Willaston Residents and Countryside Society (WR&CS) recognises the importance of the data that it holds and the need to abide by legislation including the General Data Protection Regulations 2016.
WR&CS holds information about its members and supporters. The legal basis for holding information is consent. The member and volunteer information is stored on individual Officers’ personal computers and may include cloud-based storage facilities; all of which are password protected. Some information is also stored on paper in relevant files. The purpose of information stored is to enable WR&CS to process information necessary to establish support and to process information necessary to administer activities for people who are members or are in contact with WR&CS. This includes work undertaken by sub-groups of WR&CS and lottery members.
Information will only be kept for the time that it is required. For mailing lists related to sub-groups, this will be the time that the sub-group is active. In the case of the lottery, information about members playing the lottery will be retained for seven years, in line with financial requirements.
The Data Controller is the Secretary of WR&CS. Other officers or sub-group leaders may store and process data with the knowledge and agreement of WR&CS. The Data Controller will ensure that only necessary data is retained and all communication issued by any WR&CS Officer complies with the current legislation.
WR&CS is not registered with the Information Commissioner’s Office as we are a not-for-profit organisation and meet the requirements for not registering.
Any member or supporter will be able to request a copy of their data and any such request will normally be provided within one month.
Any member or supporter will be able to request that their data is rectified and this will normally be done within one month.
Any member or supporter will be able to request that their data is erased and this will normally be done within one month. Any communication sent to a group of members or supporters will include information on how to request their removal from a group.
All requests about data should be made via the ‘contact us’ page on the WR&CS website or directly to a WR&CS Officer. If we are not able to respond to a request, we will explain the reasons why and will keep you updated.
If a breach to data security occurs, this will be reported to the Information Commissioner’s Office within 72 hours of identifying such a breach has occurred.