Sustainable Wallingford Data Protection Policy
(A)Who do we collect and store information about?
Sustainable Wallingford collects and stores information about these groups
- People who sign up to be kept informed about our activities
- People who volunteer to help with our activities
- Councillors, journalists, and others who we have a legitimate interest in informing about our activities
- People who interact with us in other ways, such as lending them energy meters, giving them advice, or doing activities together
(B) What information do we collect and store?
The information may include:
- Contact details (e-mail addresses, postal addresses and/or telephone numbers)
- Records of subscription payments (for members)
- Interests and skills
- Relevant positions held (e.g. councillor)
- Links that people have with other relevant organizations
- Information about interactions with them
For most people we only need names and contact details
(C) What do we use this information for?
- To communicate with members about their membership (e.g. events, meetings, and renewal reminders)
- To publicise Sustainable Wallingford’s activities and recruit helpers for projects
- To publicise other news and events relevant to Sustainable Wallingford
- To seek opinions, feedback, and ideas
(D) How long do we keep this information?
Depending on the situation, or sooner if requested:
- Members: until they resign, when we will invite them to be added to the mailing list of interested people, with their explicit consent
- Interested people: until they no longer wish to be included; or if we cannot contact them.
- Other helpers: until they cease to be active , unless they ask to stay on the mailing list on the same basis as other interested people
- People in public positions: while they have their position. They may ask to be added in a personal capacity
- Other people with whom we have interacted: for several years.
(E) Who has access to this information?
- Members of the Management Group
- Other members who are running or co-ordinating projects,activities, or action groups.
Information will not be shared with other people or organizations, or made public, without the consent of those involved.
(F) How and where do we store this information?
The membership database and the mailing list of other interested people are stored with a reputable provider complying with UK law about data protection, technical robustness, and transfers to other countries. Such providers may be global companies and the data may not necessarily be processed within the EU
Where necessary, subsets of information (e.g. helpers for a particular activity) may be held electronically or on paper by Management Group or other members provided that they
- ensure that it is at least as secure as their own personal information
- ensure it is up to date.
- delete it when it is no longer required
(G) Security measures.
The main lists will be stored in password-protected storage with a reputable service provider, with measures such as password protected accounts, firewalls, anti-virus/malware detection/protection and encrypted storage and connections.
The password will only be given to members who need it, and will be changed regularly
Responsibility for the proper management of data lies with the Management Group, with the assistance of other Sustainable Wallingford members if appropriate.
(I) Data breach policy
In the event of a data breach we will a) apologise; b) do what we can to minimise adverse effects; c) investigate what went wrong; and d) take steps to prevent a repetition.
Anyone who wants to find out what information Sustainable Wallingford holds about them, and/or ask for it to be corrected or deleted, can contact the organization via the website (https://www.sustainablewallingford.org/), or by e-mail at firstname.lastname@example.org.
Updated May 25th 2018