Somerford ARC Community Centre is committed to protecting and respecting your privacy and the personal data we retain.
This Privacy Notice explains how Somerford ARC Community Centre (Registered Charity No: 1156427) uses and protects information given to us by trustees, employees, volunteers, service users and users of our website.
Our Privacy Notice covers all activities and groups provided directly by our organisation. It does not cover activities provided by private hirers, requests for information held by private groups should be sought directly from them.
Any information held by us will only be used in accordance with this statement.
Our Contact Details
Name: Somerford ARC Community Centre
Address: 20 Southey Road, Christchurch, BH23 3EH
Telephone Number: 01202 470770
Email Address: info@somerfordarc.com
Data Protection Officer: Lauren Biggs
Legal Framework
Our policy complies with the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR).
Under the GDPR, we must have a legal basis for processing your personal information. Somerford ARC Community Centre processes your information for one of the following reasons:
Consent, the individual has given clear consent for you to process their data for a specific purpose.
Contract, the processing is necessary for a contract you have with the individual, because they have asked you to take specific steps before entering into a contract.
Legal obligation, the processing is necessary for you to comply with the law (not including contractual obligations).
Legitimate interests, the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)
Information we collect about you and how we use it
We collect the minimal amount of information necessary for the purpose of which it is needed, this includes:
Special personal information
Sensitive information, including physical or mental health details, are only collected when it is necessary for the safeguarding and wellbeing of our trustees, employees, volunteers and service users, while using our facilities.
Special personal data collected under the Somerford ARC Community Centre’s equality and diversity monitoring form is to help us ensure that there is no discrimination in the way we recruit and select applicants for positions only, this information is not shared with any third parties.
Why we collect personal information
Children
No data or images relating to a child under 18 will be processed, used, or stored without the consent of a parent or guardian.
Sharing of personal information
No information is collected from a third party or sold.
Your information is not shared with a third party, with the exception to emergency services if we have serious concerns regarding your health and safety, in these situations we will keep you informed.
If you do not provide personal information we need
Where we need to collect personal data by law, or under the terms of a contract you hold with Somerford ARC Community Centre, if you fail to provide the data necessary, you will receive notification that the contract process will cease.
Security and storage of personal data
Personal data will be kept in lockable filing cabinets in accordance with the Somerford ARC Community Centre data protection policy and confidentiality policy and is only accessible to the Office Staff or to those who are entitled to see it as part of their duties.
All reasonable steps are taken to ensure your personal information is managed and stored appropriately at all times.
How long we keep your personal information for
We will securely store your information for no longer than 2 years after you cease your involvement with our organisation in order to meet our legal obligations, and to make it easier for you if you come back to us in the future. After 2 years your personal information will be securely destroyed.
Individual rights
The UK GDPR provides the following rights for individuals:
The right to be informed, providing individuals with clear and concise information about what you do with their personal data. Articles 13 and 14 of the UK GDPR specify what individuals have the right to be informed about. We call this ‘privacy information’.
Access, you have the right to obtain a copy of the personal data we hold about you. This will help you understand how and why we are using your data, and check we are doing so lawfully.
Rectification, Under Article 16 of the UK GDPR individuals have the right to have inaccurate personal data rectified.
Erasure, Under Article 17 of the UK GDPR individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’.
Restriction of processing, Article 18 of the UK GDPR gives individuals the right to restrict the processing of their personal data in certain circumstances. This means that an individual can limit the way that an organisation uses their data.
Data Portability, the right to data portability gives individuals the right to receive personal data they have provided to a controller in a structured, commonly used and machine-readable format. It also gives them the right to request that a controller transmits this data directly to another controller.
The right to object, Article 21 of the UK GDPR gives individuals the right to object to the processing of their personal data at any time. This effectively allows individuals to stop or prevent you from processing their personal data. An objection may be in relation to all of the personal data you hold about an individual or only to certain information. It may also only relate to a particular purpose you are processing the data for.
If you wish to exercise any of these rights, please contact us using the contact information in this document.
CCTV operation
CCTV is in operation on the outer property for the security of our premises.
The images are held securely and only accessed when investigating an incident.
How to complain
If you believe that your data is not being used for the purpose for which it was collected, please contact our Data Compliance Officer and request a complaints form, using the contact information issued in this document.
Complaints to a regulator
You can also contact ICO if:
You should raise your complaints with ICO within three months of your last meaningful contact with our organisation.
https://ico.org.uk/make-a-complaint/data-protection-complaints/
helpline number: 0303 123 1113
This Privacy Notice was reviewed: 07-06-2022