Data Protection

                    West Oxford U3A Privacy Policy

West Oxford U3A treats your privacy rights seriously. This privacy policy sets out how we will deal with your ‘personal information’, that is, information that could identify, or is related to the identity of, an individual.


What personal information do we collect?

When you express an interest in becoming a member of West Oxford U3A you will be asked to provide certain information. This includes:

              your name;

              home address;

              email address;

              telephone number;

              your Gift Aid preferences.


How do we collect this personal information?

All the information collected is obtained directly from you. This is usually at the point of your initial registration. The information will be collected via membership forms or online contact forms. The lawful basis for collecting and storing your information is the contractual relationship that you, as a member, have with the U3A. In order to inform you about the groups, activities and events that you can access as a member we need to store and process a certain amount of personal data.


How do we use your personal information?

We use your personal information:

              to provide our U3A activities and services to you;

              for administration, planning and management of our U3A;

              to communicate with you about your group activities;

              to monitor, develop and improve the provision of our U3A activity.

              to circulate information which, in the view of the Committee, will be of interest to Members.

We’ll send you messages by email, post, other digital methods and telephone to advise you of U3A activities.

Whom do we share your personal information with

We may disclose information about you, including your personal information:

              to provide our U3A activities and services to you;

              for administration, planning and management of our U3A;

              to communicate with you about your group activities;

              to monitor, develop and improve the provision of our U3A activity.

Where we need to share your information outside the U3A we will seek your consent and inform you whom the information will be shared with and for what purpose.

How long do we keep your personal information

We need to keep your information so that we can provide our services to you. In most instances information about your membership will not be stored for longer than 12 months. The exceptions to this are instances where there may be legal or insurance circumstances that require information to be held for longer whilst the issues are investigated or resolved. Where this is the case members will be informed how long the information will be held for and when it is deleted.


How your information can be updated or corrected

To ensure the information we hold is accurate and up to date, members need to inform the U3A as to any changes to their personal information. You can do this by contacting the Secretary or Membership Secretary (details on your Membership Card). You will have the opportunity annually to update your information, as required, via the membership renewal process. Should you wish to view the information that the U3A holds on you, you can make this request by contacting the Membership Secretary as detailed above. There may be certain circumstances where we are not able to comply with this request. This would include where the information may contain references to other individuals or for legal, investigative or security reasons.

Otherwise, we will usually respond within 14 days of the request being made.



How do we store your personal information

We have in place security safeguards to protect your personal information against loss or theft, as well as unauthorised access, disclosure, copying, use or modification. Your membership information is held on a spreadsheet and accessed by Committee Members and Group Conveners.



Data Breach Notification

Were a data breach to occur action will be taken to minimise the harm. This will include ensuring that all Committee Members are made aware that a breach has taken place and how the breach occurred. The Committee shall then seek to rectify the cause of the breach as soon as possible to prevent any further breaches. Within 24 hours of a serious breach occurring, the Chairman of the U3A will contact the Third Age Trust to determine the seriousness of the breach and action to be taken. Where necessary, the Information Commissioner's Office will be notified. The Committee will also contact the relevant U3A members to inform them of the data breach and actions taken to resolve the breach.

Where a U3A member feels that there has been a breach by the U3A, a Committee member will ask the member to provide an outline of the breach. If the initial contact is by telephone, the member will be asked to follow this up with an email or a letter detailing his or her concern.

The alleged breach will then be investigated by members of the Committee who are not in any way implicated in the breach. The U3A member can report his or her concerns to National Office if they don't feel satisfied with the response from the U3A. Breach matters will be subject to a full investigation, records will be kept and all those involved notified of the outcome.

Availability and changes to this policy

This policy may change from time to time. If we make any material changes we will make members aware of this via our bi-monthly Newsletter.


If you have any queries about this policy, need it in an alternative format, or have any complaints about our privacy practices, please contact us at via the Secretary, whose contact details are on your Membership Card.

Registered charity no. 1108125