GDPR and data protection – privacy policy

General Data Protection Regulations (GDPR)

London Road LAT policy statement

23rd May 2018

Your Personal data

London Road LAT is a volunteer-run community group and will treat your personal data in a legal and responsible way.

London Road LAT holds personal data. This data is limited to

(a) your name

(b) your email address

(c) in the case of a service provider or Council Officer we may have a record of the department that you represent.

(d) In addition to this, minutes of public meetings are posted online – these may include your name and opinions expressed in the public meeting

There is NO storage or processing of “sensitive data” e.g. ethnicity.

Security of your data

The mailing data is held on a “mailchimp” server secured by username and password accessible only to the Elected Officers of the London Road Area LAT. Mailchimp is an automated system that is GDPR compliant and provides GDPR compliant tools and services. (https://blog.mailchimp.com/gdpr-forms-and-more-tools/)

The minutes on the website are posted and edited by username and password available only to Elected Officers of the London Road Area LAT.

Paper records are either destroyed or kept in a folder in a locked location.

Legal basis for holding the information

(a) legitimate activity of the group – we exist to bring together local groups including

1. residents,

2. traders,

3. service providers,

4. mandated representatives of other local groups

5. Councillors,

6. Police,

7. Council Officers.

If you are in groups 5,6,7 and an email address has been made publicly available (e.g. Ward Councillors) and it is understood that your consent is not specifically required to use this email address.

It is assumed that people will generally wish to maintain a long-term interest in London Road, which is still developing and changing. There is therefore no time limit at which any email addresses will be automatically removed.

(b) explicit informed consent.

Your consent must be “freely given, specific, informed and unambiguous”. The mailing list is made up of

1. those who have signed up on a paper form for “minutes, agendas and occasional information” (as per the top of each mail-out). The records of attendance and “opt-in” are kept in a folder in a locked room.

2. those who have subscribed themselves via the London Road Area LAT website. Mailchimp will keep an audit trail recording the time at which they did so.

The mailing list is not used for any other purpose, nor accessible to any third party.

Removal of data, and withdrawal from the mailing list

The simplest way to have your data removed is to click on the “unsubscribe” link at the bottom of any of the LAT mailings that were generated by mailchimp. Alternatively contact the data protection officer.

Data breach.

In the unlikely event of a data breach we will tell you as soon as possible.

Review

This policy is subject to review and improvement.

London Road Area LAT

http://www.londonroadlat.wordpress.com

23/5/2018

Advertisements