Henbury Millennium Green Trust
Registered Charity Number 1072953
Data Protection Policy
Date First Issued : 29/09/2018
Version: 4.0 Reviewed on 30/09/2019 and Issued on 09/10/2019
Last Updated By: J R Cousin
Review Date: Annually at the September Trust meeting
Contents
Introduction
The nature of the Henbury Millennium Green Trust (HMGT) and the personal information it records means that it is exempt from Registration under the Data Protection Act 1998 and the European General Data Protection Regulation (GDPR) effective from 25th May 2018 as defined at https://ico.org.uk/for-organisations/data-protection-fee/self-assessment/. Although exempt from registration, HMGT is committed to the lawful and correct treatment of any personal information and undertakes to comply fully with the data protection principles of good practice outlined in the GDPR, whether processed on paper or by computer. In addition to knowing what HMGT is doing to comply with data protection law, trustees, donors and volunteers are also entitled to know their rights under data protection law and how to use them.
Purpose
This policy supports HMGT compliance with its obligations as a Data Controller and where applicable, a Data Processor under data protection law. HMGT is responsible for, and must be able to demonstrate, compliance with the following
Data Protection Principles:
1. Personal information must be fairly and lawfully processed
2. Personal information must be processed for limited purposes
3. Personal information must be adequate, relevant and not excessive
4. Personal information must be accurate and up to date
5. Personal information must be secure
6. Personal information must not be kept for longer than is necessary
7. Personal information must be processed in line with the data subjects' rights
Objectives
HMGT will apply the Data Protection Principles and other requirements of data protection law to the management of all personal data throughout the information life cycle by adopting the following policy objectives.
Data are fairly and lawfully processed
This means that the HMGT will:
Data are processed for limited purposes
This means that:
Data must be secure
This means that HMGT will:
Data are not to be kept for longer than is necessary
This means that HMGT will:
Data are processed in line with the data subjects' rights
This means that HMGT will:
Scope:
This policy applies to all Trustees, donors, volunteers and contacts of HMGT.
This policy applies to all personal data created or received in the course of HMGT business in all formats. Personal data may be held or transmitted in paper and electronic formats.