The EU General Data Protection Regulation (effective under UK law from 25 May 2018) requires all organisations to take steps to ensure that any personal data they hold is secure and not held for longer than is reasonable. This legislation applies to The Friends of Kennington Park and this document explains our policy and approach.
Why we hold your data
The Friends of Kennington Park holds personal data relating to its members, recent members, donors and supporters. We keep this data to:
Contact you about your membership and any donations, and about our campaigns and projects
Inform you about any governance issues such as committee membership, dates of key meetings, such as the AGM
Advise you about events and developments in the Park
Inform you of relevant national and local campaigns which might affect the Park and where your support is important
Our principles and practice
We do our very best to protect your privacy by holding the minimum amount of data to allow us to contact you, and to complete financial and membership processes, effectively and efficiently. We do not share your data with other organisations unless they are acting to support our communication with you, or acting on our behalf to manage a programme of activities
We will be clear about what data we hold and why we hold it.
We keep any such personal data in password protected Excel spreadsheets held by a limited number of Committee Members – usually the Secretary, Treasurer and Membership Administrator. These spreadsheets may be held in a password protected ‘cloud’ account such as Google or OneDrive but will never be held on a portable device such as a flash drive, tablet or smartphone.
What information do we hold?
Initially we may hold financial data for you in order to confirm payment of membership fees, donations, etc.
Once membership is confirmed, we will only hold your name, email address and membership renewal information. We will not continue to hold residential addresses as we will only ever contact you electronically. If you do not have an email address, we will reach an individual agreement with you about the ways in which we communicate and therefore the data we hold.
How we use your personal information
To communicate with you effectively and efficiently we use expert providers. This means that some data will be ‘exported’ to and held in organisations such as internet based commercial communications service providers. Our current provider is Mailchimp.com. Data held by MailChimp (or other communication providers) will be limited to names and email addresses. Access to this information will be password protected and is restricted to members of the Committee, the Membership Administrator and any agent or contractor acting with the express approval of the Committee.
To comply with our obligation to only keep personal data for a limited time, we will not retain any such data for more than two years after the last time an individual, household or group made a payment or contribution to the Friends. Our schedule of key influencers and supporters will be reviewed as part of the biennial review of this policy and will be updated as appropriate or by specific request.
How we obtain data
At present, we may obtain personal data through:
paper-based membership forms,
via our website and associated email account firstname.lastname@example.org - both of which are hosted by Google,
Access to any electronic services is password protected and restricted to members of the Committee, the Membership Administrator and any agent or contractor acting with the express approval of the Committee.
If you need to update the details we hold about you or want to change your preferences about how we contact you please contact The Secretary by emailing email@example.com. Please mark your email Data Protection.
If you have any questions or complaints about the way in which we are using your data please contact The Secretary by emailing firstname.lastname@example.org. Please mark your email Comments and Complaints.
Publishing our policy
We will publish this Policy on our website and will give people the opportunity to ask to verify the data we hold for them and/or to have their details removed from our databases.
Policy Approval and Review
This Policy is approved by the Committee of the Friends of Kennington Park and will be reviewed every two years. Next review May 2020.