top of page

Privacy Policy for Headley Park Community Centre

 

Headley Park Community Centre is committed to protecting personal information.

This Privacy Policy relates to our use of any personal information we collect from you as a user of Headley Park Community Centre.

For the purposes of this policy a user will be considered to be an individual hiring Headley Park Community Centre for his or her own purposes or an individual acting as the representative of a community group, charity, company, group of people or other organisation.

 

Personal Information Collected

We collect basic personal information of users leading activities/events such as your name, address, e-mail address, telephone number and bank account details for payments/refunds.

It is also the responsibility of individuals and organisations using the centre to protect the privacy of their members personal information.

 

Use of Information

We will use your information to communicate with you regarding your bookings or potential bookings and to keep you informed of other matters relating to Headley Park Community Centre, for example changes to charges or conditions of use.

Summary details of bookings are published in the diary section of our website. We will not share your information with other third parties without your consent.

 

Security

We put in place reasonable security measures to protect against any unauthorised access or damage to, or disclosure or loss of, your information.

 

Storage limitation

Personal data should only be stored for as long as is necessary. Data can be archived securely and used for research purposes in the future. Where possible, the personally identifiable information will be removed to leave anonymous data.

 

Integrity and confidentiality

Personal data will be held in a safe and secure way that takes reasonable steps to ensure the security of this information and avoid accidental loss, misuse or destruction.

 

Accident Book

Accident reports should be completed on site, placed in a sealed envelope and left for collection by the caretaker (Hannah Knight) under the accident book. The form will be stored securely and the following information recorded: date, place, cause, outcome.

 

Security breaches

Any security breaches where personal data is compromised must be reported in the first instance to the Data Protection Officer (Hannah Knight) and to the Information Commissioner’s Office (ICO) within 72 hours. Your report to the ICO should detail what data has been breached (amount, type of data) and the October 2019 likely consequences, the steps already taken to mitigate and the name of the Data Protection Officer.

 

Your Rights

Please let us know if your information changes as it is important that the personal information we hold about you is accurate and up to date. We will keep your information indefinitely after you remain an active user of Headley Park Community Centre because you may resume your connection with us in the future, however you can ask us to remove your personal information from our records at any time and we will do so and stop sending you any further communications. You have the right to request a copy of all the personal information we hold about you in a Subject Access Request. We will take reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.

 

Changes to this Privacy Policy

We may amend this Privacy Policy from time to time; for example, to keep it up to date or to comply with legal requirements. If there will be any significant changes made to the use of your personal information in a manner different from that stated, we will seek your permission first.

 

How to contact us

For any questions or concerns relating to this Privacy Policy, our data protection practices, or to make a Subject Access Request, please contact:

 

Data Protection Officer: Hannah Knight

headleycc@gmail.com

HEADLEY PARK COMMUNITY ASSOCIATION DATA PROTECTION POLICY

TO COMPLY WITH THE Data Protection Act 1998

 

  • The Chairperson of the association will be designated as the data protection officer

 

  • The Association will ensure that no data is collected on any user, hirer or associated person of the community centre that is not necessary for the legitimate operation of the centre

 

  • All data will be kept up to date and accurate

 

  • No personal or contact data will be entered on the association’s website unless authorised by that person for the promotion of their activity at the centre

 

  • All data will be retained securely and not be freely available to be accessed other than by members of the management committee authorised by the secretary

 

  • No data will be passed on to another person or body unless legally required to do so

 

  • All data will be deleted from electronic storage and web site, and hard copies securely destroyed, once the information is no longer required for operational use or financial records.

 

  • Requests by a data subject for disclosure of their personal data will be dealt with within one week by the data protection officer

 

 

Updated April 2020.

bottom of page