The Trustees will appoint one of their number to act as the charity’s Data Protection Trustee. All questions and concerns in relation to this policy should be addressed to them. As at March 2021 this person is Mark Adams and they can be contacted via the charity’s secretary (Dee Balshaw)
We collect personal information for the following purposes, there is a privacy notice wording/information collection form for each purpose. Please use the correct privacy notice wording /information collection form, if you need to collect personal information for a purpose not covered here then please contact the Data Protection Trustee.
|
Purpose |
Privacy notice/information collection form |
Consent required? |
Legal basis |
|
Volunteers and supporters contact information |
Volunteer and supporter |
No |
Legitimate interest |
|
Information for claiming Gift Aid refund |
The Compass Gift aid form |
Yes – info sent to HMRC/bank |
Legitimate interest |
|
Client contact for signposting and/or direct intervention |
Client contact form |
Yes |
Consent |
|
Information relating to employed staff e.g. references |
Employed staff information |
No |
Contract with data subject |
We don’t publish personal data.
Requests to withdraw consent by a data subject for the information provided should be passed to the Data Protection Trustee immediately.
DBS checks do not require us to collect personal information. Our DBS administrator confirms a person’s identity but does not access or store the information the person has entered. The DBS administrator receives and files a copy of the result of the DBS check.
Individuals whose personal information is held the charity have the right to access that information. This right is subject to certain exemptions outlined in the Data Protection Act.
Any person who wishes to exercise this right should make the request in writing to the Charity’s Secretary. The request will be forwarded to our Data Protection Trustee immediately. We will act on all valid requests as soon as possible, and at the latest within one calendar month, unless we have reason to, and can lawfully extend the timescale. This can be extended by up to two months in some circumstances.
If personal details are inaccurate, they can be amended upon request to the Charity’s Secretary. All data subjects’ rights are provided free of charge. Any information provided to data subjects will be concise and transparent, using clear and plain language.
When we receive a request we will search all appropriate documents to find any references to the person making the request – where necessary we will redact and/or anonymise information that identifies other parties.
A copy of this policy and practice is available on request to the Charity’s Secretary.
Any direct marketing material that we send will identify the charity as the sender and will say that people can object to receiving similar communications in the future by contacting the Charity’s Secretary.
We may share information with the following organisations: those to whom the client has been signposting or referred for direct intervention
Where staff or volunteers think that this policy has not been followed, or data might have been breached or lost, this should be reported immediately to the Data Protection Trustee.
The Data Protection Trustee will keep records of data breaches, even if we do not report them to the ICO.
We will report all data breaches which are likely to result in a risk to any person, to the ICO. Reports will be made to the ICO within 72 hours from when someone in the charity becomes aware of the breach. In situations where a personal data breach causes a high risk to any person, we will (as well as reporting the breach to the ICO), inform data subjects whose information is affected, without undue delay.
We will delete the personal data of any person who discontinues connection with the charity.
All personal information held by staff and volunteers on behalf of the charity will be held and processed in a sufficiently secure manner (whether in paper or electronic form) to prevent unauthorised access (whether by unauthorised charity staff or third parties). This means:
· We will store sensitive paper-based information in secure, lockable storage
· The paper copies of trustee and management forum meetings are the master copies
· When sensitive personal matters are discussed in a meeting, such matters will be minuted separately. Such a separate minute won’t be circulated with the minutes of the meeting, a paper copy will be stored with the paper copy of the relevant meeting minutes.
· We will use password protections and/or encryption of particularly sensitive electronic documents
· We will restrict access to both paper and electronic personal data to those who need to process
· We will ensure that personal information is transmitted securely in a way that cannot be intercepted by unintended recipients
· We will ensure that personal data is not stored outside of the UK
· Anyone with direct contact with a client will sign and commit to a confidentiality agreement
· Privacy notices
We are collecting your contact information to enable the charity to keep in touch with you. Please contact us if you want to stop receiving communications from us. If you discontinue connection with the charity your contact details will be deleted.
Email the charity at connect@thecompass.uk to stop receiving communication from us or to get a copy of our Data Protection Policy and Practice.
We are collecting this information to enable the charity to claim Gift Aid on your donations and to ask your bank to set up a standing order. Your information will be kept securely. Your details will be deleted once you stop giving to the charity; you can ask for your details to be deleted at any time.
Email the charity at connect@thecompass.uk to have your details deleted or to get a copy of our Data Protection Policy and Practice.
Please provide your name, address and best contact means e.g. phone, email.
Please tick the box if you agree to the charity contacting you about events
We are collecting your contact information to enable the charity to keep in touch with you. Please contact us if you want to stop receiving communications from us. If you discontinue connection with the charity your contact details will be deleted.
Email the charity at connect@thecompass.uk to stop receiving communication from us or to get a copy of our Data Protection Policy and Practice.
You’re welcome to reach out through the form below or contact us directly by email: connect@thecompass.uk
Start your journey – book an appointment. Kindly take our working hours into account.
Tuesday to Thursday — 9:00 to 17:00