This policy explains how we use the data you share with us, or that we collect about you. It details why and how we collect your data, why we keep it and what we use it for, and what you can do if you’re unhappy about how we use it. The Christian Science Association of the pupils of Jenny Lobl CSB processes data in accordance with the European Union’s General Data Protection Regulation,May 2018, also referred to in this document and elsewhere as GDPR.
Who are “We”?
When we use “We”, “Us” or “Our” in this policy we are talking about The Christian Science Association of the pupils of Jenny Lobl CSB. For information contact secretary Bee Hughes at firstname.lastname@example.org.
The data controller is Jenny Lobl CSB.
The data processors are the Secretary and the Treasurer of the Association.
What is personal data?
Personal data is information that can be used to identify an individual. This might include your name, address, telephone number or email address. As well as your basic personal details, other data we might store may include:
- information relating to making donations or payments
- information we need to process payments
- details of your current or past roles in the Association
- dietary, health, financial or access needs you may have which you have shared with us as part of enabling you to participate in the Association
- details of your engagement with other Christian Science activities or organisations
Our organisation only collects personal data of its members, visitors to its Association meeting and other people who have played or will play a role in its business or meetings.
How do we collect personal data?
Data is primarily collected when you apply for Class instruction and subsequently join the Association or apply to be a visitor at an Association meeting. You might share other data with us, for instance, when you participate in Association events, make donations or payments. You will know that we have this information because you have given it to us.
What do we use personal data for?
We use your personal data for:
- Communicating with you
- Organising and delivering the annual Association meeting
- Enabling you to participate in the Association
- Processing donations or other payments
When we contact you
We will contact you regarding attending the annual Association meeting or in processing donations or payments. In addition if you are a member we will contact you in relation to the business of the Association and your membership.
Who do we share your information with?
We will never sell your information to other organisations, or share it in any way with other organisations.
Also, within the Association, it is the policy of the Association that we do not produce and circulate lists of members’ personal information. On an individual basis members may request another member’s contact details. Any request for another members’ details needs to be made in writing to the Association Secretary and will be provided only with the express permission of the member whose details are being sought.
We will share your information if legally required to do so by the police, regulatory or other legal bodies.
When the Association is wound up its archival records may be passed to The Mother Church, The First Church of Christ, Scientist, in Boston, USA.
How do we keep your information safe and secure?
We store information on paper and/or electronic files at the home of our Secretary, Treasurer, and President (Teacher) and on secure computers located within and outside the UK. All personal computers are password protected and any portable storage devices used to store data are encrypted. We may also store your data on reputable, password protected cloud based storage systems, such as Dropbox, & Google Drive.
If you are a visitor to the Association, we will keep your information for 7 years.
The Association historical records will always show that a member was class taught by the teacher, and therefore is not eligible to be taught by another Christian Science teacher.
Security of Data
We take reasonable steps to process data ‘in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures’ Article 5 (f) GDPR. This means that data we hold is secure by making sure that it is held in as few places as practical, by ensuring that if it is stored in the cloud a reputable, password protected, storage system is used and by ensuring that unauthorised people do not have access to data.
Breach in data Procedures
Any breach in data storage will be managed in a timely manner in line with Article 5 (f).
What are your rights?
Any individual whom we hold personal data has the right to see what data is being stored about them; additionally any member is able to make corrections where there may be errors or where updates necessary. Any request to see any data stored, or to make any corrections must be made in writing to the secretary who will respond within 10 working days.
You also have the right to access a copy of the information we hold about you. You can access a copy of this information by contacting the Association secretary via email at email@example.com.
For more information about your rights under GDPR, visit the website of the Information Commissioner’s Office at: ico.org.uk
We will review this policy annually, taking into consideration any changes made to the legislation. Any amendments made to the policy will be updated and published on our website and/or emailed to all Association members, as well as visitors attending that year who may be affected by the changes.
This Policy was last updated on 09/04/2018 V1.0