GDPR Privacy Policy

MALMESBURY LEAGUE OF FRIENDS PRIVACY NOTICE

Malmesbury League of Friends (MLOF) is committed to delivering our obligations under the General Data Protection Regulations (GDPR) in the way we collect, record, process, store and dispose of personal data.
This Privacy Notice explains what we must do in relation to personal data, how to find out more and who to contact when necessary.
Our GDPR obligations: We comply with our obligations under GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect it.
Personal Data: In the course of being a trustee or member of MLOF, we may collect personal data from you, your name, home address, telephone numbers and, most likely, your email address. This is necessary, for trustees, to enable MLOF to communicate with you , respond to requests for financial support and to keep you updated on all relevant information on MLPOF matters.
Sharing personal data: MLOF will not share your personal data with anyone other than MLOF trustees or, where relevant, MLOF members, except in special circumstances, when you would be consulted to obtain your agreement.
Use of data: Personal data will be used to:
• Send details of requests to trustees for financial support, whether for individuals, third parties or organisations, charities and the Malmesbury Primary Care Centre (MPCC)
• Communicate information about, and developments within, MLOF.
• Administer MLOF records, such as payment of annual subscriptions.
• Communicate details of MLOF’s financial position.
Storage of Personal Data: Your personal data will be retained and stored, mainly in digital form on personal computers and laptops by other trustees (not members) in the course of you receiving information or requests for assistance and your responses, and for routine MLOF administration.
Retention, correction and removal of Personal Data: Unless required by law, your personal data will be held for no longer than 12 months after you cease to be a trustee or member of MLOF.
MLOF will note, at your request, any changes in your personal details.
Special categories
GDPR defines some special categories of personal data, such as genetic, biometric or your personal wellbeing. However, it is unlikely that this would apply to any MLOF trustees or members.
Access to your Personal Data: Only trustees, largely through e-mails and telephone numbers, will have access to your personal data.
No external individual, body, group or organisation will have access to your personal data.
However, it will be necessary to obtain agreement from the Chairman, Vice-chair, Secretary, Minutes secretary and Applications co-ordinator to reveal their e-mail addresses in the course of communicating responses to requests for financial assistance.
Your rights: Unless subject to an exemption under the GDPR, you have the following rights with respect of your personal data:
• To request a copy of the personal data held by MLOF
• To request that MLOF corrects your personal data held by it
• To request your personal data is erased when no longer necessary for it to be retained
• To withdraw your consent to the processing of your personal data at any time
• Where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing
• To object to the processing of your personal data
• To lodge a complaint with the Information Commissioner’s Office (ICO)
Legal basis
• Explicit consent. Explicit consent from data subjects so MLOF can keep them informed about relevant activities
• Legal obligation. Where processing is necessary for carrying out MLOF obligations under employment, social security or social protection law.
Children
If MLOF has need to communicate with or involve anyone under 18 in the course of receiving requests for financial support, specific consent from the parent or legal guardian will be sought.
Contact Details: The proposed contact for all matters relating to MLOF will be the Secretary.
Data Protection Officer
The MLOF Secretary, currently Wendy Harris, has agreed to be the Data Protection Officer to whom all queries should initially be addressed.