Under the terms of the General Data Protection Regulation, effective from 25th May 2018, we are required to prominently display our Privacy Statement and Policy and the manner in which we deal with your information. Here they are … please note these supersede all previous and will be reviewed regularly. Any queries should be directed in the first instance to email@example.com
Chance Glass Works Heritage Trust
PRIVACY STATEMENT & POLICY
We respect your privacy. Here’s how we do it.
Who we are and how to contact us
Chance Glass Works Heritage Trust Ltd.
E R Grove & Co
Coombs Wood Court
Steel Park Road
West Midlands B62 8BF
Registered Charity No: 1165643
Registered Company No: 9486233
telephone: 0121 663 1053: email: firstname.lastname@example.org
Our current personnel are listed under ‘The Trust’ on www.cgwht.org
What information do we collect about you, and why?
We collect personal data that you have consented for us to useas part of our promotional and marketing campaign in our efforts to develop the derelict site of Chance in Smethwick.
Email, and other forms of, communications may be sent to you on the understanding that you have consented to be informedabout CGWHT.
Our principal means of communication is by email and we do not yet generally undertake campaigns or information release by post or telephone. However, this may soon change as our plans progress, hence in addition to the essential email consent we may also seek consent to contact you via post or telephone.
We do not hold, nor do we seek, any information considered ‘sensitive’. This includes details such as your religion, sexuality, political leanings or health. An exception to the latter may be, for example, where you wish to volunteer and, of your own volition and with your express consent, you offer us information about, say, a physical disability that precludes you from undertaking certain tasks. So then we don’t embarrass you by asking.
Most of our supporters are adult and will appear on our general database but in the interests of child protection details of under-18s may be maintained in a separate section on the site, for no other reason than our communications can be moderated if necessary – albeit we cannot envisage any general instances where this would arise.
What we do with your information
We may wish to:
* keep you informed of developments at the site such as news and events.
* distribute communications including our in-house email bulletin The Flash or other material.
* inform you of developments in organisations with whom we work closely.
* send you a survey for market research purposes.
* send you promotional, marketing or fundraising information.
* advise you of other products, services or functions related to the work of CGWHT.
In addition, there are (where applicable) some membership and donation communications that we are required to send regardless of your contact preferences. These are essential communications, deemed necessary to fulfil our contractual obligations to you. This would include Direct Debit confirmations and advanced notices, thank you letters, member benefits and membership cards, renewal reminders, Gift Aid confirmation letters and querying returned mail or bounced Direct Debit payments with you.
We routinely review your information to ensure it is current and relevant. If these criteria no longer apply, the information is permanently deleted.
You may inspect the data held on you at any reasonable time and may also correct, amend or delete some or all of the information held. This will be at no fee unless the amount of requests you make is deemed ‘manifestly unreasonable or excessive’ in which case a reasonable charge may be made, depending on the amount of work required to answer your requests. We will always seek proof of your identity before revealing information to you. Access requests should be made in the first instance either to the address at the head of this statement or via email@example.com
If you do not wish your details to be held in this manner or do not wish to receive further information then send an email with ‘CGWHT Stop’ in the subject field, or otherwise contact the originator by other means as perour ‘header’, who will issue confirmation of deletion by return if practicable and in any case within 48 hours. A brief indication as to why you wish to unsubscribe, though not a requirement, would be appreciated.
Who we might we share your information with
Simple. We don’t. Under no circumstances whatsoeverwill such details be divulged to a third party, albeit they may already be in the public domain. This caveatexcludes provisions where we may be obliged to disclose under jeopardy of legal order or other such requirement.
How we keep your information secure
Your details, which extend no more than necessary to distribute material as described above, may be held on a secure electronic storage and retrieval system to which only the originator has access. It is password-protected by means of a ‘strong’ password in a combination of digits, lower-case and capital letters that is known only to the holder and information is not routinely transferred externally via data stick, disc or other device or means. It is backed up onto a password-protected external hard disc that is stored securely and never leaves the possession of the information holder at CGWHT.
Paper records, for example hard copy consent forms or business cards collected at an event, are scanned and then destroyed immediately thereafter. Telephone calls are not recorded. No information will be held outside the European Economic Area (EEA).
How long do you keep the information?
No longer than is necessary, in line with our retention policy, or until you tell us otherwise. All information held is checked regularly for content, accuracy and relevance. We review our email details, for instance, every time we send out a communication such as our email bulletin The Flash, or a news release, and the period of such review will, in any event, be no longer than 2 – 3 years.
We may contact you at some juncture to ascertain you still wish to receive our output and that your details are accurate. And, of course, you may request your information to be deleted completely at any time.
www.cgwht.orgis compiled and maintained on a philanthropic basis by Chance Glass Works Heritage Trust (CGWHT) together with contributions from its authorized associates. It has no other function than to promote the work of CGWHT in its aims and to disseminate information on its behalf.
For your security all communications through this site are protected by a valid Secure Sockets Layer (‘SSL’) certificate that can be viewed by clicking on the lock icon adjacent to our URL at the top of this page.
Contributions from external sources that may help increase the knowledge base or be of assistance in our aims can be made via firstname.lastname@example.org. Whilst all comments are welcomed and may be considered for publication either on this website or in other promotional output the CGWHT moderator reserves the right to remove any material that is deemed offensive or inappropriate. Submission does not necessarily imply acceptance or publication.
Opinions expressed by correspondents may not reflect those of CGWHT or its associates. Usual protocols regarding copyright apply.
Our website contains no confidential or restricted information and hence, subject to your own Data Protection protocols, CGWHT welcomes onward transmission to whomsoever it is felt may be interested in our work.
CGWHT will not utilise its website to approach or engage with third parties on any matters other than those pertaining to its aims and objectives as stated above. If you are approached by anyone purporting to be part of, or representing, CGWHT and are unsure of their authenticity then contact us direct for confirmation.
Our links pages may contain reference to other websites. Whilst every effort will be made to ensure the accuracy of our links, CGWHT accepts no responsibility for external website content and this Privacy Statement applies only to our organisation.
Changes to our policy
This Policy was last amended on 12th May 2018 and supersedes all previous.
Chance Glass Works Heritage Trust
INFORMATION HARVESTING & RETENTION POLICY
Under the provisions of the General Data Protection Regulation that comes into effect on 25thMay 2018, we are obliged to state our policy on data collection (‘information mining’) and retention. This document should be read in conjunction with our accompanying Privacy Statement
Scope and extent of data sought
We only seek information that is necessary to communicate the nature of our work to our supporters and allied organisations. This extends to no more than contact name, address, telephone number, email, and brief description eg ‘holds information’, willing to volunteer’ etc. We hold no sensitive personal information.
We are an organisation that relies principally – at present, solely – on electronic communications in the first instance but we recognize the possible future need for communicating with our supporters by telephone or post.
Method(s) of capture
In responding to enquiries we will henceforth routinely include in our response:
* details of our Privacy Statement on how we deal with information
* a ‘permissions and consent’ form for completion by the recipient, with a view to adding to our database.
We will not accept permissions and consents verbally – all will either be by electronic means or hard copy, recorded on our database as ‘E’ or ‘H’. Preferred methods of communication will also be shown as ‘email’, ‘phone’ or ‘post’. A ‘date of birth (if under 18)’ will assist our future compliance with any child protection issues that may arise. Our requirement for this feature will be reviewed periodically.
Electronic consents will be held by that database holder on a secure system as described in our Privacy Statement and accessible only by the database holder or his/her nominated deputy.
Hard copy consents will be scanned and the originals destroyed once the scanned copy has been checked.
Data obtained at outside events (eg fairs and shows) may be captured initially on hard copy using our standard form that will also usually include a signature of the data donor. It will then be transferred to our database and the hard copy destroyed.
Data entered directly into a database at such events, eg via a laptop computer, will be undertaken in the presence and view of the donor and a record kept of such entry and permissions.
Data collectors from CGWHT or those acting on its behalf will be fully appraised before any data is obtained at an event as to the need for security, ie:
* forms will not to be left unattended
* forms will not to pass to the hands of unauthorised third parties
* forms will not be left on open display with the possibility of others viewing them
* forms will be put into an envelope of cardboard folder which is marked CGWHT Only
* verification of electronic capture, where applicable, will be collated
* hard copy will be handed to the database controller for action as above a.s.a.p
It is common practise for data to be captured by participants being invited to offer their business cards into a collection, often in return for some form of prize or reward but almost inevitably as a means on obtaining contact details.
CGWHT does not routinely use this method but should it do so then clear and unambiguous signage will be placed on and around the collection point and potential donors will be given ‘adequate notice of intent’. This may be, for example, by stating as such on any admission ticket.
Each case will be judged on its merits and a decision taken by the Trustees as tobest practise, with such decisions being recorded openly in their meeting minutes.
Business Cards will be scanned in and destroyed securely once the scanned copy has been checked.
Other methods as yet unidentified or not routinely used
As above, each case will be judged on its merits and a decision taken by the Trustees as to best practise, with such decisions being recorded openly in their meeting minutes. The principle of honest and reasonable beliefas to compliance will be paramount.
All other communications than those described, for example responding to unsolicited letters and other communications, should be accompanied by a ‘permissions and responses’ request together with details of, or where to view, our Privacy Statement.
Retention of data
Our procedures for amending and reviewing data held on our database are clearly expressed in our Privacy Statement.In essence:
* we only seek such data as is necessary to fulfill our stated purpose
* we never divulge data to third parties
* data is reviewed ad hocon a regular basis
* data will be formally reviewed typically every 2 – 3 years
* we respect the ‘right to be forgotten’ and will remove data on request
* hard copy material will be destroyed once it has been scanned onto the system
* we do not record telephone calls
* we do not hold data outside of the EEA
* we do not contact supporters by sms (text)
* we do not knowingly use ‘cookies’
* data will be accessed and used only by the person with responsibility for its use or his/her nominated deputy
* our database and records are open to inspection at any reasonable time
* our database and records can be amended, updated or deleted by the data donor at any reasonable time
* data will not be sent outside of the organisation
* data will not be exchanged externally via USB pen, disc or other means.
Data will be removed from the computer system as soon as the data subject requests that they no longer wish to hear from the CGWHT or if they do not respond to an email asking them to confirm they wish to continue hearing from us.
Our agenda for the meeting of CGWHT Trustees will routinely include an item of update on data protection matters. In this way we can openly demonstrate we are self-monitoring our DP activity even if there is on occasions ‘nothing to report’.
Other than for minor or technical amendments, our database contributors will be kept informed of any changes to policy and procedure by means of our database information procedures, website updates and other promotional/communication material.
CGWHT will …
* act at all times in accordance with existing legislation and other provisions
* be pro-active in our compliance with data protection and allied requirements
* seek professional advice when required to assist us in our deliberations
* keep our supporters informed of all substantive changes to policies and procedures
* continue to demonstrate and promote its bona fidesin handling personal data
version 6 dated 12.7.18
12.7.16. Addition of SSL certificate, para 2 ‘Our website’.