GDPR Privay data privacy compliance notice
BUXTON Street by street Coronavirus Volunteers Privacy Notice
1. Identity and Contact Details
This privacy notice details how we use the information that we collect.
We are committed to fully complying with the relevant data protection legislation in the UK
including the EU General Data Protection Regulations (GDPR) and the Data Protection Act 2018. As committee members, we recognise our responsibility (jointly and individually) as data controllers in the meaning of this legislation.
You can contact us by emailing to: firstname.lastname@example.org
2. The Data
We may collect and use the following personal information:
● Name and contact details
● Details of correspondence, meetings and appointments
● Bank account and payment details
● Details of services requested and rendered
We will use this information to manage the association, to link up volunteers with requests for service, to keep volunteers informed, to respond to enquiries and to arrange payment for any goods obtained by volunteers on behalf of service users.
This information is necessary for us to fulfil our contractual and legal obligations and in pursuing our legitimate interests in managing the objectives of the association.
3. Data Sharing
We may share your information with other companies in line with the purposes listed above. In all
cases, we have contracts and agreements in place to ensure that your information is protected and
is not used for any other purpose than those listed above. Companies that we may share
information with are:
● Companies involved with the design, hosting and maintenance of our website and our email
and IT systems
● Our insurers and professional advisers
In addition, where you communicate with us via social media messaging platforms, the information is shared with the platform operator and their own data protection policies also apply.
4. International Transfer
Some information may be stored and processed outside of the EEA.
Where information is transferred outside of the EEA, we ensure that appropriate safeguards are in place to protect your information to the same or an equivalent level as would be found in UK and EU data protection legislation. The safeguards we use are:
● Ensuring the country is the subject of an EU adequacy decision; or
● Ensuring the company is a member of an adequate. Legally-binding scheme such as EU-US
Privacy Shield; or
● Ensuring the contract includes ICO-approved model contract clauses; or
● Ensuring the organisation is subject to ICO-approved binding corporate rules or an ICO-
approved code of conduct.
In accord with relevant data protection legislation, we will not retain your information for longer than is necessary for the purposes listed above and to deal with any complaint or dispute you may have. If you require further information about our information retention policies, please contact us.
6. Your rights
Under UK and EU data protection legislation, you have a number of rights with respect to your information. These include:
● The right to be informed about the information we hold about you
● The right of access to the information we hold about you
● The right to have any errors rectified
● The right to withdraw consent (where consent is the basis of processing)
● The right to object to processing
If you have any questions about the information we hold, how we use it or how to exercise these rights, please contact us using the contact details above.
If you have any cause for complaint about the way we care for your information, please do contact us and we will do our best to resolve the situation for you. You also have the right to complain directly to the Information Commisioner’s Office. You can find details of how to contact them here: https://ico.org.uk/concerns/ or by calling their helpline on 0303 123 1113.