Turn the Tide Teignbridge CIC Privacy/data policy
1. Introduction
a. To ensure that we communicate with our members and supporters through their preferred channels, and to enable us to share updates about our work, we need to collect different types of information, including personal data. We understand the trust that our members and supporters place in us when sharing their data, and we will always do our utmost to respect that trust and protect their personal information. This policy governs the way we use, maintain and disclose information collected from individuals through our website, or via social media interactions, email communications or written/paper forms or communications.
2. Who we are
a. Turn the Tide Teignbridge (TtTT) is a CIC registered in England, number 14415357. It is a data controller and processor of your information under the conditions of the Data Protection Act 2018, the UK’s legislation implementing The General Data Protection Regulation (GDPR).
b. TtTT is committed to respecting privacy of all contacts of TtTT in all its communications.
c. Contact information - TtTT’s directors are ultimately responsible for safeguarding your personal data. Should you have any question over the use of your data or require clarification of this policy please email us at info@turnthetidefestical.uk.
3. Legal bases for collecting personal data
a. To be compliant with the Data Protection Act 2018, we need to have a legal basis for holding and processing your data. In almost all cases, our processing of your personal information will fall into one of the following categories:
i. Where you have provided your consent to allow us to use your data in a certain way.
ii. Where it is in our legitimate interest to contact you in order to carry out our activities. Where we rely on a legitimate interest to use your information, we will always ensure that this is done in a way so as not to be intrusive or cause distress, and that respects your rights.
iii. Where it is necessary for us to process your data in order to carry out the performance of a contract with you.
b. Automated use of data is limited to directing appropriate communications to specific groups of individuals, depending on your relationship with us. For example, if you are a volunteer, we may need to contact you with information that is relevant to you.
4. What personal data we collect and why we collect it
a. The personal information we collect is limited to name, email, phone number, address, business/occupation, status (e.g. volunteer, business, performer etc.), and any comments you may have made online or on paper. We do not collect other, potentially more sensitive, information unless you have volunteered it in order to assist the way we in which communicate with you.
b. The details you provide may be processed through Mailchimp, or similar mailing software which is GDPR compliant.
c. Cookies – website visitors may opt in to save data in cookies. These are used for website traffic analysis and TtTT does not have access to such data that might identify you personally.
5. Who we share your data with
a. We use trusted companies, like the software platforms stated elsewhere in this policy to administer your data, in which case they will use your details only for that purpose. Some of these services are situated outside the UK but they comply with UK data protection regulations.
b. Subject to the above, or unless we obtain your specific consent, we will never share your information with third parties, unless obliged to do so under UK law.
6. Security
a. TtTT shall retain your personal data in accordance with all applicable laws. Your personal data may be stored on one or more computers directly maintained by TtTT. Although TtTT cannot guarantee that any loss, misuse or alteration of data will not occur, our best endeavours are made to prevent such occurrences. Information will be regularly assessed for updating, disposal or for renewal of your consent.
b. Only authorised TtTT members are allowed to use your personal information when it is necessary to perform their work.
7. How long we retain your data
a. TtTT we will retain your information until you ask us to delete it. You can opt of emails by following the link in the emails we send or by emailing us at: info@turnthetidefestival.uk.
8. What rights you have over your data
a. In addition to the right to edit and delete your data, as detailed above, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. TtTT will record the request has been made and will respond within one calendar month.
b. Right to restrict processing: individuals have the right to request the restriction or suppression of their personal data held by TtTT. They can make this request in writing or verbally. TtTT will record the request has been made and will respond within one calendar month.
c. Right to withdraw consent and erase personal information: individuals have the right to withdraw consent for TtTT to use their personal data and for it to be erased. They can make this request in writing or verbally. TtTT will record the request has been made and will respond within one calendar month.
9. What we do in the event of a personal information data breach:
a. If a personal data breach has occurred, which poses a risk to a person’s rights and freedoms we will notify the Information Commissioner’s Office within 72 hours. If it is not likely to pose a risk to the individual’s rights and freedoms we will document the breach and notify the individual/s concerned.
b. Complaints - if you are unhappy with the way TtTT has processed your personal data you can complain to:
Information Commissioner’s Office, Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Tel: 03030123113 (local rate) or 01625 545 745 (national rate) Email: registration@ico.org.uk