Website privacy and cookies
Information on this page explains our website privacy policy and how we will use and protect any information about you that you give us when you visit this website.
Privacy of your information on the Surrey Heartlands website
Surrey Heartlands uses personal and confidential information for several purposes. Our website privacy notice provides a summary of how we use your information.
Website privacy
This privacy statement only covers the Surrey Heartlands website (https://www.surreyheartlands.org). Our website is hosted by VerseOne CMS.
It does not cover all sites linked to this site, so you should always be aware when you are moving to another site and read the privacy statement on that site.
What information do we collect?
From time to time, you will be asked to submit personal information about yourself (e.g. name and email address) to receive or use services on our website. Such services include newsletters and contacting Surrey Heartlands.
By entering your details in the fields requested, you enable Surrey Heartlands and its service providers to provide you with your selected services. Any information you provide to Surrey Heartlands will only be used by us, our agents and service providers and will not be disclosed unless we are obliged or permitted by law to do so. We will hold your personal information on our systems for as long as you use the service you have requested and remove it if the purpose has been met or when you no longer wish to continue your subscription.
The Data Protection Act 2018
Under the Data Protection Act, we have a legal duty to protect any information we collect from you. We use leading technologies and encryption software to safeguard your data and keep strict security standards to prevent unauthorised access to it.
We do not pass on your details to any third party or another government department.
Changes to this statement
If this privacy statement changes, we will place an updated version on this page. Regularly reviewing the page ensures you are always aware of what information we collect, how we use it, and under what circumstances we will share it with other parties.
Security
This site has security measures to protect against the loss and alteration of the information under our control.
Use of cookies
When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small files known as cookies. They cannot be used to identify you personally.
These pieces of information are used to improve services for you through, for example:
- Enabling a service to recognise your device so you don’t have to give the same information several times during one task
- Recognising that you may already have given a username and password so you don’t need to do it for every web page requested
- Measuring how many people are using services, so they can be made easier to use and there’s enough capacity to ensure they are fast
- You can manage these small files yourself through your browser setting
Essential cookies
Essential cookies also serve useful purposes, such as:
- maintaining a "session key" which is required in order to allow users to log in to websites and portals;
- assigning unique security keys that protect user privacy by ensuring that users' form submissions are not hijacked by hackers;
- maintaining a server key so that, in multi-server environments, users are not randomly jumped between servers such that they are forced to repeatedly login.
These kinds of cookies are broadly known as "essential cookies", i.e. they are absolutely required in order to allow the operation of the application and to protect the privacy and data of users.
VerseOne CMS cookies
This website is powered by VerseOne CMS. By default, VerseOne CMS uses only one essential cookie, which is called JSESSIONID: this cookie is destroyed at the end of a user's session, i.e. when a user logs out and leaves the site, or after 20 minutes of inactivity on a VerseOne CMS-powered site.
VerseOne CMS does not track users across sites, and JSESSIONID does not enable any functionality except the three items listed above.
JSESSIONID is an essential cookie — it is absolutely required for the operation of the solution and for the protection of users' data and security. For this reason, it cannot be switched off and users cannot opt out.
VerseOne CMS also uses VOPECRA, a long-term non-tracking cookie that is only placed on the user's browser if the user accepts cookies: VOPECRA is the cookie that remembers that the user has accepted cookies.
If the option is switched on, VerseOne CMS also uses KMLI, a medium-term non-tracking cookie that is only placed on the user's browser if the user selects the Remember Me login feature.
Finally, solutions hosted within VerseOne's high-availability Managed Cloud Services environment also use a session management cookie that maintains the user's context across multiple servers: this has the format TS0xxxxxxx.
Cookies on this website
| Name | Duration | Function | Size |
| JSESSIONID | Session | Essential cookie for software functionality including session management for authentication, form submission validation, load-balancer configuration. Secured and does not track across websites (domain-specific). Expires at explicit session end (i.e. explicit log out) or 20 minutes of inactivity. | 44 Bytes |
| VOPECRA | 'Permanent' (multi-year duration) | Remembers that a user has accepted cookies from a specific VerseOne CMS-powered website, enabling cookies from GA and Code Droplets (where configured). Secured and does not track across websites (domain-specific). | 8 Bytes |
| KMLI_FRONTEND | Configurable duration | Remembers the user so that they do not have to explicitly login to the CMS or front-end features. Secured and does not track across websites (domain-specific). Duration is configurable in VerseOne CMS (default is 2 weeks). | 141 Bytes |
| TS0xxxxxxx | Session | Essential cookie for maintaining context across VerseOne 's multiple high-availability application servers and secure Web Application Firewall (WAF). Secured and does not track across websites (domain-specific). Expires at explicit session end (i.e. explicit log out) or 20 minutes of inactivity. | 116 Bytes |
| _ga_DFKR2R20L9 | Two years | To allow the operation of Google Translate. | 51 Bytes |
| _ga | Two years | To allow the operation of Google Analytics | 30 Bytes |
VerseOne CMS does not explicitly enable users to reject cookies: in order for this to work in a user-friendly manner, a cookie would have to be placed on the user's browser that would remember that the user had rejected cookies.
How to control and delete cookies
We will not use cookies to collect personally identifiable information about you.
However, if you wish to restrict or block the cookies which are set by our websites, or indeed any other website, you can do this through your browser settings. The ‘Help’ function within your browser should tell you how.
Alternatively, you may wish to visit www.aboutcookies.org which contains comprehensive information on how to do this on a wide variety of browsers. You will also find details on how to delete cookies from your machine as well as more general information about cookies.
Please be aware that restricting cookies may impact on the functionality of our website.
If you wish to view your cookie code, just click on a cookie to open it. You’ll see a short string of text and numbers. The numbers are your identification card, which can only be seen by the server that gave you the cookie.
For information on how to do this on the browser of your mobile phone you will need to refer to your handset manual.
To opt-out of third parties collecting any data regarding your interaction on our website, please refer to their websites for further information.
Embedded content
We want to provide interesting and engaging content on our website. On a number of pages we use ‘plug ins’ or embedded media. For example, we embed YouTube videos in many pages. We also provide links to share content with popular social media sites such as LinkedIn, Facebook and Twitter.
The suppliers of these services may also set cookies on your device when you visit the pages where we have used this type of content. These are known as ‘third-party’ cookies. Third party cookies are delivered on behalf of their respective organisations and as such they may change their name and purpose from the cookies identified below, this is beyond the control of Surrey Heartlands.
Contact us
If you have any questions about these terms and conditions or the practices of this website, please Get in Touch.