GDPR and Data Protection – Privacy Policy

General Data Protection Regulations (GDPR) 

Hanover and Elm grove Communities Forum policy statement

March 2019

Your Personal data

Hanover & Elm Grove Communities Forum (The Forum) is a volunteer-run community group and will treat your personal data in a legal and responsible way.

The Forum holds personal data. This data is limited to

  1. your name
  2. your email address
  3. your postal address by specific arrangement/request – e.g. to deliver documents to those not using email
  4. in the case of a service provider or Council Officer we may have a record of the department that you represent.
  5. In addition to this, minutes of public meetings are posted online – these may include your name and opinions expressed in the public meeting

There is NO storage or processing of “sensitive data” e.g. ethnicity.

Security of your data

The email list is accessible only to the Secretary of the Forum (or deputising commitee member). This data on this list is used solely to distribute information about Forum meetings and other activities.

The minutes on the website are posted and edited by username and password available only to those authorised by Elected Officers of the Forum.

Paper records are either destroyed or kept in a folder in a secure location.

Legal basis for holding the information

(a) legitimate activity of the group – we exist to bring together local groups including

  1. residents,
  2. traders,
  3. service providers,
  4. mandated representatives of other local groups
  5. Councillors,
  6. Police,
  7. Council Officers.

If you are in groups 5,6,7 and an email address has been made publicly available (e.g. Ward Councillors)  it is assumed  that your consent is not specifically required to use this email address.

It is assumed that people will generally wish to maintain a long-term interest in the Forum. There is therefore no time limit at which any email addresses will be automatically removed.

(b) explicit informed consent.

Your consent must be “freely given, specific, informed and unambiguous”. The mailing list is made up of

  1. those who have signed up on a paper form for “minutes, agendas and occasional information” (as per the top of each mail-out). The records of attendance and “opt-in” are kept in a folder at a secure location.
  2. those who have subscribed themselves via the Forum website.

The mailing list is not used for any other purpose, nor accessible to any third party.

Removal of data, and withdrawal from the mailing list

For those who have signed up via the website, an ‘unsubscribe’ link is included in each mailing. For those who have signed up by email, contact the Forum secretary to unsubscribe.

Data breach.

In the unlikely event of a data breach we will tell you as soon as possible.

Review

This policy is subject to review and improvement.