Privacy Policy.

1. Who are we?

Wirral
Environmental Network is an environmental education charity. We are regulated by
the Charity Commission.  

Every year
in December we hold an annual general meeting where Trustees are elected. Any
member can be nominated as a Trustee and every member has the right to attend
the Annual General Meeting.

Our Trustees Group is the data controller for the information we
collect. Any personal data that we collect will only be in relation to the work
we do with our members and through our relationship with volunteers, supporters,
donors and funders.

2. Personal data – what is it?

Personal data relates to a living individual who can be identified
from that data.  Identification can be by
the information alone or in conjunction with any other information in our
possession or likely to come into such possession. The processing of personal
data is governed by the General Data Protection Regulation (the “GDPR”).

3. How we gather personal information

The
majority of the personal information we hold, is provided to us directly in
either paper form, email or online forms via
www.wirralenvironmentalnetwork.org.uk. In the case of volunteers, data may also
be provided by third party reference agencies, such as the Disclosure and
Barring Service (DBS).

Where a member
is under the age of 18, this information will only be obtained from a parent /
guardian and cannot be provided by the young person.

4. How do we process personal data?

We comply with our obligations under the “GDPR” by keeping
personal data up to date; by storing and destroying it securely; by not
collecting or retaining excessive amounts of data; by protecting personal data
from loss, misuse, unauthorised access and disclosure and by ensuring that
appropriate technical measures are in place to protect personal data.

We use personal data for the following purposes: –

5. What is the legal basis for
processing personal data?

We only use
personal information where that is permitted by the laws that protect an
individual’s privacy rights. We only use personal information where:

6. How we store personal data

We are
committed to the protection of personal information.

We generally
store personal information in one of two secure digital database systems, where
access to that data is restricted and controlled and also in print version as
detailed below.

Printed
records and Event data

Paper is still
used to capture and retain some data for example the following: –

This information
is securely in locked containers

Gift Aid collection
forms, will be securely held by the Group’s Treasurer to aid in the collection
of Gift Aid for termly membership fee. We have a legal obligation to retain
this information for 7 years after our last claim.

7. Sharing and transferring personal Information

We will
only normally share personal information within our Trustee, charity or event
management teams.

We will
however share personal information with others outside WEN where we need to meet
or enforce a legal obligation, this may include local authority services and
law enforcement, we will only share personal information to the extent needed
for those purposes.

We will only share data with third parties outside of the organisation
where there is a legitimate reason to do so. We will take steps to anonymise
the data we provide (i.e. collective reporting on gender, ethnicity, age,
etc.).  If identifiable data is to be
shared we will seek consent.

We will
never sell personal information to any third party for any purpose.

Third Party Data Processors

We have no third party data processors

Automated decision making

We do not
have any automated decision-making systems.

Transfers outside the UK

We will not
transfer personal information outside of the UK.

8. How do we protect personal data?

We take appropriate measures to ensure that the
information disclosed to us is kept secure, accurate and up to date and kept
only for as long as necessary for the purpose for which it is used.

9. How long do we keep personal data?

We will
retain personal information, throughout the time an individual is a member,
volunteer or supporter of Wirral Environmental Network and  for a period of one year after they have left
and in a much more limited form (name, capacity and involvement) for a period
of up to 15 years to fulfil our legal obligations for insurance and legal
claims.

We will
also keep any Gift Aid Claim information for the statutory 7 years as required
by HMRC (which may be beyond age 21) as indicate previously.

10. Individual
rights and personal data 

Individuals
have the right to object to how we process personal information. They also have
the right to access, correct, sometimes delete and restrict the personal
information we use. In addition, they have a right to complain to us and to the
data protection regulator.

Unless
subject to an exemption under the GDPR, individuals have the following rights
with respect to personal data: –

11. Further processing

If we wish
to use personal data for a new purpose, not covered by this Data Protection
Notice, then we will explain the new use prior to commencing the processing and
setting out the relevant purposes and processing conditions.

12. Contact Details

To
exercise all relevant rights, queries of complaints please in the first
instance contact our Chair of Trustees, Pete Exeley. Details available on our
website.

Individuals
can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water
Lane, Wilmslow, Cheshire. SK9 5AF.

Updated 29.3.19 by Naomi Graham. Next update due 29.3.20 by Office Manag

Website

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.