WAGA Data Protection Policy
Introduction
WAGA is required by law to comply with the Data Protection Act (DPA) and the General Data Protection Regulation (GDPR)
The Data Protection Act (DPA) is a law designed to protect personal data stored on computers or in an organised paper filing system.
The principles behind the DPA can be found at:
https://ico.org.uk/for-organisations/data-protection-act-2018/
The GDPR gives individuals a greater level of control over how their data is managed and requires organisations which hold personal data to explain and justify how this is done. A guide to the GDPR can be found at:
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
There are 6 lawful basis stated in the GDPR legislation under which WAGA can legitimately keep our members data.
By re-joining WAGA each year our members ‘consent’ for us to continue to use their data which they have supplied.
We keep data for 1 year after a member has resigned because of the ‘legal obligation’ we have with Companies House, then it is deleted.
When members join or renew each year with WAGA they expect to be supplied with certain services (such as the Newsletter) which gives WAGA ‘legitimate interest’ to hold our members data.
What data does WAGA keep?
WAGA keeps the following data about our members (if supplied):
How does WAGA protect data?
Information held by WAGA is either password protected, if in an electronic format or kept in a secure location, if in paper format.
Who has access to this data?
Only the Directors, relevant committee members or volunteers who need the data to be able to supply a service have access to that data.
How can I review or update my data?
The information we hold can be reviewed and or changed by our members by contacting membership.waga@outlook.com
What happens to my data when I leave WAGA?
We keep data for 1 year after a member has resigned because of the Legal obligation we have with Companies House, then it is deleted.
Introduction
WAGA is required by law to comply with the Data Protection Act (DPA) and the General Data Protection Regulation (GDPR)
The Data Protection Act (DPA) is a law designed to protect personal data stored on computers or in an organised paper filing system.
The principles behind the DPA can be found at:
https://ico.org.uk/for-organisations/data-protection-act-2018/
The GDPR gives individuals a greater level of control over how their data is managed and requires organisations which hold personal data to explain and justify how this is done. A guide to the GDPR can be found at:
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
There are 6 lawful basis stated in the GDPR legislation under which WAGA can legitimately keep our members data.
- Consent
- Contract
- Legal obligation
- Vital interests
- Public task
- Legitimate interests
By re-joining WAGA each year our members ‘consent’ for us to continue to use their data which they have supplied.
We keep data for 1 year after a member has resigned because of the ‘legal obligation’ we have with Companies House, then it is deleted.
When members join or renew each year with WAGA they expect to be supplied with certain services (such as the Newsletter) which gives WAGA ‘legitimate interest’ to hold our members data.
What data does WAGA keep?
WAGA keeps the following data about our members (if supplied):
- Name of member
- Postal address
- Telephone number
- Email address
- Name of other household member who can use the shop
- Plot numbers (if any)
- Date of joining WAGA
How does WAGA protect data?
Information held by WAGA is either password protected, if in an electronic format or kept in a secure location, if in paper format.
Who has access to this data?
Only the Directors, relevant committee members or volunteers who need the data to be able to supply a service have access to that data.
How can I review or update my data?
The information we hold can be reviewed and or changed by our members by contacting membership.waga@outlook.com
What happens to my data when I leave WAGA?
We keep data for 1 year after a member has resigned because of the Legal obligation we have with Companies House, then it is deleted.
