Data Protection Policy

From Freegle Wiki
Revision as of 15:34, 5 December 2021 by Jacky (talk | contribs) (→‎Useful Links)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Personal Data Protection Policy

Policy aims :

  • To maintain the trust of our membership by keeping data safe and only using it as members would expect
  • To comply with all UK laws on Data Protection
  • To be open about all of the data we have associated to members, allowing them to ensure it is accurate.


Definition of Personal Data - Any data that separately or in combination with other elements may identify a living individual.

Scope of Personal Data held - Freegle will aim to minimise the amount of data it keeps to only that necessary to deliver the services to members.

Use of Data - Freegle will only use members' personal data to help aid the purpose of furthering to stated aims of Freegle in the communities it serves. These are the reuse of materials and sharing local charity events and volunteer opportunities.

Allowing Members Access to Data - Freegle will allow its members to see all the personal data (and other associated data if possible) we have on the Freegle system directly from the system. In addition members may request other data Freegle may have about, such as correspondence with volunteers, via a Subject Access Request made to DPO@ilovefreegle.org

Age Restrictions - We will not maintain children's personal data, as we would then require some way to ensure that guardians consented to this. The definition of children in this respect is taken as 13 years old.

Data Retention - Freegle will maintain data for the period of membership, and up to 6 months after membership has ceased as part of our anti-SPAM measures. However, during these 6 months these details will not be visible. Should members wish to have their data removed immediately this can be arranged via the Data Protection Officer DPO@ilovefreegle.org
Freegle Volunteers who correspond with others in relation to Freegle and its activities are advised to do so via the Freegle Direct system if possible. Freegle policy on correspondence outside of the FD system is also subject to a 6 month retention period unless the volunteer obtains consent from the correspondent that they may keep the information for an agreed longer period.

Storing Data Securely - Freegle will use industry standard techniques (e.g. access restriction, encryption, taking backups etc) to ensure that data we hold will be kept safe from unauthorised access or loss on its system. We also advise all volunteers who store personal information to keep it secure with access limited to known individuals, .

Notification of Data Breaches - Freegle will notify the relevant authorities of any data breach it detects. Unless there is an important reason, such as to aid law enforcement, Freegle will inform all individuals impacted by any breach and the membership in general on the details of the breach.

Data Protection Officer - due to the nature of Freegle we are not legally obliged to have a Data Protection Officer [DPO]. However, we have a volunteer who undertakes this role who can be reached via email at DPO@ilovefreegle.org

Useful Links