West Oxford U3A Privacy Policy
West Oxford U3A treats your privacy
rights seriously. This privacy
policy sets out how we will deal with your ‘personal information’, that
is, information that could identify, or is related to the identity of, an individual.
What personal information do we collect?
When you express
an interest in becoming a member of West Oxford U3A you will be asked to provide
certain information. This includes:
•
your name;
•
home address;
•
email address;
•
telephone number;
•
your Gift Aid preferences.
How do we collect this personal information?
All the information collected is obtained directly
from you. This is usually at the point of your initial registration. The information will be collected
via membership forms or online contact
forms. The lawful basis for collecting and storing your information is the contractual relationship that you, as a member, have with the U3A. In order
to inform you about the groups,
activities and events that you can
access as a member
we need to store and process a certain
amount of personal
data.
How do we use your personal information?
We use your personal information:
•
to provide our U3A activities and
services to you;
•
for administration, planning and management of our U3A;
•
to communicate with you about your group activities;
•
to monitor, develop and improve the provision of our U3A activity.
• to circulate information which, in the view of the Committee, will be of interest to Members.
We’ll send you messages by email, post, other digital
methods and telephone
to advise you of U3A activities.
Whom do we share your personal
information with
We may disclose information about you, including your personal information:
•
to provide our U3A activities and
services to you;
•
for administration, planning and management of our U3A;
•
to communicate with you about your group activities;
•
to monitor, develop and improve the provision of our U3A activity.
Where we need to share your information outside the
U3A we will seek your consent and inform you whom the information will be
shared with and for what purpose.
How
long do we keep your personal information
We need to keep your information so that we can provide
our services to you.
In most instances information about your membership will not be stored for longer than 12 months.
The exceptions to this are instances where there may be legal
or insurance circumstances that require information to be held for longer whilst the issues are investigated or resolved. Where this is the
case members will be informed
how long the information will be held for and when it is deleted.
How your information can be updated or corrected
To ensure the information we hold is accurate and up
to date, members need to inform the U3A as to any changes
to their personal
information. You can do this by contacting the Secretary or Membership Secretary
(details on your Membership Card).
You will have the opportunity annually to update your information, as required, via the membership renewal process. Should you wish to view the information that the U3A holds
on you, you can make
this request by contacting the Membership Secretary – as detailed above.
There may be certain circumstances where we are
not able
to comply with this request. This
would include where the information may contain references to other individuals or for legal,
investigative or security
reasons.
Otherwise, we will usually
respond within 14 days of the request
being made.
How do we store your personal
information
We have in place security
safeguards to protect
your personal information against loss or theft, as well as unauthorised access,
disclosure, copying, use or modification. Your membership information is held
on a spreadsheet and accessed by Committee Members and
Group Conveners.
Data Breach Notification
Were a data breach to occur action will be taken to minimise the harm. This will include
ensuring that all Committee Members
are made aware
that a breach has taken
place and how the breach
occurred. The Committee shall then seek to rectify
the cause of the breach as
soon as possible to prevent any further breaches.
Within 24 hours of a serious breach
occurring, the Chairman
of the U3A will contact
the Third Age Trust to determine the seriousness of the breach and action
to be taken. Where necessary, the Information Commissioner's Office
will be notified. The
Committee will also contact the relevant U3A members to inform
them of the data breach and actions taken to resolve the breach.
Where a U3A member
feels that there has been a breach by
the U3A, a Committee member will ask the member to
provide an outline of the breach. If
the initial contact is by telephone, the member will be asked to follow this up with an email or a letter detailing his or her concern.
The alleged breach
will then be investigated by members of the Committee who are not in any way implicated
in the breach. The U3A
member can report his or her
concerns to National Office if they
don't feel satisfied with the
response from the U3A. Breach matters will be subject to a full investigation, records
will be kept and all those involved
notified of the outcome.
Availability and changes to this policy
This policy may change from time to time. If we make any material
changes we will make
members aware of this via our bi-monthly Newsletter.
Contact
If you have any queries about
this policy,
need it in an alternative format, or have any complaints about our privacy
practices, please contact
us at via the Secretary, whose contact
details are on your Membership Card.
|