Data Protection Policy
The North Midlands LGBT Older People’s Group takes the protection of its members’ data seriously.
We only hold digital records of an individual’s preferred name and email address. Any other personal information is stored in paper format in a locked filing cabinet at the group’s registered address.
For greater security we communicate with people on our mailing list via MailChimp and occasionally seek feedback via Survey Monkey. Both of these means of communication are compliant with current data protection regulation.
Photos of individuals are used in our Newsletter and on our Website with a person’s consent; however, we respect the right of people to change their minds and remove images when requested to do so.
Data Protection Principles
The Data Protection Act 2018 controls how personal information is used by organisations, businesses or the government. … Everyone within the group responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is: used fairly, lawfully and transparently.
They must make sure personal information is:
- used fairly, lawfully and transparently
- used for specified, explicit purposes
- used in a way that is adequate, relevant and limited to only what is necessary
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary
- handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
Under the Data Protection Act 2018, individuals have the right to find out what information the group stores about them. These include the right to:
- be informed about how their data is being used
- access personal data
- have incorrect data updated
- have data erased
- stop or restrict the processing of their data
- data portability (allowing the individual to get and reuse their data for different services)
- object to how their data is processed in certain circumstances
An individual also has rights when an organisation is using their personal data for:
- automated decision-making processes (without human involvement)
- profiling, for example to predict your behaviour or interests
End of policy
Privacy Notice created by Maurice Greenham 18/06/2018
Upgraded to Policy by Maurice Greenham 15/04/2019
Review April 2021