Data Protection Procedures

1) Introduction

The Friends of Rye Harbour Nature Reserve Trustees have a data protection policy which is reviewed regularly. All trustees are also members of the Friends’ committee. To help us uphold the policy, we have created the following procedures which outline ways in which we collect, store, use, amend, share, destroy and delete personal data.

These procedures cover the main, regular ways we collect and use personal data. We may from time to time collect and use data in ways not covered here. In these cases, we will ensure our Data Protection Policy is upheld.

2) General Procedures

The personal information that we collect from our members consists of the following:

  • Name and postal address
  • Date of joining the Friends
  • Home and/or mobile phone numbers (if provided)
  • Email address (if provided)
  • Date of birth (if under 16)
  • The dates and amounts of payments
  • Bank account details and signature (if provided for a standing order)
  • The taxpayer’s name and signature (if subscription is covered by a Gift Aid declaration)

Data will be stored securely. When it is stored electronically, it will be kept in password protected files. When it is stored online in a third-party website (e.g. Google Drive) we will ensure the third party comply with the UK GDPR. When it is stored on paper it will be filed carefully in a locked filing cabinet.

When we no longer need data, or when someone has asked for their data to be deleted, it will be deleted securely. We will ensure that data is permanently deleted from computers, and that paper data is shredded.

We will keep records of consent given for us to collect, use and store data. These records will be stored securely.

3) Mailing list

We will maintain a mailing list. This will include the names and contact details of people who wish to receive publicity and fundraising appeals issued by or on behalf of the Friends.

When people sign up to the list we will explain how their details will be used, how they will be stored, and that they may ask to be removed from the list at any time. We will ask them to give separate consent to receive publicity and fundraising messages and will only send them messages which they have expressly consented to receive.

We will not use the mailing list in any way that the individuals on it have not explicitly consented to.

We will provide information about how to be removed from the list with every mailing.

We will not allow any third-party organisations to access the mailing list.

4) Website

Personal data in relation to any individuals will not be displayed on our website without authorisation from the individuals concerned. Access to the website will be limited to committee members and other persons specifically authorised by the committee for the purposes of maintaining and/or updating the website content.

5) Contacting committee members

The committee need to be in contact with one another to run the organisation effectively and ensure its legal obligations are met.

Committee contact details will be shared among the committee.

Committee members will not share each other’s contact details with anyone outside of the committee or use them for anything other than the Friends of Rye Harbour Nature Reserve business, without explicit consent.

6) Review

These procedures will be reviewed every two years