On 25 May 2018 the new General Data Protection Regulation (GDPR) came into force (replacement for the Data Protection Act 1998). FACT has to ensure that all “personal data” collected is properly managed and stored.
What this means
Your data is kept and stored in a way which is lawful and compliant with the Data Protection Laws.
As a non-profit organisation which does not share your data FACT has no requirement to register with the Information Commissioners Office (ICO)
You can check the standards required at the above office https://ico.org.uk/
What is personal data?
Personal data is: ‘anything that can identify an individual’. For example: name, date of birth, phone number, email address, postal address, job references, DBS checks, etc.
What data does FACT hold?
The only data we hold is what is on the membership form for Full Members, Associate Members, and Friends of FACT. This includes, name, address, contact email, contact telephone and status of membership. We also hold a confidential mailing list of those members in prison which is used for sending newsletters and cards.
What is it used for?
To contact members to offer them information and support.
Our Privacy Notice is as follows
“Under GDPR we will obtain your consent to securely hold your personal data; we don’t keep anything longer than necessary; you can request removal of your data”. We do not share your data.
At FACT this has been something which you all have consented to when you filled in the original application form. At present our membership data is kept on an on-line professional data management company called ‘membership mojo’, at https://membermojo.co.uk/fact which you can log on to yourself to see what data is stored and change or remove this. Details of how to do this can be located at the membership website and their data policy statement and privacy compliance is also available there. We also hold an encrypted older version of an Excel membership list on a USB stick. This is retained by the Secretary.
On each person’s electronic membership form is a new box which will need to be ticked headed ‘Data Agreement’. Because you have already consented to your data being stored this will be done on renewal of yearly membership.
This is our initial compliance notice and this policy may be updated in the future as we develop ways to keep things as secure as possible.
If you have any concerns then please contact us by email to firstname.lastname@example.org