Privacy and cookie policy

This privacy notice tells you how we go about collecting personal information from visitors to our website and what we do with it.

By using our site you agree to accept this privacy policy and are aware that our policy may change with time.  Any changes to this policy will appear on this web page.

This privacy policy only covers the Hampshire Fire and Rescue Service website at www.hantsfire.gov.uk.  Links within this site to other websites are not covered by this policy and you should check the privacy policy of those other sites for their terms. Hampshire Fire and Rescue Service is not responsible for the content of external websites.

You can find out more about the new EU General Data Protection Regulation (GDPR) and your rights concerning your data on the Information Commissioners Office (ICO) website.

How we collect information

There are two ways in which we collect information via our website:

Online forms

All information gathered by any online form is governed by UK law accordingly implemented, including that required by the EU General Data Protection Regulation (GDPR) and may be processed by the Service in the performance of its statutory duties or for purposes required by law.  For more information read our Data Protection statement.

Cookies

When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your computer.  These include small files known as cookies. These are small text files that are created when you visit a site and contain a unique and anonymous number. 

How our website uses cookies

Our website does not use many cookies.  Listed below are the cookies we use, what they are used for and what would happen if you were not to allow us to put them on your computer.

Cookie 

Type and purpose 

What happens if this cookie is disabled 

access 

Session cookie - this cookie allowed visitors to choose between different contrast options of the site.  This cookie is no longer relevant and will be removed.

No impact if this cookie is disabled.

Cookiesupport.js

Javascript - JavaScript is used for relatively simple functions such as popping up new windows, or checking the information you type into a form to make sure it conforms to what the receiving database expects.  We used it on our site to perform spell checking on our contact form, however, this script is no longer relevant to the site and will be removed. 

No impact if this is disabled.


Cookies set by other websites

Google Analytics

Google Analytics is a powerful tool that enables us to collect anonymous information about how you use our website.  This is a free service which plays a small part in helping us keep our costs down. 

 Cookie

Type and purpose 

What happens if this cookie is disabled 

 _utmc

Persistent cookie - see below 

See below 

_utma._utmb,_utmz

Session cookie - these cookies are used to collect information about how visitors use our site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and t he pages they visited.

Disabling these cookies will make no difference to the way you use our website, however, it will limit information available to us that helps us to improve our website and provide you with a better service.

Opt out of being tracked by Google Analytics.

YouTube

We embed videos from our official YouTube channel using YouTube's privacy-enhanced mode.  This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.

Granicus

We use an email newsletter service which requires your specific consent. If you have signed up for our newsletter you will find a link to the privacy policy in the email. You can also access Granicus' privacy and data policy directly on thier website.

What do we do with the information we collect

Information use

Where you voluntarily choose to give us your personal details the personal data you give us will be used exclusively for providing you with the information or service you have requested.

Information sharing and disclosure

Hampshire Fire and Rescue Service will not sell or rent your personally identifiable information to anyone.

Hampshire Fire and Service will only send personally identifiable information about you to other organisations when we have your consent.  This is only necessary when we need to share your information in order to provide the information or service requested.  We also use the information in response to subpoenas, court orders or other legal process.

Security

Hampshire Fire and Rescue Service’s Information Security Team lead by the Cyber Security Manager are committed to maintaining and improving Information Security, Business Continuity and Risk Management, with the intended outcome of minimising risk and increase resilience across HFRS, both internally and externally.

HFRS are certified to the international standard of ISO27001:2013, from this standard the service is required to create and maintain a document called the Information Security Management System (ISMS), this is intended to help and deliver the aims of HFRS regarding the configuration and management of all IT systems under the departments remit, as well as guidance on policies development and creation to help maintain compliance with industry best practice.

HFRS have establish, implement, operate, monitor, review, maintain and improve the ISMS documentation within the context of the activities and the risks it faces. For the purposes of this international standard, the process used is based on the Plan Do Check Act (PDCA) model.

HFRS has a duty of care to citizens, employees, customers and suppliers to protect the confidentiality, integrity and availability of all its information assets.

HFRS procure the services of a third party called BSI to asses and audit HFRS to the ISO27001:2013 standards, the BSI assessor’s task is to establish if the ISMS and security initiatives are being followed in practice and conforms to ISO27001 and any legal or regulatory requirements. This is achieved by interviewing staff to establish current practice and verifying this practice against records kept. The auditor examines the records selected to determine whether the activities identified above have been carried out correctly. The auditor keeps a record of the process and the findings of the ISMS Audit.

Currently HFRS are looking into adopting other security and management standards like ISO22301 – Business Continuity, ISO33001 – Risk Management, ISO19011 – Audit management, Cyber Essentials / Cyber Essentials Plus.

Summary of terms

  • Browser - used to locate and display web pages via a software application.
  • Cookie - message given to a web browser by a web server.  The message is stored in a text file called cookie.txt.  A cookie's main objective is to identify users and personalise their visit.
  • IP (internet Protocol) - all networks are connected to an IP which allows data to be transmitted between two devices.  TCP/IP (Transmission Control Protocol/Internet Protocol) is responsible for making sure messages are relayed between hosts and that the message is understood.
  • IP address - if you are connected to the internet you will have one, it may look something like this 198.184.98.9
  • Secure server - this allows data to be sent 'securely' by encrypting the information.  HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a facility built into a browser that encrypts and decrypts user page requests as well as the pages that are returned by the web server.
  • Web server - delivers web pages to your computer.