Privacy Policy

Shirland Miners Welfare (referred to as “we”, “us”, or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, and store your personal data, and your rights in relation to that data, in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who We Are

Shirland Miners Welfare is a registered charity dedicated to providing recreational facilities for the local community.

What Personal Data We Collect

We may collect and process the following types of personal data:

  • Contact Information: Name, address, email address.
  • Membership Information: If applicable, membership status, membership number, dates of membership.
  • Volunteer Information: If applicable, availability, skills, emergency contact details.
  • Event Information: Details of events you attend or express interest in.
  • Communication Preferences: How you prefer to receive communications from us.
  • Photographs/Videos: Taken at our events or facilities with your consent, for promotional purposes.

How We Collect Your Personal Data

We collect personal data through various channels, including:

  • When you become a member or renew your membership.
  • When you volunteer your time.
  • When you sign up for our newsletter or other communications.
  • When you register for or attend our events.
  • When you contact us by email or through our website.
  • When you provide feedback or make a complaint.

How We Use Your Personal Data

We use your personal data for the following purposes:

  • To administer your membership or volunteer role: Including communicating with you about your involvement.
  • To communicate with you: About our activities, news, and events (where you have consented to receive such communications).
  • To provide services and facilities: Such as access to our premises or specific programs.
  • To organize and manage events: Including sending invitations and managing attendance.
  • To improve our services: By understanding the needs and interests of our community.
  • For internal record-keeping: And administrative purposes.
  • To comply with legal obligations: Such as charity commission requirements.
  • For safeguarding purposes: Where appropriate and necessary.

Our Lawful Bases for Processing

We will only process your personal data where we have a lawful basis to do so under UK GDPR. These include:

  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., sending you newsletters). You can withdraw your consent at any time.
  • Contract: Where the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract (e.g., managing your membership).
  • Legal Obligation: Where the processing is necessary for us to comply with the law.
  • Legitimate Interests: Where the processing is necessary for our legitimate interests or the legitimate interests of a third1 party, provided those interests are not overridden by your fundamental rights and freedoms (e.g., communicating with members about relevant charity news, ensuring the security of our premises). We will always conduct a legitimate interests assessment to ensure this basis is appropriate.
  • Public Interest: In some limited cases, processing may be necessary for tasks carried out in the public interest.

Sharing Your Personal Data

We will not sell or rent your personal data to third parties. We may share your personal data with:

  • Service Providers: Third-party organizations that provide services on our behalf, such as IT support or email marketing platforms. We ensure these providers are contractually obligated to protect your data and comply with data protection laws.
  • Government Bodies/Regulators: Where legally required (e.g., Charity Commission).
  • Professional Advisors: Such as our accountants or legal advisors.

We will always ensure that any third parties we share your data with are reputable and have appropriate security measures in place.

Data Security

We take the security of your personal data seriously. We implement appropriate technical and organizational measures to protect your data from unauthorized access, accidental loss, destruction, or damage. These measures include:

  • Restricting access to personal data to authorized personnel.
  • Using secure servers and encryption for online data.
  • Regularly reviewing our security practices.
  • Training staff on data protection best practices.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

For example:

  • Membership records are typically retained for 3 years after membership ceases.

Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • The Right to Be Informed: About how your personal data is collected and used. This Privacy Policy aims to provide you with this information.
  • The Right of Access: To request a copy of the personal data we hold about you.
  • The Right to Rectification: To request that we correct any inaccurate or incomplete personal data we hold about you.
  • The Right to Erasure (Right to Be Forgotten): To request that we delete your personal data in certain circumstances.
  • The Right to Restrict Processing: To request that we limit the way we use your personal data in certain circumstances.
  • The Right to Data Portability: To request a copy of your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
  • The Right to Object: To the processing of your personal data in certain circumstances, particularly for direct marketing.
  • Rights in Relation to Automated Decision Making and Profiling: We do not use automated decision-making or profiling that would have a significant effect on you.

To exercise any of these rights, please contact us using the details below. We may require you to verify your identity before processing your request.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on our website and, where appropriate, notified to you by email.

Contact Us

If you have any questions about this Privacy Policy or our data protection practices, or if you wish to exercise any of your rights, please contact:

The Data Protection Lead
Shirland Miners Welfare
121-123 Main Road
Shirland
Alfreton
Derbyshire
DE55 6BA
Email: trustees@shirland-welfare.org


Complaints

If you are not satisfied with our response to a privacy concern, you have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK’s independent authority for data protection.

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: www.ico.org.uk