Data Protection Regulation
We are obliged under the Data Protection Act to hold and process personal data in accordance with the law. Charities do not have to be registered but must comply with the Act.
Buckingham U3A holds data, in both written and electronic form, for the purpose of maintaining membership administration and facilitating activities or services, such as The Third Age Trust magazine for individual members, and consists only of the information required to undertake the said activities.
Such data consists of contact details (addresses, phone, email address) personal preferences and interests, stated willingness to become involved as a committee member or group leader, a stated desire of receiving the aforementioned magazine and an agreement to take part in the Gift Aid scheme.
Other information may also be held but only at the member’s express wish; this may include (but not be limited to) emergency contact details, which may be required for outings and visits as necessary.
Buckingham U3A is committed to ensuring that your information is secure and that holders are on a need to know basis.
We will not sell or distribute your personal information to third parties except for the administrators of the magazine and Gift Aid, unless we have your written permission or are required to do so by law.
We may use your email/address from time to time to send out information related to Buckingham U3A or that you may find interesting.
This policy may change from time to time and if so an amended copy will be placed on the website and be available from the webmaster.
Preparing for the General Data Protection Regulations 12 steps – U3A response
- Information we hold:
Full name, address, telephone number, email address
Amount paid, date of payment, method of payment (cash/cheque/bank transfer/standing order)
Gift aid donation declaration
Membership of other U3As (U3A name/membership number)
Membership status (current/lapsed/past/pending/deceased/honorary)
- Communication of Privacy of Information:
Provided by Privacy Statements on the application form and welcome letter based on following considerations.
What information is being collected? See Information we hold
Who is collecting it? Membership Secretary
How is it collected? From application form only
Why is it being collected? To register membership
How will it be used? For communication to the subject of information by Trustees
Who will it be shared with? Name and address to Direct Mail Scheme for mailing of U3A Magazines. Name and membership numbers to printers for preparation of the membership cards. Name, address & donation paid to HMRC for tax reclaim.
What will be the effect of this on the individuals concerned? None
Is the intended use likely to cause individuals to object or complain? No.
- Individuals’ rights:
right to be informed – yes
right of access – yes
right to rectification – yes
right to erasure – generally no but yes if the subject is no longer a member. Data is automatically deleted if a member is 3 or more years on the past list.
right to restrict processing – no.
Only processing we do is for preparing membership cards, membership status at the end of year, gift aid donation tax reclaim,
right to data portability – not applicable
right to object – yes
right not to be subject to automated decision-making including profiling – yes.
Only profiling we do is to find out members living at a common address, current or lapsed membership
- Subject access requests:
No charge for request to access.
All requests can be met immediately by providing a screen shot of the member’s details and payment records.
Requests will be limited to subject’s own records without any restrictions.
- Lawful basis for processing of personal data:
Fully explained in the privacy statements.
All applicants sign the registration form containing privacy statement.
- Data breaches:
Data we hold is unlikely to affect the rights and freedom of subjects or affect them financially. If a breach of confidentiality of personal contact and email address occurs accidently, it is reported immediately to the chairman of the Trustees and the subjects involved.
- Data protection by design and Impact assessments: ?
- Data Protection Officer:
is not warranted for U3A.