top of page

Privacy & Data Protection

Privacy

St Peter’s PTA (“us”, “we”, or “our”) operates https://stpetersfundraising.co.uk/ (the “Site”). This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Site.

 

We use your Personal Information only for providing updates and improving the Site. By using the Site, you agree to the collection and use of information in accordance with this policy.

 

Information Collection And Use

While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name, email and organisation (“Personal Information”).

 

Log Data

Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”).

 

This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.

 

In addition, we may use third party services that collect, monitor and analyse this usage data.

 

Communications

We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that provide more information on the services and operations of St Peter’s PTA. If you wish to opt out of these, please use the Unsubscribe functionality, or contact web-admin@stpetersfundraising.co.uk

 

Cookies

Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.

 

Like many sites, we use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some features of our Site, so please bear this in mind.

 

Security

The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

 

Changes To This Privacy Policy

This Privacy Policy is effective as of 07.11.24 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

 

We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

 

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

 

Contact Us

If you have any questions about this Privacy Policy, please contact us using the contact capabilities on this website, or email web-admin@stpetersfundraising.co.uk.

 

__

 

Data Protection

St Peter’s PTA may gather and use certain information about individuals. These can include customers, suppliers, business contacts, employees and other people the organisation has or may need to contact.

 

This policy describes how this potential data must be collected, handled, stored and disposed of to meet GDPR requirements and comply with the Law.

 

Purpose

This GDPR policy ensures St Peter’s PTA:

 

  • Complies with the regulations and follows good practice

  • Protects the rights of staff, volunteers, clients and partners

  • Is open and transparent about how it collects, stores and processes individual’s data

  • Protects itself from the risks of data breach

 

Data Protection Law

The Data Protection Act 1998 was replaced by the General Data Protection Regulations in May 2018 (following an EU directive). The regulations describe how an organisation including St Peter’s PTA must collect, handle, store and dispose of personal information. The Regulations apply whether the data is stored electronically or as hard copy.

 

Data kept will be:

 

  • Collected fairly and legally

  • Individuals will be made aware and must actively give permission

  • Data must be relevant.

  • Data will be accurate and current

  • Not be held for longer than necessary

  • Be protected appropriately

  • Destroyed on request – right to be forgotten

  • Be supplied on request to the relevant individual FOC

 

Policy Scope

This policy applies to all members of St Peter’s PTA.

 

It applies to all data that the organisation holds relating to identifiable individuals, even if that information technically falls outside GDPR 2018. This data will include:

 

  • Names of individuals

  • Postal addresses

  • E-mail addresses

  • Telephone numbers – landline and mobile

  • And any other information relating to individuals

 

Data Protection Risks

This policy helps to protect St Peter’s PTA from security risks including:

 

  • Breaches of confidentiality e.g., divulging information by mistake

  • Failing to offer choice e.g., preventing the individual from giving permission on holding data, what is held and how it is stored

  • Reputational damage e.g., servers being hacked and sensitive data being stolen

 

Responsibility

All committee members and volunteers have some responsibility for ensuring that data is collected handled stored and disposed of appropriately. Committee members must ensure that data is handled in line with GDPR 2018.

 

Data Controller – St Peter’s PTA (contact - web-admin@stpetersfundraising.co.uk)
 

The data controller is responsible for:

 

  • Ensuring GDPR are applied with

  • Reviewing GDPR procedures

  • Where relevant, arranging GDPR training for people covered by this policy

  • Handling data protection questions from staff, committee members, volunteers and anyone else covered by the policy

  • Dealing with requests from individuals who request to see data St Peter’s PTA holds on them

 

General Staff

  • The only staff, committee members and volunteers accessing data should need to do it to carry out their roles

  • Data must not be shared informally

  • Staff, committee members and volunteers should keep all data secure and take sensible reasonable precautions

  • Staff, committee members and volunteers should use strong passwords and change these regularly

  • Personal data must not be disclosed to unauthorised people either internally or externally

  • Where on review data is found to be no longer needed it should be disposed of appropriately

  • Staff, committee members and volunteers should request help from the Chairperson or Data Protection Officer if they are unsure of any aspect of GDPR

 

Collection & Storage

  • When data is collected it must be with the permission of the individual, freely given, clear and transparent

  • Data will be stored in a secure place either electronically or as a hard copy

  • Staff, committee members and volunteers should ensure that they do not leave hard copy records where unauthorised people could see them

  • Data should be disposed of securely – e.g., shredded when no longer required

  • Where data is stored electronically it must be protected from unauthorised access, accidental deletion, and malicious hacking attempts

  • Data should be protected by strong passwords, changed regularly

  • Subjects will have the right to access, rectify, erase, port the data and object to the processing of the data. Requests should be emailed to web-admin@stpetersfundraising.co.uk


 

Data Use

Data is at the highest risk of loss corruption or theft when it is being used:

 

  • Staff, committee members and volunteers should ensure no data is visible on screens when they are unattended and laptops and PC’s should be left locked when unattended

  • Personal data should not be shared informally, where possible it should not be sent by email which is not secure

  • Staff, committee members and volunteers should not save copies of personal data to their own computer

 

Accuracy

Staff, committee members and volunteers will take reasonable steps to ensure data is kept up to date and it is accurate and relevant:

 

It is the responsibility of staff, committee members and volunteers at St Peter’s PTA to take reasonable steps to ensure data kept is accurate and up to date

 

  • Data will be held in as few places as possible. Unnecessary additional sets will not be created.

  • Staff, committee members and volunteers should take the opportunity to update client personal data – by confirming client details when speaking to a client

  • Data will be updated as inaccuracies are discovered

 

Subject Access Request

The person whose data is held is referred to under GDPR as the subject.

 

The subjects of St Peter’s PTA are entitled to:

 

  • Ask what information is held on them

  • Ask how to gain access to it

  • Be informed how to keep it up to date

  • Be informed of how the company is meeting its legal obligations under GDPR 2018

  • Subject access requests should be made to the Data Controller (web-admin@stpetersfundraising.co.uk) formally in writing. Information will be supplied free of charge within 1 month of the request.

  • The Data Controller will always verify the identity of the person making the subject access request before handing over any information.

bottom of page