Privacy Policy

Cotswold Water Park Trust

May 2018

 

Background

In this policy we have set out the personal data that we collect from and about you, how it is used and to whom the information is disclosed. It is important to note that this policy is non contractual.

About us

The Cotswold Water Park Trust is a registered charity dedicated to improving the Cotswold Water Park for wildlife and people. We work in partnership with, local authorities, parish councils, landowners, mineral companies, environmental organisations, businesses – to achieve a careful balance between development, recreation and nature conservation.

We are committed to protecting the personal data we have access to and process and have developed privacy policies to cover groups of individuals whose personal data we may hold.

Personal Data

Personal data is information about an identifiable individual that could lead to them being treated differently.  The types of personal data we process includes name, address, telephone number, personal email address and car registration number.

What information do we process and where does it come from?

Generally we collect personal data directly from you.  If membership is purchased as a gift the personal details of both the purchaser and the recipient will be recorded.

How do we use your personal data?

The Cotswold Water Park Trust uses personal information for:

  • Administering its membership scheme i.e. renewals etc.
  • Communicating the work of the Trust to members via its newsletter.
  • Contacting members about Annual General Meetings.
  • Maintaining a white list of vehicle registration numbers that are exempt from parking charges.
  • Informing members about upcoming events and products that may be of interest.
  • Fulfilling orders for goods and services.
  • Administering donations and legacies.
  • Fundraising purposes.

There are some essential communications that we need to send to fulfil our duties to you as a member, volunteer, donor or purchaser of goods / services. These include membership related communications such as renewal reminders, notice of General Meetings, membership newsletters and order/booking communications such as purchase or booking confirmation.

We’ll only use your personal data on relevant lawful grounds as permitted by the EU General Data Protection Regulation (from 25 May 2018)/UK Data Protection Act and Privacy of Electronic Communication Regulation.

Marketing communications

We would like to keep in touch with you to let you know about our upcoming events (for example, our fundraising ball), and new publications or products (for example, our Dragonfly Atlas).  We may also contact you with regards to funding appeals for one of our projects (for example, the Educational Play Facility at Riverside Park).

We’ll only send these to you if you agree to receive them and we will never share your information with companies outside the Trust for inclusion in their marketing. If you agree to receive marketing information from us you can change your mind at a later date.

We’ll always act upon your choice of how you want to receive communications (for example, by email or post).

If you make a donation, we’ll use any personal information you give us to record the nature and amount of your gift, claim gift aid where you’ve told us you’re eligible.

If you’ve told us that you’re planning to, or thinking about, leaving us a gift in your will, we’ll use the information you give us to keep a record of this – including the purpose of your gift, if you let us know this.

If we have a conversation or interaction with you (or with someone who contacts us in relation to your will, for example your solicitor), we’ll note these interactions throughout your relationship with us, as this helps to ensure your gift is directed as you wanted.

Retail sales and events management

We process customer data in order to process retail sales and event bookings. Your data will be used to communicate with you throughout the process, including to confirm we’ve received your order and payment, to confirm dispatch, to clarify where we might need more detail to fulfil an order or booking, or to resolve issues that might arise with your order or booking.

Disclosing and Sharing Personal Data

Cotswold Water Park Trust will not sell or share your personal information with other charities or organisations.

Your personal information will only be used by Cotswold Water Park Trust and contracted organisations working on our behalf. When we share personal information with these parties we require that they only use or disclose personal information in a manner consistent with the use and disclosure provisions of this Privacy Policy. We also ensure that any contract with these organisations contains necessary privacy and security provisions in line with data protection legislation.

How long will we keep data for?

There are some legal and regulatory requirements which govern how long we should retain your personal data.  Outside of these we endeavour to retain your personal information only for as long as we believe is necessary to fulfil the purposes for which the personal information was collected (including for the purpose of meeting any legal, accounting or other reporting requirements or obligations). We may, instead of destroying or erasing your personal information, make it anonymous so that it cannot be associated with or tracked back to you.

In general we will keep our member’s personal details for up to 6 months after expiry of their membership.

The rights of individuals whose personal data we process

It is important that the information we process on you is accurate and up to date so please inform us of any changes. If we are processing your personal data you have the following rights:

  • The right to be informed of what data we are processing, what for, how we obtained the data and to whom it is released.
  • Subject to certain conditions as set out in ‘Access to your personal data’ below, you have the right to access the data we are processing on you.
  • The right to rectification of the data if incorrect or inaccurate.
  • The right of erasure (in certain circumstances such as where you gave your consent to process).
  • The right to restrict processing (to request that we do not process data for certain activities in certain circumstances).
  • The right to data portability (where appropriate).
  • The right to object.
  • The right not to be subject to automated decision making.

Access to your personal information

You can ask to see the personal information that we hold about you.  To do so, please contact our Data Controller at Cotswold Water Park Trust, Manor Farm Down Ampney, Cirencester, GL7 5QF, your request must be in writing.

When requesting access to your personal information, please note that we may request specific information from you to enable us to confirm your identity and right to access, as well as to search for and provide you with the personal information that we hold about you.

We will ensure the request is responded to within a month. Your right to access the personal information that we hold about you is not absolute.  In the event that we cannot provide you with access to your personal information, we will endeavour to inform you of the reasons why, subject to any legal or regulatory restrictions.

Updating your personal information

It is important that the information we process on you is accurate and up to date.  Whilst we endeavour to ensure it is at the time we first collect it, we need you to ensure you keep us updated where the personal information we process on you changes.

Keeping your personal information safe and secure

We seek to maintain physical, technical and procedural safeguards that are appropriate to the sensitivity of the personal information in question. These safeguards are designed to protect your personal information from loss and unauthorised access, copying, use, modification or disclosure.

Transferring Data outside of the European Economic Area (EEA)

We will not transfer your personal information to countries outside the European Economic Area (EEA).

Questions or concerns

If you have any questions about this Privacy Policy or concerns about how we manage your personal information, please contact our Data Controller by telephone, in writing or by e-mail.  We will seek to answer your questions and advise you of any steps taken to address the issues raised by you. If you are unsatisfied with our response, or you believe we have not complied with your data protection rights you may make a written submission to the Information Commissioner (ICO).