Cookies

We use essential cookies to make our site work. We'd also like to set analytics cookies that help us make improvements by measuring how you use the site. These will be set only if you accept.

For more detailed information about the cookies we use, see our cookies page.

Essential Cookies

Essential cookies enable core functionality such as security, network management, and accessibility. For example, the selections you make here about which cookies to accept are stored in a cookie.

You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics Cookies

We'd like to set Google Analytics cookies to help us improve our website by collecting and reporting information on how you use it. The cookies collect information in a way that does not directly identify you.

Third Party Cookies

Third party cookies are ones planted by other websites while using this site. This may occur (for example) where a Twitter or Facebook feed is embedded with a page. Selecting to turn these off will hide such content.

Royale Dunton Court

Park Residents Association Privacy Policy

There are rules set out in law which all organisations, including community groups, must follow in order to help protect people’s data and privacy. The relevant legislation for organisations in the UK is the UK General Data Protection Regulation (UK GDPR), and the Data Protection Act of 2018.

1) What is personal data


Personal data is information about a person which is identifiable as being about them. It can be stored electronically or on paper, and includes images and audio recordings as well as written information.

Data protection is about how we, as an organisation, ensure we protect the rights and privacy of individuals, and comply with the law, when collecting, storing, using, amending, sharing, destroying or deleting personal data.

2) Our responsibilities

Overall responsibility for data protection lies with the management committee, who are responsible for overseeing activities and ensuring this policy is upheld. All volunteers are responsible for observing this policy, and related procedures, in all areas of their work for the group.


3) Overall policy statement

Royale Dunton Court Residents Association needs to keep personal data about its committee, members, volunteers and supporters in order to carry out the association's activities.

We will collect, store, use, amend, share, destroy or delete personal data only in ways which protect people’s privacy and comply with the UK General Data Protection Regulation (GDPR) and other relevant legislation.

We will only collect, store and use the minimum amount of data that we need for clear purposes, and will not collect, store or use data we do not need.

We will only collect, store and use data for:

a) purposes for which the individual has given explicit consent

b) purposes that are in our group’s legitimate interests or to comply with legal obligations.

c) We will provide individuals with details of the data we have about them when requested by the relevant individual.

d) We will delete data if requested by the relevant individual, unless we need to keep it for legal reasons.

e) We will endeavour to keep personal data up-to-date and accurate.

f) We will store personal data securely.

g) We will keep clear records of the purposes of collecting and holding specific data, to ensure it is only used for these purposes.

h) We will not share personal data with third parties without the explicit consent of the relevant individual, unless legally required to do so.

i) We will endeavour not to have data breaches. In the event of a data breach, we will endeavour to rectify the breach by getting any lost or shared data back. We will evaluate our processes and understand how to avoid it happening again. Serious data breaches which may risk someone’s personal rights or freedoms will be reported to the Information Commissioner’s Office within 72 hours, and to the individual concerned.

4) Procedures

We have created the following procedures which outline ways in which we collect, store, use, amend, share, destroy and delete personal data. These procedures cover the main, regular ways we collect and use personal data. We may from time to time collect and use data in ways not covered here. In these cases we will ensure our Data Protection Policy is upheld.

  • The only data we need to keep is details of our members Data will be stored securely. When it is stored electronically, it will be kept in password protected files. When it is stored online in a third party website (e.g. Google Drive) we will ensure the third party comply with the UK GDPR. When it is stored on paper it will be filed carefully in a locked filing cabinet.
  • When we no longer need data, or when someone has asked for their data to be deleted, it will be deleted securely. We will ensure that data is permanently deleted from computers, and that paper data is shredded.
  • We will keep records of consent given for us to collect, use and store data. These records will be stored securely.

5) Dealing with members data

From time to time, individuals contact the Group to ask us to help them resolve an issue they are having with Royale or other local services.

  • We will request explicit, signed consent before sharing any personal details with Royale or any other relevant third party.
  • We will not keep information relating to an individual’s personal situation for any longer than is necessary for the purpose of providing them with the support they have requested.
  • Details relating to the individual's circumstances will be treated as strictly confidential within the committee unless the individual has given explicit consent to the contrary..

6) Dealing with committee member data

The committee needs to be in contact with one another in order to run the organisation effectively and ensure its legal obligations are met.

  • Committee contact details will be shared among the committee.
  • Committee members will not share each other’s contact details with anyone outside of the committee, or use them for anything other than residents association business, without explicit consent.

This policy will be reviewed every two years

Date………20/3/2022………………………………..