Your Data

Data Privacy Statement

Rotary Club of Hart Privacy Policy for Hart Voluntary Action Day and Hart Mental Health services

The Rotary Club of Hart Trust (“we”) promise to respect the confidentiality of any personal data you share with us to keep it safe, and we will always take every effort to protect your privacy. We pride ourselves on our honesty and openness and will always be clear how, when and why we collect and process your information; we promise we will never do anything with your details that you wouldn’t reasonably expect.

We collect information in the following ways:

When you give it to us DIRECTLY

There are many ways you may give us your information. For example, when you register with one of our initiatives or services, begin volunteering, make a donation, purchase our products or communicate with us either by phone, in writing, including email or in person. We are responsible for your data at all times.

When you give it to us INDIRECTLY

Your information may be shared with us by independent organisations, for example other charities. These independent third parties will only share your information when you have consented. You should check their Privacy Notice when you provide your information to understand fully how they will process your data.

Via Social Media

Depending on your settings or the privacy notices for social media and messaging services like Facebook, WhatsApp, LinkedIn or Twitter, you might give us permission to access information from those accounts or services.

Via information available publicly

This may include information found in places such websites, Companies House and information that has been published in articles/newspapers.

Cookies

We may use cookies placed on the browser of your device to collect data about how you use our websites and systems. Cookies are small pieces of information stored on your device in the browser..

What personal information we collect and how we use it

We will only ever capture the minimum amount of information that we need for the specific event or service in question. Where it is appropriate, we may also ask for additional information which will be explained to you at the time.

How we will use your data

We will use your personal data for the legitimate interest of conducting core business activities, these will include:

• Administer your membership or donation, including processing Gift Aid

• Provide you with the services, products or information you asked for

• Facilitate conferences, training seminars, meetings and other special event planning

• To present our website and its contents to you and to allow you to participate in interactive features on our website

• Keep a record of your relationship with us

• In any other way we may describe when you provide the information

• For any other purposes with your consent

How we keep your information safe and who has access to it

We ensure that there are appropriate physical and technical controls in place to protect your personal details. For example, confidential paper records are securely stored, our online forms are encrypted and our network is protected and monitored. Confidential paper waste is shredded at our premises by on-site secure document disposal contractors.

We review who has access to information that we hold to ensure that your personal information is only accessible by appropriate staff. We do comprehensive checks on the companies we use before we work with them and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they may have access to as part of providing those services.

We have a duty to report certain types of personal data breaches to the relevant supervisory authority, and where feasible, we will do this within 72 hours of becoming aware of the breach.  If a breach is detected and likely to result in a high risk of adversely affecting you, we will inform you without undue delay.

Where we store your information

Your personal information will be hosted securely within the UK or the EU on Google Workspace.

How long we retain your information and how we keep it up to date

We will only keep your information for as long as we need it to assist you with your enquiry, donation, event registration or other services. There are statutory timescales on how long we should keep some of your information and we will ensure that we will abide by these regulations. We shall delete your information according to statutory limits, or according to guidance issued by the Information Commissioner or as outlined in specific event/data collection privacy policy statements.

Individual members are responsible for keeping their own personal data up to date.

Your rights

The General Data Protection Regulations gives you certain rights and these are listed below for your convenience, further clarification of your rights is available on the Information Commissioners website here.

• You have a right to be informed when your personal data is being collected, what is collected and how it will be used or shared.

• You have a right of access to your personal data: the right of access allows you to be aware of and verify the lawfulness of the processing of your personal data. You can also request a copy of the information which we hold on you. You have a right in certain circumstances to have inaccurate personal data rectified, blocked (restrict processing), erased (right to be forgotten), or destroyed.

• You have a right in certain circumstances to object to the processing of your personal data for such reasons as direct marketing, automated decision making, profiling; although we can confirm we make no decisions on you using an automated process.

• You have a right in certain circumstances to data portability.

We collect and process your personal data through legitimate interests or because you have provided it to us to enable us to deliver a service to you.  We will only process your personal data as you would reasonably expect us to. You can opt out of our general member mailings at any time.