Privacy Policy

                                                                      INTRODUCTION 


Welcome to the privacy notice for Syke Community Base. We respect your privacy and are committed to protecting your personal information (personal data). This privacy notice lets you know how we look after your personal data which either you provide to us or we obtain and hold about you and it tells you about your privacy rights and how the law protects you. This privacy is set out in a layered format so you can skip through to the specific areas that you may be interested in. These are set out below. Please also use the Glossary to understand the meaning of some of the terms used in this privacy notice.


1. IMPORTANT INFORMATION AND WHO WE ARE 

2. THE DATA WE COLLECT ABOUT YOU 

3. HOW YOUR PERSONAL DATA IS COLLECTED 

4. HOW WE USE YOUR PERSONAL DATA 

5. DISCLOSURES OF YOUR PERSONAL DATA 

6. DATA SECURITY 

7. DATA RETENTION 

8. YOUR LEGAL RIGHTS 


1. IMPORTANT INFORMATION AND WHO WE ARE 

This privacy notice aims to give you information on how Syke Community Base collect and process your personal data which either you provide to us or we obtain and hold about you including any data you may provide when you become a member of a group, volunteer or attend one off activities and events.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or dealing with personal dataabout you (e.g. website privacy notices and employment privacy notices) so that you are fully aware of how and why we are using your data. 

Trustees of Syke Community Base are the controller and responsible for general data protection issues arising in respect of day to day matters such as lists of members, third party users of premises, safeguarding and complaints and discipline issues. When we mention the controller we mean the relevant controller. 

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the relevant contact using the details set out below:


Syke Community Base Board of Trustees

Syke Methodist Church

Syke Road, OL12 9TF

Telephone: 01706 346666

Email: sasp@btconnect.com


We have the right to update and amend the provisions of this notice to ensure continual compliance with data protection legislation. We will provide you with copies of the new notice wherever it is practically possible to do so but please check the online or locally displayed hardcopy notice regularly to see if any updates have been made. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with the Syke Community Base.


2. THE DATA WE COLLECT ABOUT YOU 

Personal data, or personal information, means any information about a living individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We have grouped the different kinds of personal data together as follows:

  • Administrative Data: Details      about you included in lists of room bookings; invoices; supplier and      contractor details; catering records and back-up files e.g. something that      you said in a Meeting that could identify you.
  • Transaction Data: includes      details about payments to and from you and other details of your room      hire, licence agreement or rental agreements that you enter into with us      relating to our premises
  • Image Data: includes photographs      taken of you where it is possible to identify you and images of you caught      by any CCTV or similar devices on the premises.
  • Contact Data: includes      home address, email address and telephone numbers e.g. information used to      contact you.
  • Identity Data:      includes first name, maiden name, last name, username or similar      identifier, marital status, title, date of birth and gender.
  • Member      and Group Data: includes details of      membership to any groups or activities held at Syke Community Base      including attendance information (e.g. session registers).
  • Parental      Contact Data: includes details of      parents (e.g. on parent contact forms).
  • Special Categories of Data: includes your race or ethnicity, your religious beliefs, sex      life, sexual orientation, information about your health, also information      about criminal convictions and offences in keeping with the Safeguarding      Policy of the Methodist Church in Great Britain.
  • Employment Data: includes employment history, training records, pension      information, details about next of kin and other details relating to your      employment.
  • Financial Data:     includes bank account and payment card details.
  • Tax Data: includes national      insurance numbers and other information that may be required by HMRC      relating to gift aid donations and other tax related payments and      receipts.

3. HOW YOUR PERSONAL DATA IS COLLECTED 

Syke Community Base collects data using only one method known as direct exchanges. This means you may choose to provide personal information to us direct e.g. by speaking to us at group sessions, activities and one off events, by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you: 

  • join and take part in groups/ events
  • apply for paid or voluntary roles within Syke Community Base.
  • enter into property contracts
  • with us such as agreed room hire  including booking forms


4. HOW WE USE YOUR PERSONAL DATA 

Syke Community Base takes its obligations under data protection law (including the General Data Protection Regulation (GDPR)) seriously. We ensure that personal data is processed in accordance with the principles of the GDPR and is processed:

  • Lawfully, fairly and in a transparent      manner;
  • For specified, explicit and legitimate      purposes and not processed in a manner which is incompatible with those      purposes;
  • Accurately, relevantly and limited to      what is necessary in relation to the purposes for which it is processed;
  • Kept accurate and where necessary kept      up to date, with all reasonable steps being taken to ensure that all      inaccurate data is erased or rectified without delay;
  • Is not kept longer than is necessary for      the purposes for which the personal data is processed; and
  • In a manner that ensures appropriate      security of the Personal Data including protection against unauthorised or      unlawful processing and against accidental loss, destruction or damage by      using appropriate technical and organisational measures.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose 


5. DISCLOSURES OF YOUR PERSONAL DATA 

We treat all personal data as strictly confidential, except where consent has been provided for it to appear in publications available to general members of the public.

Personal data will not be shared with third parties, other than those listed below unless we are legally obliged to do so or:

  • with your explicit consent;
  • it is necessary for law enforcement purposes; or
  • it is necessary to protect our rights, property or safety of our members, volunteers or staff.

We may have to share your personal data with the parties set out below:

  • Professional  advisers including lawyers, surveyors, bankers, auditors and insurers      based in the UK who provide legal, surveying, consultancy, banking, insurance and accounting services.
  • HM Revenue & Customs, regulators and other authorities based in the United      Kingdom who require reporting of processing activities in certain      circumstances.

We will ask all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow third-parties to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions and we will not sell, distribute or lease your personal information to third parties without your permission unless we are required by law to do so. 


6. DATA SECURITY 

We implement reasonable and appropriate security measures against unlawful or unauthorised processing of personal data and against the accidental loss of, or damage to, personal data in accordance with our internal data security policy. In addition, we limit access to your personal data to those members, volunteers, employees who have a need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

7. DATA RETENTION 

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.


8. YOUR LEGAL RIGHTS 

Unless personal data is subject to an exemption under GDPR, such as it is subject to the prevention, investigation, detection or prosecution of a criminal offence, you have the following rights with regards to your personal data:

  • Where consent is used as the      legal basis for processing personal data, you have the right to      withdraw consent to the data processing at any time. However, this      will not affect the lawfulness of any processing carried out before you      withdraw your consent or processing carried out using an alternative legal      basis such as performance of a contract or legal obligation;
  • The right to request a copy of      the personal data which the Syke Community Base hold about you (commonly      known as a “data subject access request”). This enables you to receive a      copy of the personal data we hold about you and to check that we are      lawfully processing it.
  • The right to request that Syke Community      Base corrects any Personal Data which is found to be inaccurate.      Note that we may need to verify the accuracy of the new data you provide      to us;
  • The right to request that Syke Community      Base erases any Personal Data where there is no good reason for us      continuing to process it. Note, however, that we may not always be able to      comply with your request of erasure for specific legal reasons which will      be notified to you, if applicable, at the time of your request
  • Where consent or the performance of a  contract is used as the legal basis for processing Personal Data, you have  the right to request the transfer of your personal data to you or   to a third party. We will provide to you, or a third party you have  chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated   information which you initially provided consent for us to use or where we  used the information to perform a contract with you and this right is  unlikely to apply to personal data held by us.
  • The right to request for a restriction  on data processing. This enables you to ask us to suspend the processing  of your personal data in the following scenarios: (a) if you want us to  establish the data’s accuracy; (b) where our use of the data is unlawful  but you do not want us to erase it; (c) where you need us to hold the data      even if we no longer require it as you need it to establish, exercise or  defend legal claims; or (d) you have objected to our use of your data but      we need to verify whether we have overriding legitimate grounds to use      it.;
  • Where legitimate interest is used as the      legal basis for processing Personal Data, you have the right to object to      the processing of personal data where there is something about your      particular situation which makes you want to object to processing on this      ground as you feel it impacts on your fundamental rights and freedoms.      Note that in some cases, we may demonstrate that we have compelling      legitimate grounds to process your information which override your rights      and freedoms;
  • The right to lodge a complaint with the Information Commissioners Office (ICO).


Contacting the ICO

Further information, guidance and advice is available from the ICO at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 0303 123 1113
Web: https://ico.org.uk/global/contact-us