Privacy & Data Protection Policy
Privacy & Data Protection Policy:
Changing Seasons Chinese & ESEA Community Project a sub-group of Sheffield Chinese Community Centre
1) Definitions
Personal data is information about a person which is identifiable as being about them. It can be stored electronically or on paper, and includes images and audio recordings as well as written information.
Data protection is about how we, as an organisation, ensure we protect the rights and privacy of individuals, and comply with the law, when collecting, storing, using, amending, sharing, destroying or deleting personal data.
2) Responsibility
Overall and final responsibility for data protection lies with the management committee, who are responsible for overseeing activities and ensuring this policy is upheld.
All volunteers are responsible for observing this policy, and related procedures, in all areas of their work for the group.
3) Overall policy statement
Changing Seasons Chinese & ESEA Community Project needs to keep personal data about its committee, members, volunteers and supporters in order to carry out group activities.
We will collect, store, use, amend, share, destroy or delete personal data only in ways which protect people’s privacy and comply with the UK General Data Protection Regulation (GDPR) and other relevant legislation.
We will only collect, store and use the minimum amount of data that we need for clear purposes, and will not collect, store or use data we do not need.
We will only collect, store and use data for:
purposes for which the individual has given explicit consent, or
purposes that are in our our group’s legitimate interests, or
contracts with the individual whose data it is, or
to comply with legal obligations, or
to protect someone’s life, or
to perform public tasks.
We will provide individuals with details of the data we have about them when requested by the relevant individual.
We will delete data if requested by the relevant individual, unless we need to keep it for legal reasons.
We will endeavor to keep personal data up-to-date and accurate.
We will store personal data securely.
We will keep clear records of the purposes of collecting and holding specific data, to ensure it is only used for these purposes.
We will not share personal data with third parties without the explicit consent of the relevant individual, unless legally required to do so.
We will endeavour not to have data breaches. In the event of a data breach, we will endeavour to rectify the breach by getting any lost or shared data back. We will evaluate our processes and understand how to avoid it happening again. Serious data breaches which may risk someone’s personal rights or freedoms will be reported to the Information Commissioner’s Office within 72 hours, and to the individual concerned.
To uphold this policy, we will maintain a set of data protection procedures for our committee and volunteers to follow.
4) Review
This policy will be reviewed every two years
Privacy & Data Protection Policy/隐私与数据保护政策
Changing Seasons Chinese & ESEA Community Project a sub-group of Sheffield Chinese Community Centre
1) 定义
个人数据是指关于个人的信息,可以识别该个人。数据可以以电子方式或纸质方式存储,包含图像、音频录音以及书面信息。
数据保护是指我们作为一个组织,如何确保在收集、存储、使用、修改、共享、销毁或删除个人数据时,保护个人的权利和隐私,并遵守法律。
2) 责任
数据保护的整体和最终责任由管理委员会承担,管理委员会负责监督活动并确保本政策得到遵守。
所有志愿者有责任在其所有工作领域内遵守本政策和相关程序。
3) 总体政策声明
“Changing Seasons 华人及东南亚社区项目” 需要保存有关委员会成员、志愿者和支持者的个人数据,以便开展小组活动。
我们将仅以保护个人隐私并符合英国通用数据保护条例(GDPR)及其他相关法律的方式,收集、存储、使用、修改、共享、销毁或删除个人数据。
我们将只收集、存储和使用我们需要的最低限度的数据,且不会收集、存储或使用不需要的数据。
我们仅会收集、存储和使用数据用于以下目的:
个人已明确同意的目的,或
我们小组的合法利益,或
与个人的数据相关的合同,或
遵守法律义务,或
保护他人生命,或执行公共任务。
我们将在相关个人请求时,提供我们所持有的关于他们的个人数据的详细信息。
我们将在相关个人要求下删除数据,除非我们因法律原因需要保留数据。
我们将努力保持个人数据的更新和准确。
我们将确保个人数据的安全存储。
我们将保持明确的记录,说明收集和保存特定数据的目的,确保数据仅用于这些目的。
未经相关个人明确同意,我们不会将个人数据与第三方共享,除非法律要求这样做。
我们将尽力避免数据泄露。如果发生数据泄露,我们将努力通过找回任何丢失或共享的数据来纠正泄露情况。我们将评估我们的流程,并了解如何避免再次发生此类情况。可能危及个人权利或自由的严重数据泄露将在72小时内报告给信息专员办公室,并通知相关个人。
为了贯彻本政策,我们将为委员会和志愿者制定一套数据保护程序。
4) 审查
本政策将每两年审查一次。
