Data Protection Policy: Difference between revisions
Jc4freegle (talk | contribs) |
(Small edits to align document to Disaffiliation Procedure etc.) |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 3: | Line 3: | ||
'''Policy aims :''' | '''Policy aims :''' | ||
* To maintain the trust of our membership by keeping data safe | * To maintain the trust of our membership by keeping data safe. | ||
* To comply with all UK laws on Data Protection | * To comply with all UK laws on Data Protection | ||
* To be open about all of the data we have associated to members, allowing them to ensure it is accurate. | * To be open about all of the data we have associated to members, allowing them to ensure it is accurate. | ||
Line 12: | Line 12: | ||
'''Scope of Personal Data held''' - Freegle will aim to minimise the amount of data it keeps to only that necessary to deliver the services to members. | '''Scope of Personal Data held''' - Freegle will aim to minimise the amount of data it keeps to only that necessary to deliver the services to members. | ||
'''Use of Data''' - Freegle will only use members personal data to help aid the purpose of furthering to stated [[Freegle Aims|aims]] of Freegle in the communities it serves | '''Use of Data''' - Freegle will only use members' personal data to help aid the purpose of furthering to stated [[Freegle Aims|aims]] of Freegle in the communities it serves. | ||
'''Allowing Members Access to Data''' - Freegle will allow its members to see all the personal data (and other associated data if possible) we have on the Freegle system directly from the system. In addition members may request other data Freegle may have about, such as correspondence with volunteers, via a Subject Access Request made to DPO@ilovefreegle.org | '''Allowing Members Access to Data''' - Freegle will allow its members to see all the personal data (and other associated data if possible) we have on the Freegle system directly from the system. In addition members may request other data Freegle may have about, such as correspondence with volunteers, via a Subject Access Request made to DPO@ilovefreegle.org | ||
Line 19: | Line 19: | ||
'''Data Retention''' - Freegle will maintain data for the period of membership, and up to 6 months after membership has ceased as part of our anti-SPAM measures. However, during these 6 months these details will not be visible. Should members wish to have their data removed immediately this can be arranged via the Data Protection Officer DPO@ilovefreegle.org <br> | '''Data Retention''' - Freegle will maintain data for the period of membership, and up to 6 months after membership has ceased as part of our anti-SPAM measures. However, during these 6 months these details will not be visible. Should members wish to have their data removed immediately this can be arranged via the Data Protection Officer DPO@ilovefreegle.org <br> | ||
Freegle Volunteers who correspond with others in relation to Freegle and its activities are advised to do so via the Freegle Direct system if possible. Freegle policy on correspondence outside of the FD system is also subject to a 6 month retention period unless the volunteer obtains consent from the correspondent that they may keep the information for an agreed longer period. | Freegle Volunteers who correspond with others in relation to Freegle and its activities are advised to do so via the Freegle Direct system if possible. Freegle policy on correspondence outside of the FD system is also subject to a 6 month retention period unless the volunteer obtains consent from the correspondent that they may keep the information for an agreed longer period. Volunteers who leave the Freegle platform are subject to the same consent expectations. | ||
'''Storing Data Securely''' - Freegle will use industry standard techniques (e.g. access restriction, encryption, taking backups etc) to ensure that data we hold will be kept safe from unauthorised access or loss on its system. We also advise all volunteers who store personal information to keep it secure with access limited to known individuals, . | '''Storing Data Securely''' - Freegle will use industry standard techniques (e.g. access restriction, encryption, taking backups etc) to ensure that data we hold will be kept safe from unauthorised access or loss on its system. We also advise all volunteers who store personal information to keep it secure with access limited to known individuals, . | ||
Line 36: | Line 37: | ||
[[category: Data Protection]] | [[category: Data Protection]] | ||
[[category:Policies, Procedures, Remits]] |
Latest revision as of 12:57, 17 June 2024
Personal Data Protection Policy
Policy aims :
- To maintain the trust of our membership by keeping data safe.
- To comply with all UK laws on Data Protection
- To be open about all of the data we have associated to members, allowing them to ensure it is accurate.
Definition of Personal Data - Any data that separately or in combination with other elements may identify a living individual.
Scope of Personal Data held - Freegle will aim to minimise the amount of data it keeps to only that necessary to deliver the services to members.
Use of Data - Freegle will only use members' personal data to help aid the purpose of furthering to stated aims of Freegle in the communities it serves.
Allowing Members Access to Data - Freegle will allow its members to see all the personal data (and other associated data if possible) we have on the Freegle system directly from the system. In addition members may request other data Freegle may have about, such as correspondence with volunteers, via a Subject Access Request made to DPO@ilovefreegle.org
Age Restrictions - We will not maintain children's personal data, as we would then require some way to ensure that guardians consented to this. The definition of children in this respect is taken as 13 years old.
Data Retention - Freegle will maintain data for the period of membership, and up to 6 months after membership has ceased as part of our anti-SPAM measures. However, during these 6 months these details will not be visible. Should members wish to have their data removed immediately this can be arranged via the Data Protection Officer DPO@ilovefreegle.org
Freegle Volunteers who correspond with others in relation to Freegle and its activities are advised to do so via the Freegle Direct system if possible. Freegle policy on correspondence outside of the FD system is also subject to a 6 month retention period unless the volunteer obtains consent from the correspondent that they may keep the information for an agreed longer period. Volunteers who leave the Freegle platform are subject to the same consent expectations.
Storing Data Securely - Freegle will use industry standard techniques (e.g. access restriction, encryption, taking backups etc) to ensure that data we hold will be kept safe from unauthorised access or loss on its system. We also advise all volunteers who store personal information to keep it secure with access limited to known individuals, .
Notification of Data Breaches - Freegle will notify the relevant authorities of any data breach it detects. Unless there is an important reason, such as to aid law enforcement, Freegle will inform all individuals impacted by any breach and the membership in general on the details of the breach.
Data Protection Officer - due to the nature of Freegle we are not legally obliged to have a Data Protection Officer [DPO]. However, we have a volunteer who undertakes this role who can be reached via email at DPO@ilovefreegle.org
Useful Links
- Data Use & Protection - Detail of Freegle's use and protection of Personal Data
- Data Protection Guidelines - Guidelines for Volunteers
- Data Protection Compliance - Volunteer Task list - Ongoing and completed tasks
- Spam - further explanation to counter accusations that we spam!
- Basic Information
- Admin