Wroxham and Hoveton Good Neighbour Scheme– General Privacy Notice

This general privacy notice covers our processing of your data as part of our general communications with you and delivery of organisational support services.

Our basis for processing your data

Wroxham and Hoveton Good Neighbour Scheme provides a safety net for those in isolation who have no other means of support in the Wroxham and Hoveton area, to do this we need to process certain pieces of personal information. 

Most of your personal data is processed in compliance with the Legitimate Interests condition. This says that if we have a good reason to process your personal data then we may do so without your explicit consent so long as there is no unwarranted impact on you. Broadly we will have obtained your information because you have given it to us, it has been gathered as part of our work with you or you have been identified as a contact for a charity, parish council or similar organisation. 

In general we use this data to communicate with you, mainly by email but occasionally by phone. We communicate with in order to provide you with information we believe will be relevant and helpful to our task.

When doing this we provide you with privacy information and links to allow you to opt-out of some or all future contact. 

By signing up as a volunteer you have consented to this contact.   

In more detail how we use your data

• To task volunteers to provide support.
• To help us to build up a picture of how we are performing and evaluate our services;
• To maintain our own accounts and records;
• To seek your views, opinions or comments;
• To notify you of changes to our projects, services, events and staff/trustees or other role holders;
• To allow the statistical analysis of data

What data we hold

• Your full contact details  
• Details of tasks you have conducted for us  

How we store it

• We hold your information on our database (CRM), which is secure and only accessible by our team.  This is the information we use to record our work with you.
• We hold a mailing list (which you are receiving this through) on Mailchimp, which is secure and only accessible by the members of our team who administrate it. 
• Personal information will also be contained on the email software and accounts of team members who are working with you. 

Processing by other parties

We transfer data to Mailchimp who provide us with email and marketing services. This data may be stored or transferred outside of the European Economic Area (EEA). MailChimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. 

We transfer information to Microsoft as part of its provision of cloud services to us (Office 365, Microsoft Azure). This data may be stored or transferred outside of the European Economic Area (EEA). Microsoft adheres to the principles of the EU-U.S. and Swiss-U.S. Privacy Shield frameworks.

How long do we keep your personal data?

For general communications we will retain your data and process it as outlined above until you request that we cease or your contact details appear to be no-longer valid. We will keep some records permanently if we are legally required to do so. We may keep some other records for an extended period of time. For example, it is currently best practice to keep financial records for a minimum period of 6 years to support HMRC audits or provide tax information. We may have legal obligations to retain some data in connection with our projects/services for an extended period of time. In general, we will endeavour to keep data only for as long as we need it. This means that we will delete it when it is no longer needed.

GDPR & Your Rights

The EU General Data Protection Regulation (GDPR) is designed to protect individual residents of the EU’s identities and right to privacy. In essence this gives people the right to know, understand and more importantly control what personal data any organisation collects about them. 

• You can read more about your rights under GDPR here https://ico.org.uk/your-data-matters/
• You can read more about organisations responsibilities under GDPR here https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

How to contact us

This Privacy Information is provided to you by Wroxham and Hoveton Good Neighbour Scheme which is the data controller for your data. If you have any questions email wandh.gns@gmail.com

Your right to complain to the ICO

You can report any concern you have to the ICO https://ico.org.uk/concerns/ . However, we would always hope to be able resolve and queries or problems first so if you do have any concerns please do get in touch.