Privacy Policy
LGCA Privacy Statement: Our Commitment
Your privacy is important to Lyde Green Community Association (LGCA). We may need to collect information from you in order to tell you about our activities, events and services, and provide you with information relevant to life in Lyde Green. We may also need to provide you with information relevant to your membership of LGCA. If you are a customer or user of LydeGreen Community Centre, we may need to hold data about you for invoicing purposes, and as part of your hire agreement.
Types of information:
We may collect your contact details (e.g. name, email address) so that we can contact you. We may collect financial details so that we can make or receive payment from you for goods or services. We may collect anonymised information about diversity to help us monitor ouraccessibility. We may record CCTV images to ensure the safety of the centre and its users. Wemay collect information on employees and volunteers to ensure that we can meet our legal obligations to them.
Your Consent:
LGCA needs your consent to hold data about you. Any forms or documents that we need you to complete, manually or electronically, will ask for your consent and be clear about what the information will be used for if you choose to provide it. There will be some circumstances where we are only able to provide you with services if you consent to providing necessary information, for example, hire of the community centre.
Your right of access:
You have a right to ask LGCA what information we hold on you, and to ensure that it is accurate and up to date, and to have it rectified if it is not. We will regularly ask you if there have been any changes to your data so that we are able to keep information up to date. If you are concerned about what information we hold on you, or would like to update information that we hold on you, please contact LGCA’s secretary. We will process your request within one month.
Storing your data:
All physical data will be held securely in a locked cabinet in a non-public location, accessible only by trustees and designated employees of LGCA. All electronic data on fixed-base computers will be password protected. All electronic data held on portable devices (for example laptops and USB drives) will be password protected and encrypted. All trustees and staff will be supplied with data storage equipment and encryption software to ensure data security where personal or sensitive data is stored.
Disposal of data:
If we agree to your request to destroy your data, it will be confidentially destroyed in the case of physical data, or permanently erased in the case of electronic data. We will notify you in writing to confirm when and how it has been destroyed or permanently erased. We may not agree to disposal of certain data if we have a legitimate or legal need to retain it. Where there is a legal obligation to, we will keep a record of destruction of data.
Retention of personal data:
LGCA will not hold personal data longer than necessary. There are certain legal requirements or recommendations which mean that we will keep documents for a minimum period of time. External organisations may also keep information we lawfully provide for periods of time determined by them. Some of these documents may contain personal data.
These include:
|
Data Source |
Retention period |
Example |
|
Invoices (may contain customer personal information) |
Kept for 6 years from the end of the current financial year |
Hirer’s invoice |
|
Receipts (may contain customer/supplier personal information) |
Kept for 10 years. |
Customer receipt. |
|
HMRC records (may contain employee personal information) |
Kept for 6 years from the end of the current financial year |
P60 form. |
|
Trustee information (may contain personal trustees’ information) |
May be kept by the Charity Commission. |
Annual Return. |
|
Financial donor and GiftAid records (may contain donor’s personal information) |
Kept for 6 years from the end of the current financial year. |
GiftAid declaration. |
LGCA will store archived documents securely, and maintain a register of archived documents along with their planned destruction date. LGCA will review annually these retention periods to ensure that they remain within the law and recommended practice.
Sharing of data:
LGCA will not share your information with third parties, unless we are legally obliged to, or there is a risk of harm to you or another, for example, in a safeguarding situation. We may use a third party to collect or process your information, for example, an electronic mailing list provider.
Promoting a culture of data protection:
LGCA will have data protection as a standing agenda item at its ordinary meetings to ensure that any issues or concerns are addressed by trustees. All new trustees, as part of their induction, will be briefed on LGCA’s data protection arrangements. All staff and relevant volunteers, as part of their induction, will be briefed on LGCA’s data protection arrangements.