Keeping your information safe
General
The Trust has developed a Policy that protects data according to the requirements of the General Data Protection Regulations (GDPR). The purpose of this Notice is to summarise the Policy and to describe a means of access.
The Trust keeps personal data on Beneficiaries, Supporters and Trustees. The Policy sets out to ensure the confidentiality of personal data supplied to it and to protect the Trust from reputational damage if that information were to be accessed without proper authorisation.
The principles of the Policy are in accordance with Schedule 1 of the GDPR and ensure that the data:
- be processed fairly and lawfully;
- only be used for specified and lawful purposes and shall not be used in any manner incompatible with those purposes;
- be adequate, relevant and not excessive;
- be accurate and, where necessary, kept up to date;
- not be kept any longer than is necessary;
- be used in accordance with the rights of the individuals to whom it relates;
- be protected against unauthorised use, theft, accidental loss, destruction or damage by the use of appropriate technical and organisational measures;
- not be transferred to a country or territory which does not have an adequate level of legal protection for the rights of individuals in relation to the processing of their personal data.
The Trust also fully endorses the Individuals’ Rights as detailed in the General Data Protection Legislation. Specifically, this grants individuals the following rights:
- the right to be informed (fair processing of information, privacy notices, transparency);
- the right of access (confirmation/access to personal data);
- the right to rectification (must respond within 30 days);
- the right to erasure (can request deletion (certain circumstances));
- the right to restrict processing (may store data but not process it);
- the right to data portability (individuals may obtain/reuse their data across different services);
- the right to object (profiling; direct marketing; scientific/historical research and statistics);
- rights in relation to automated decision making and profiling (significant effect without human intervention).
Access to Personal data
Beneficiaries, Supporters and Trustees wishing to access their personal data for any of the aforementioned purposes should contact the Trust’s Data Controller via the Clerk to The Worshipful Company of Water Conservators.
email – clerk@waterconservators.org
Phone – 07932 64902