Our core beliefs regarding user privacy and data protection
New Generation Community Trust and Blackfen Community Library is committed to safeguarding the privacy of our volunteers, guests and our website visitors; this policy sets out how we will treat your personal information.
- Your privacy as a user and protection of your data are human rights
- We have a duty of care to the people whose data we collect and process
- Data is a liability, it should only be collected and processed when absolutely necessary
- We will not send you spam
- We will never sell or rent your data, and will only distribute your data with our third party partners with your specific consent
- We collect data through our membership forms and volunteer application forms, permission slips and event registration. We do not take data from any third party.
Under data protection law, individuals have a right to be informed about how the Trust uses any personal data that we hold about them. We comply with this right by providing ‘privacy notices’ (sometimes called ‘fair processing notices’) to individuals where we are processing their personal data.
This privacy notice explains how we collect, store and use personal data about users.
We, New Generation Community Trust, 7-9 Blackfen Parade, Blackfen, DA15 9LU are the ‘data controller’ for the purposes of data protection law.
Our data protection officer is Paula Weston.
The personal data we hold
Personal data that we may collect, use, store and share (when appropriate) about you includes, but is not restricted to:
● Contact details, contact preferences, date of birth, identification documents
● Details of certain medical conditions such as food allergies
● Giving information (for Gift Aid)
● Safeguarding information
● Photographs and media
Why we use this data
We use this data to:
● Provide an appropriate membership system and process volunteers
● Administer events we organise
● Comply with legal obligations i.e. safeguarding training for volunteers
● Comply with Government requirements for Gift Aid
● Send out our newsletter. If you choose to join our mailing list you will receive a very low volume of emails from us and you may unsubscribe at any time
Legal Basis for using this data
We only collect and use your data:
- When the law allows us to. Most commonly, we process it:
- To administrate our membership system
- We need to comply with a legal obligation such as providing information to HMRC concerning Gift Aid donations
- Meet statutory requirements for training and DBS checks
- We have obtained consent to use it in a certain way
Some of the reasons listed above for collecting and using your personal data overlap, and there may be several grounds which justify our use of this data.
Collecting this information
While some of the information we collect about you can be provided voluntarily, there is some information that is a legal requirement (mandatory).
Whenever we seek to collect information from you, we will make it clear whether providing it is optional or mandatory.
Who will be using this personal data?
The data controller is New Generation Community Trust.
The data you provide will also be accessible to the supplier of our library management system. These suppliers have committed to handling data in accordance with the principles in the General Data Protection Regulations (GDPR) and the New Data Protection Act (2018) and will only do so to the extent that it is required to maintain the library management system.
We reserve the right to alter service delivery partners without prior notice. All service delivery partners meet the required standards for data protection and privacy.
How we store this data
We keep personal information about you while you are part of our membership and in attendance of groups/events. We may also keep it beyond your attendance if this is necessary in order to comply with our legal obligations. Our record retention schedule sets out how long we keep certain information. This is available upon request.
Requests should be made in writing to Paula Weston, who can be reached at firstname.lastname@example.org or New Generation Community Trust, 7-9 Blackfen Parade, Blackfen, DA15 9LU.
If you no longer wish to have membership you will need to request removal in writing
- Your right to erasure of your personal information – sometimes referred to as the “right to be forgotten”. There are some specific circumstances where the right to erasure does not apply and we can refuse to deal with a request for example, where we are under a legal obligation to process your personal information in order to perform a task in the public interest.
We do not share information about you with any third party without consent, unless the law allows us to do so.
Where it is legally required, or necessary (and it complies with data protection law) we may share personal information about you with:
●Our regulator [The Charity Commission]
●Suppliers and service providers – to enable them to provide the service we have contracted them for
●HM Revenue & Customs – for information about donations
Rights regarding personal data
Individuals have a right to make a ‘subject access request’ to gain access to personal information that the trust holds about them.
Parents/carers can make a request with respect to their child’s data where the child is not considered mature enough to understand their rights over their own data (usually under the age of 12), or where the child has provided consent.
If you make a subject access request, and if we do hold information about you or your child, we will:
●Give you a description of it
●Tell you why we are holding and processing it, and how long we will keep it for
●Explain where we got it from, if not from you or your child
●Tell you who it has been, or will be, shared with
●Let you know whether any automated decision-making is being applied to the data, and any consequences of this
●Give you a copy of the information in an intelligible form
Individuals also have the right for their personal information to be transmitted electronically to another organisation in certain circumstances.
Under data protection law, individuals have certain rights regarding how their personal data is used and kept safe, including the right to:
●Object to the use of personal data if it would cause, or is causing, damage or distress
●Prevent it being used to send direct marketing
●Object to decisions being taken by automated means (by a computer or machine, rather than by a person)
●In certain circumstances, have inaccurate personal data corrected, deleted or destroyed, or restrict processing
●Claim compensation for damages caused by a breach of the data protection regulations
To exercise any of these rights, please contact our data protection officer.
We take any complaints about our collection and use of personal information very seriously.
If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.
To make a complaint, please contact our data protection officer.
Alternatively, you can make a complaint to the Information Commissioner’s Office:
●Report a concern online at https://ico.org.uk/concerns/
●Call 0303 123 1113
●Or write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
If you have any questions, concerns or would like more information about anything mentioned in this privacy notice, please contact our data protection officer.