

provide training for the staff responsible for managing our organisation’s online presence

regularly review existing safeguarding policies and procedures to ensure that online safeguarding issues are fully integrated, including:

making sure concerns of abuse or disclosures that take place online are written into our reporting procedures

incorporating online bullying (‘cyberbullying’) in our anti-bullying policy

Managing our online presence

Our online presence through our website or social media platforms will adhere to the following guidelines:

all social media accounts will be password-protected, and at least 2 members of staff will have access to each account and password

the account will be monitored by at least two designated members of staff in order to provide transparency, who will have been appointed by the organisations committee

the designated staff managing our online presence will seek advice from our designated safeguarding lead to advise on safeguarding requirements

designated staff will remove inappropriate posts by children or staff, explaining why, and informing anyone who may be affected (as well as the parents of any children involved)

we’ll make sure children are aware of who manages our social media accounts and who to contact if they have any concerns about something that’s happened online

identifying details such as a child’s home address, school name or telephone number shouldn’t be posted on social media platforms

any posts or correspondence will be consistent with our aims and tone as an organisation

parents will be asked to give their approval for us to communicate with their children through social media, via video conferencing platforms or by any other means of communication

parents will need to give permission for photographs or videos of their child to be posted on social media

What we expect of our staff

staff should be aware of this policy and behave in accordance with it

staff should seek the advice of the designated safeguarding lead if they have any concerns about the use of the internet or social media

staff should communicate any messages they wish to send out to children to the designated staff responsible for the organisation’s online presence

staff should not communicate with children via personal account

staff should not ‘friend’ or ‘follow’ children from personal accounts on social media and maintain the

same professional boundaries online as they would in person when using organisation accounts

staff should make sure any content posted on public personal accounts is accurate and appropriate

as children may ‘follow’ them on social media

rather than communicating with parents through personal social media accounts, staff should choose a more formal means of communication, such as face-to-face, in an email or in writing, or use an organisational account or website

staff should avoid communicating with children via email or organisational social media outside of normal office hours

emails or messages should maintain the organisations tone and be written in a professional manner,

e.g. in the same way you would communicate with fellow professionals, avoiding kisses (X’s) or using slang or inappropriate language

staff should not delete any messages or communications sent to or from organisation accounts

staff should undertake all online safety training offered and gain a basic knowledge of the platforms children use and how to report or remove inappropriate content online

any concerns reported through social media should be dealt with in the same way as a face-to-face disclosure, according to our reporting procedures at least one parent must be present during the delivery of any activities via video conferencing platforms at home

any delivery of activities to children via video conferencing platforms will be supported by an additional member of staff (even if they’re not actively delivering) to ensure transparency

staff and children must not engage in ‘sexting’ or send pictures to anyone that are obscene

What we expect of children

children should be aware of this online safety policy and agree to its terms

we expect children’s behaviour online to be consistent with the guidelines set out in our acceptable use statement

children should follow the guidelines set out in our acceptable use statement on all digital devices, including smart phones, tablets and consoles

What we expect of parents

parents should be aware of this online safety policy and agree to its terms

parents should protect all children’s privacy online and think carefully about what content they share about BWFCST online, where they share it and who they’re sharing it with

we expect parents’ behaviour online to be consistent with the guidelines set out in our acceptable use statement and in our codes of conduct for parents and spectators

Contact us

For any online safety concerns please use our dedicated email address at: This email address is being protected from spambots. You need JavaScript enabled to view it.

Cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse how you navigate this website during each visit.

Privacy Policy Changes

In order to maintain high standards our policies and procedures are constantly under review. From time to time we may modify or update this Privacy Policy.