Data Protection

Data protection is about how we, as an organisation, ensure we protect the rights and privacy of individuals, and comply with the law, when collecting, storing, using, amending, sharing, destroying or deleting personal data. Personal data is information about a person which is identifiable as being about them.

This is to explain what data we may keep on members of the group, what it will be used for, right of  access to personal data by members, security and deletion of data.

What we collect

We collect details on our membership form, consisting of name, address, phone, and email contact address. We also collect contact details for our volunteers. We may also take photos of members and volunteers during group activities. These may be used on our media outlets such as Facebook and our website. Membership forms have a consent option for this.

We will collect the minimum data we need and will use it for purposes which the individual has given explicit consent to, purposes that are in our our group’s legitimate interests, to comply with legal obligations, or to protect someone’s life, or to perform public tasks (eg shows).  We will collect, store, use, amend, share, destroy or delete personal data only in ways which protect people’s privacy.

Responsibilities

Although the committee have the main responsibility for data protection, it is also a requirement that members and volunteers abide by our data policy.

Use of data

We use this information to be able to contact you in relation to group activities such as meetings, events, sending you items in the post and general communication processes. We will need you to consent for us to hold this data for such purposes.

We will also need your consent to share information with certain third parties in relation to the activities we engage in eg Lego, show venue staff and organisers. You will be made aware that your contact details will be shared with a third party and your permission obtained for us to do so. Any verbal consent to holding data (eg asking to join our email list) will be recorded as such.

Committee consent for contact details

The committee members will not do the following without consent from the other committee members:-

  • Pass on other committee members details
  • Use them for anything other than group business
  • Put other committee members contact details on group publicity
  • If someone leaves the committee everyone will delete their details, and vice versa, unless specific consent is given to keep them
  • Sharing data without consent.
  • This may occur if there is a legal obligation to share your data, in which case you will be notified.
  • Data maybe also be shared when it is vital to the safety of an individual.

Where data is held

Data is currently held on password protected electronic devices. In the event of a third party gaining access to this information who should not have access, you will be advised of the breach and the parties involved. We will try to get the data back. The reasons for the breach will be investigated and the policy reviewed. Serious data breaches which may risk someone’s personal rights or freedoms will be reported to the Information Commissioner’s Office and to the individual concerned.

Any data which is provided to an individual while a person is out and about, maybe temporarily recorded, (eg on a phone, piece of paper) but once that has been added to the groups central contact list, it will be deleted from other sources.

Right of access to your personal information

Each member has the right to ask to know what data we hold on them. Please contact the secretary for this information

Deletion of data

If a members does not pay their membership fees on the due date, under our obligations, we will have to delete your data. We will contact you to advise of this. You may also request that your data is deleted at any point.

Withdrawal of consent to hold data

Any member/volunteer may notify the secretary if they wish to withdraw any consent to data being held. We will delete the data unless there is a legal reason why we have to keep it.

This policy will be reviewed every two years.
Signed (Chair): R Carter
Signed (Secretary): Mim Porter
Date policy agreed 8.2.21
Date of next review November 2022

© Bricks Alley LEGO® User Group. The LEGO Group does not own or endorse Brick Alley. LEGO® is a registered trademark of the LEGO Group.

County Durham website design by Peacock Carter.