Accept Cookies?
Privacy Statement
Share |

Type of information processed

The Society for the Environment processes the following personal information: names, personal addresses, telephone number, email address and date of birth of Chartered Environmentalists and Registered Environmental Technicians, as well as the names and contact details of people who provide them through contacting us on the website or sharing them at events.

Personal information is kept in the following forms: computer based systems

Only staff within the organisation who will process personal information will have access to personal information.

Notification

The needs we have for processing personal data are recorded on the public register maintained by the Information Commissioner. We notify and renew our notification on an annual basis as the law requires.  
 
If there are any interim changes, these will be notified to the Information Commissioner within 28 days.
 

Responsibilities

Under the Data Protection Guardianship Code, overall responsibility for personal data in a not for profit organisation rests with the governing body. In the case of the Society for the Environment, all staff, trustees and volunteers have responsibilities to abide by the policy.

All employed staff who process personal information must ensure they not only understand but also act in line with this policy and the data protection principles. 

Breach of this policy will result in disciplinary proceedings.
 
Policy Implementation

To meet our responsibilities staff will:
Ensure any personal data is collected in a fair and lawful way;
Explain why it is needed at the start;
Ensure that only the minimum amount of information needed is collected and used;
Ensure the information used is up to date and accurate;
Review the length of time information is held;
Ensure it is kept safely;
Ensure the rights people have in relation to their personal data can be exercised 

We will ensure that:
Everyone managing and handling personal information is trained to do so. 
Anyone wanting to make enquiries about handling personal information, whether a member of staff, volunteer or service user, knows what to do; 
Any disclosure of personal data will be in line with our procedures.
Queries about handling personal information will be dealt with swiftly and politely.

Training

Training and awareness raising about the Data Protection Act and how it is followed in this organisation will take the following forms: 

On induction: the privacy policy will be provided to inductees and recipients sign as proof of receipt and understand, staff will also be provided information regarding not disclosing passwords, network security and processes for keeping data secure.

General training/ awareness raising: processes will be reviewed every six months and all staff informed of changes and updates, reminders of the policy will be made biannually where no changes are made.

Gathering and Checking Information

Before personal information is collected, we will consider: what details are necessary for our purposes and how long we are likely to need this information.

We will inform people whose information is gathered about the following: why the information is being gathered, what the information will be used for, who will have access to their information.

We will take the following measures to ensure that personal information kept is accurate: provide reminders to ensure that details are kept up to date.

Personal sensitive information will not be used apart from the exact purpose for which permission was given.

Data Security

The organisation will take steps to ensure that personal data is kept secure at all times against unauthorised or unlawful loss or disclosure. The following measures will be taken: computer systems containing personal details are password restricted, all systems are routinely backed up to external hard drive stored in a locked cupboard (access to cupboard is restricted to essential staff only), access to physical server is restricted to essential staff only.

Any unauthorised disclosure of personal data to a third party by an employee may result in disciplinary proceedings or termination.

Any unauthorised disclosure of personal data to a third party by a volunteer or trustee may result in: a trustee being held personally liable for any penalty arising from a breach that they have made. 

Any unauthorised disclosure made by a volunteer may result in the termination of the volunteering.

Data stored externally,

Data stored by the Society for the Environment on the website, www.socenv.org.uk, is covered by the privacy policy outlined here and by the YourMembership privacy policy, a copy of which can be found at http://www.yourmembership.com/legal/

Data stored by the Society for the Environment on our email client, MailChimp, is covered by the privacy policy outlined here and by the MailChimp privacy policy, a copy of which can be found at https://mailchimp.com/legal/privacy/?_ga=1.205388624.1938251368.1486387850

Subject Access Requests

Anyone whose personal information we process has the right to know:
What information we hold and process on them
How to gain access to this information
How to keep it up to date
What we are doing to comply with the Act.

They also have the right to prevent processing of their personal data in some circumstances and the right to correct, rectify, block or erase information regarded as wrong.

Individuals have a right under the Act to access certain personal data being kept about them on computer and certain files.  Any person wishing to exercise this right should apply in writing or via email to Elaine Rutherford
 

The following information will be required before access is granted: Full name and contact details of the person making the request, their relationship with the organisation and any other relevant information pertinent to the request. For Chartered Environmentalists or Registered Environmental Technicians seeking to access records, their registrant number and their professional body membership.

Queries about handling personal information will be dealt with swiftly and politely. We will aim to comply with requests for access to personal information as soon as possible, but will ensure it is provided within the 40 days required by the Act from receiving the written request.  

Review

This policy will be reviewed yearly to ensure it remains up to date and compliant with the law. 

Member Bodies

Society for the Environment
IC1.14a Techno Centre, Coventry Technology Park, Puma Way 
Coventry, West Midlands CV1 2TT.
© Copyright 2016 Society for the Environment. All rights reserved.

Privacy Statement