DELTA PRIVACY STATEMENT AND DATA PROTECTION POLICY
We will process and handle any information you provide using this website in accordance with the General Data Protection Act 2018.
By using this website to provide personal information you agree to us making your personal information available, when appropriate, to a limited number of employees and trustees of DELTA (deaf Education through Listening and Talking) and select volunteers engaged in database work, subject always to compliance with the General Data Protection Act 2018.
We will use any personal information you provide for the purpose of providing services to you and your family and furthering the stated aims of the charity. We will look after and use your data with care and we will never sell or share it unless required by law or without your permission. You can read our Data Protection Policy (below) which details what you can expect from us and how we collect and manage information you might provide to us. You can choose to change the way we communicate with you by contacting firstname.lastname@example.org or phoning 07539 052072 and asking to speak with our Charity Officer.
You can opt out of receiving any communication from us at any time and we will respect your wishes. You have the right to request information we hold about you after providing appropriate proof of identity. Email email@example.com or phone 07539 052072 and ask to speak with our Data Protection Officer (Katrina Alcock, Charity Officer).
See the Data Protection Policy (below) for more information.
Data Protection Policy
How we will use, store and protect your personal information
For the purposes of this policy, “personal information” covers any data that enables us to identify you as an individual such as your name and email address. When you supply information to us, we are legally obliged by the General Data Protection Act 2018 (see below) to ensure that we only use any information you have provided for the purpose for which it was requested, and to ensure that we keep/store the data securely. We will never pass your details onto a third party without gaining prior consent. However, if required to do so by law, we may be required to disclose information about you. Sometimes we may ask to share personal information regarding you, your family and your child in order to offer you the best support available from a range of agencies. We will only do this if you have given your prior consent.
The General Data Protection Act 2018
The General Data Protection Act 2018 sets out what can and what cannot be done with personal data that is information about living individuals. DELTA is placed under a legal obligation to comply with the provisions of this Act and is committed to a policy of protecting the rights and freedoms of individuals with respect to giving them a choice at to how their personal data is processed, used and stored. Commitment to the protection of personal information In order to function properly, DELTA needs to collect and use certain types of information about staff, service beneficiaries and other individuals who come into contact with the charity in order to operate effectively. In addition, it is required by law to collect and use certain types of information to comply with the requirements of government departments – different LEAs, statutory and nonstatutory funders and other bodies. This personal information must be dealt with properly however it is collected, recorded and used, and there are safeguards to ensure this in the General Data Protection Act 2018. DELTA regards the lawful and correct treatment of personal information as very important to the successful and efficient performance of its functions and to maintaining confidence between those with whom we deal and ourselves. We ensure that DELTA treats personal information lawfully and fairly.
Scope of the policy
The General Data Protection Act applies to electronic and paper records held in structured filing systems containing personal data, meaning data which relates to living individuals who can be identified from the data. This includes any expression of opinion about an individual and intentions towards an individual. It also applies to personal data held visually in photographs or video clips (including CCTV) or as sound recordings. DELTA collects personal data every year. This policy will be updated as necessary to reflect best practice in data management, security and control and to ensure compliance with any changes or amendments made to the General Data Protection Act 2018.
The principles of the policy
The principles may be summarised as follows, and are intended to make sure that the personal information of “data subjects” (the people about whom information is held) is handled properly. Under the principles, data must be:
• fairly and lawfully processed
• processed for limited purposes
• adequate, relevant and not excessive
• not kept for longer than is necessary
• processed in line with the rights of data subjects
• not transferred to countries that are not able to ensure an adequate level of data protection
• Individuals will have the following rights:
– right of access (to see what is being held about them)
– right to rectify (to be able to correct any incorrect information)
– right of erasure (to have their details removed
– DELTA only keeps data we are legally obliged to keep – for example for financial or Gift Aid purposes
– right to restrict processing (but not delete) i.e. individuals may choose what and how they would like information
– right of portability (to have their data transferred to another organisation if they wish)
– right to object to their data being held
– right not to be profiled for wealth screening or any other enhancement of data already held
Data Protection standards
DELTA will, through appropriate management and adherence to agreed procedures:
• Individuals who have not given permission to be contacted after 25 May 2018 may be contacted if there is a legitimate interest to do so and in doing so DELTA will adhere to the Information Commissioner’s Office (ICO) published information and guidelines.
• observe fully the conditions regarding the fair collection and use of information
• meet legal obligations to specify the purposes for which information is used
• collect and process appropriate information, and only to the extent that it is needed to fulfil operational needs or comply with legal requirements
• make reasonable efforts to ensure the quality of information used
• apply checks to determine the length of time various types of information are held
• ensure that the rights of data subjects can be fully exercised under the Act, with reference to currently available guidance and good practice available from the Information Commissioner’s Office and The Institute of Fundraising
• take reasonable and appropriate measures to safeguard personal information
• ensure that personal information is not transferred abroad without appropriate safeguards
• treat people justly and fairly whatever their age, religion, disability, gender, sexual orientation or ethnicity when dealing with requests for information
• use secure methods for communication containing sensitive information, particularly where an individual can be identified – all key education staff are registered on a secure website through NHS.net
At DELTA, the Board of Trustees we will ensure that:
• individuals can contact DELTA’s Data Protection Officer who is responsible for GDPR (contact details below)
• this Privacy Notice and Data Protection Policy will be available to view/download at DELTA’s website and written in plain English
• DELTA’s data registration with the Information Commissioner is kept up to date
• appropriate terms and conditions about managing and handling personal information are included in staff contracts of employment
• guidance and training is made available to staff about Data Protection issues; using for instance, training materials produced by the Information Commissioner
This website is a secure website (as indicated by its web address beginning with https:// and active SSL certificate). This means that any information you send using a form on this website is encrypted before being sent from your device (computer, tablet, smartphone or other web-enabled device) over the Internet to this website’s server, so the information is transmitted securely.
To handle online payments for this website, we may need to share your information with our service providers, associated organisations and agents. This website currently uses CAF Online (https://www.cafonline.org/) to ensure your financial information is processed efficiently, securely and cost-effectively. We cannot, however, be held responsible for the privacy of personal information collected by these companies.
How you can access the information we hold about you
As an individual you have the right to request any information we hold about you after providing appropriate proof of identity. You must give written notification of the request (see contact details below), provide proof of identity and make a payment of £10. We will then respond within 40 days.
Data Protection Contact Details
Data Protection Officer – Katrina Alcock
Organisation name: DELTA
Registered office: 83 Sherwin Road, Nottingham, NG7 2FB
Telephone 07539 052072