Reading at Work – Data Privacy Policy

 

 This Data Privacy Policy sets out your rights as a member or associate of Reading at Work, or as a visitor to our website, under the law, including General Data Protection Regulations.

  1. Your personal data – what is it?

1.1 Personal data relates to a living individual who can be identified from that data.  Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. Your privacy is protected by law, which says that we can use your personal information only if we have a proper reason to do so. The processing of personal data is governed by the General Data Protection Regulations (the “GDPR”).

  1. Who are we?

2.1 Reading at Work (“RatW”) is an independent ministry focusing on faith and work issues in the Reading area. RatW is not a body corporate or partnership.  The Treasurer is the data controller under GDPR and the Chair is the deputy. This means they decide how your personal data is processed and for what purposes.

2.2 RatW recognises the importance of protecting personal and confidential information in all that we do, and takes care to meet our legal duties. RatW puts in place all reasonable technical, security and procedural controls required to protect your personal information for the whole of its life, in whatever format we hold that information in.

  1. What sort of Personal Data does RatW collect?

3.1 RatW sets out below the main types of Personal Data that it collects.

3.2 RatW holds the names, employer name(s) and email addresses for individuals who have positively confirmed their willingness to be on our mailing lists.  Our mailing lists be use third party platforms (e.g. Mail Chimp) who may have their own Data Privacy Policies, which RatW are not responsible for.  Website links included in those emails may be tracked by RatW, providing data to RatW.

3.3 Where individuals financially support RatW, financial information may also be held by RatW supporting their financial gifts to RatW.  Our bank (currently Cooperative Bank PLC) will have its own Data Privacy Policy, which RatW is not responsible for.

3.4 Leaders of RatW – including Chair, Treasurer and Committee Members, will have their personal addresses held by RatW.

3.5 RatW website users – RatW may collect and store data, including for example site referral information, browsing patterns, technical information (e.g., browser type and version, downloads, and operating system), and general website use information through standard Internet protocols and logging.  The RatW website server hosts may obtain data relating to your use of the website under their own Data Privacy Policy, for which RatW is not responsible.

3.6 Other data not specifically identified above may be held by RatW as deemed necessarily under this Policy.

 

  1. How do we process your personal data?

4.1 RatW complies with its obligations under the GDPR:

  1. by keeping personal data up to date;
  2. by storing and destroying it securely;
  3. by not collecting or retaining excessive amounts of data;
  4. by protecting personal data from loss, misuse, unauthorised access and disclosure; and
  5. by ensuring that appropriate technical measures are in place to protect personal data.

4.2 We use your personal data for the following purposes under the objectives of RatW’s ministry:

  • To maintain our own accounts and records;
  • To inform you of news, events, activities, resources and other information about RatW and other relevant groups and organisations; and
  • To share your contact details with Leadership team so that they can keep in touch with you.

4.3 The data we process is likely to constitute sensitive personal data because, as a faith-based ministry, the fact that we process your data at all may be suggestive of your religious beliefs.

  1. What is the legal basis for processing your personal data?

5.1 The legal basis for processing personal data, as agreed by the RatW leadership team including its Chair and Treasurer, is legitimate interest.  A legitimate interest is when we have a valid reason to use your information, but this must not unfairly go against your rights or freedoms.  

5.2 Processing is necessary for carrying out the administration and management of the ministry of RatW.

  1. Sharing your personal data

6.1 We sometimes share your personal data with trusted third parties.  Your personal data will be treated as strictly confidential and will only be shared with third parties where in support of the mission of RatW. This will only be to connect you with an organisation and never be for commercial purposes of either Reading at Work or any other organisation.

6.2 Where your personal data is shared, you will be informed.  Your data will then also fall under the Data Privacy Policy of the other party, for which RatW does not hold responsibility.

6.3 Where we obtain personal data from a third party, we will inform you, and positively seek your consent to holding your data under our Data Privacy Policy.

6.4 RatW will not share its data with third parties based outside the United Kingdom (or therefore EEA) without explicit consent being obtained.  

  1. How long do we keep your personal data?

7.1 We will keep your personal information for no longer than reasonably necessary for running the RatW ministry.

7.2 We will keep some records permanently, such as minutes and annual reports and accounts, or if we are legally required to do so.  We may keep some other records for an extended period of time.  For example, it is current best practice to keep financial records for a minimum period of 7 years to support HMRC audits.

7.3 In general, we will endeavour to keep personal data only for as long as we need it and delete it when it is no longer needed.

  1. Your rights and your personal data

8.1 Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -

  1. The right to request a copy of the personal data which RatW holds about you;
  2. The right to request that the Treasurer in their role as Data Controller for RatW corrects any personal data if it is found to be inaccurate or out of date;
  3. The right to request that your personal data is erased where it is no longer necessary for RatW to retain such data;
  4. The right to withdraw your consent to the processing, where this has been specifically obtained, at any time;
  5. The right to request that RatW provides you, as the data subject, with your personal data and where possible, to transmit that data directly to another data controller by automated means (the right to data portability);
  6. The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  7. The right to object to the processing of personal data; and
  8. The right to lodge a complaint with the Information Commissioner’s Office.

8.2 When exercising any of the rights listed above, in order to process your request, we may need to verify your identity for your security.  In such cases we will need you to respond with proof of your identity before you can exercise these rights.

  1. Further processing

9.1 If we wish to use your personal data for a new purpose, not covered by this Data Privacy Policy, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.  Where and whenever necessary, we will seek your prior consent to the new processing.

  1. Contact Details

10.1 For further information, or to exercise all relevant rights, queries or complaints, please contact RatW via its Data Controller at the email address: This email address is being protected from spambots. You need JavaScript enabled to view it. .

10.2 You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

  1. Policy Publication

11.1 This Data Privacy Policy was produced and agreed by RatW in May 2018.  It is extent until it is superseded by a new Data Privacy Policy for RatW.

11.2 RatW will endeavour to publish a copy of this Data Privacy Policy on its website.

 

Data Controller & Treasurer

Reading at Work

May 2018