01202 470 770 info@somerfordarc.com

Privacy Notice

General Statement

Somerford ARC Community Centre is committed to protecting and respecting your privacy and the personal data we retain.

This Privacy Notice explains how Somerford ARC Community Centre (Registered Charity No: 1156427) uses and protects information given to us by trustees, employees, volunteers, service users and users of our website.

Our Privacy Notice covers all activities and groups provided directly by our organisation. It does not cover activities provided by private hirers, requests for information held by private groups should be sought directly from them.

Any information held by us will only be used in accordance with this statement.

Our Contact Details

Name: Somerford ARC Community Centre

Address: 20 Southey Road, Christchurch, BH23 3EH

Telephone Number: 01202 470770

Email Address: info@somerfordarc.com

Data Protection Officer: Lauren Biggs

 

Legal Framework

 

Our policy complies with the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR).

 

Under the GDPR, we must have a legal basis for processing your personal information. Somerford ARC Community Centre processes your information for one of the following reasons:

 

Consent, the individual has given clear consent for you to process their data for a specific purpose.

 

Contract, the processing is necessary for a contract you have with the individual, because they have asked you to take specific steps before entering into a contract.

 

Legal obligation, the processing is necessary for you to comply with the law (not including contractual obligations).

 

Legitimate interests, the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)

 

 

 

 

Information we collect about you and how we use it

 

We collect the minimal amount of information necessary for the purpose of which it is needed, this includes:

 

  • Your identity information such as first name, last name and other identities you may have provided.
  • Your contact information such as billing address, email address, telephone numbers and any other information given for the purpose of communication.
  • DBS certificates, teaching certificates and evidence of insurance, provided by you, necessary to utilise or hire our facility.
  • Website contact form, your email address and name.
  • Information and photographs provided and consented by you to use within our facility, website, or social media pages.
  • Information provided and consented by you for use in Somerford ARC Community Centre’s internal and external presentations.
  • Financial data collected from employees of Somerford ARC Community Centre.
  • Anonymous data demonstrating statistical or demographic data.
  • Images captured by CCTV
  • Sign in logs for classes and groups run directly by our organisation for emergency evacuation procedures and health and Safety purposes.
  • Advertising external groups and classes on our website or other social media platforms.
  • Recruitment of potential employees and volunteers.
  • Administration and management of employees and volunteers.

 

Special personal information

 

Sensitive information, including physical or mental health details, are only collected when it is necessary for the safeguarding and wellbeing of our trustees, employees, volunteers and service users, while using our facilities.

 

Special personal data collected under the Somerford ARC Community Centre’s equality and diversity monitoring form is to help us ensure that there is no discrimination in the way we recruit and select applicants for positions only, this information is not shared with any third parties.

 

Why we collect personal information

 

  • For the safeguarding and wellbeing of our trustees, employees, volunteers and service users, while using our facilities.
  • For the hiring of our facilities.
  • Ticket booking or reservations.
  • For the purposes of health and safety and fire safety.
  • Statistical data for the purposes of demonstrating to external organisations our impact on the community.

 

Children

 

No data or images relating to a child under 18 will be processed, used, or stored without the consent of a parent or guardian.

 

Sharing of personal information

 

No information is collected from a third party or sold.

 

Your information is not shared with a third party, with the exception to emergency services if we have serious concerns regarding your health and safety, in these situations we will keep you informed.

 

If you do not provide personal information we need

 

Where we need to collect personal data by law, or under the terms of a contract you hold with Somerford ARC Community Centre, if you fail to provide the data necessary, you will receive notification that the contract process will cease.

 

Security and storage of personal data

 

Personal data will be kept in lockable filing cabinets in accordance with the Somerford ARC Community Centre data protection policy and confidentiality policy and is only accessible to the Office Staff or to those who are entitled to see it as part of their duties.

 

All reasonable steps are taken to ensure your personal information is managed and stored appropriately at all times.

 

How long we keep your personal information for

 

We will securely store your information for no longer than 2 years after you cease your involvement with our organisation in order to meet our legal obligations, and to make it easier for you if you come back to us in the future. After 2 years your personal information will be securely destroyed.

 

Individual rights

 

The UK GDPR provides the following rights for individuals:

 

The right to be informed, providing individuals with clear and concise information about what you do with their personal data. Articles 13 and 14 of the UK GDPR specify what individuals have the right to be informed about. We call this ‘privacy information’.

Access, you have the right to obtain a copy of the personal data we hold about you. This will help you understand how and why we are using your data, and check we are doing so lawfully.

 

Rectification, Under Article 16 of the UK GDPR individuals have the right to have inaccurate personal data rectified.

 

Erasure, Under Article 17 of the UK GDPR individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’.

 

Restriction of processing, Article 18 of the UK GDPR gives individuals the right to restrict the processing of their personal data in certain circumstances. This means that an individual can limit the way that an organisation uses their data.

 

Data Portability, the right to data portability gives individuals the right to receive personal data they have provided to a controller in a structured, commonly used and machine-readable format. It also gives them the right to request that a controller transmits this data directly to another controller.

 

The right to object, Article 21 of the UK GDPR gives individuals the right to object to the processing of their personal data at any time. This effectively allows individuals to stop or prevent you from processing their personal data. An objection may be in relation to all of the personal data you hold about an individual or only to certain information. It may also only relate to a particular purpose you are processing the data for.

If you wish to exercise any of these rights, please contact us using the contact information in this document.

 

CCTV operation

 

CCTV is in operation on the outer property for the security of our premises.

 

The images are held securely and only accessed when investigating an incident.

 

How to complain

 

If you believe that your data is not being used for the purpose for which it was collected, please contact our Data Compliance Officer and request a complaints form, using the contact information issued in this document.

 

Complaints to a regulator

 

You can also contact ICO if:

 

  • You have problems accessing your personal information from an organisation
  • If you are concerned about how an organisation has handled your information

You should raise your complaints with ICO within three months of your last meaningful contact with our organisation.

https://ico.org.uk/make-a-complaint/data-protection-complaints/

helpline number: 0303 123 1113

 

This Privacy Notice was reviewed: 07-06-2022