- Events & Awards
- External Engagement
- News & Press
- About Us
Type of information processed
The Society for the Environment processes the following personal information: names, personal addresses, telephone number, email address and date of birth of Chartered Environmentalists and Registered Environmental Technicians, as well as the names and contact details of people who provide them through contacting us on the website or sharing them at events.
The needs we have for processing personal data are recorded on the public register maintained by the Information Commissioner. We notify and renew our notification on an annual basis as the law requires.
If there are any interim changes, these will be notified to the Information Commissioner within 28 days.
ResponsibilitiesUnder the Data Protection Guardianship Code, overall responsibility for personal data in a not for profit organisation rests with the governing body. In the case of the Society for the Environment, all staff, trustees and volunteers have responsibilities to abide by the policy.
All employed staff who process personal information must ensure they not only understand but also act in line with this policy and the data protection principles.
Breach of this policy will result in disciplinary proceedings.
To meet our responsibilities staff will:
• Ensure any personal data is collected in a fair and lawful way;
• Explain why it is needed at the start;
• Ensure that only the minimum amount of information needed is collected and used;
• Ensure the information used is up to date and accurate;
• Review the length of time information is held;
• Ensure it is kept safely;
• Ensure the rights people have in relation to their personal data can be exercised
We will ensure that:
• Everyone managing and handling personal information is trained to do so.
• Anyone wanting to make enquiries about handling personal information, whether a member of staff, volunteer or service user, knows what to do;
• Any disclosure of personal data will be in line with our procedures.
• Queries about handling personal information will be dealt with swiftly and politely.
Training and awareness raising about the Data Protection Act and how it is followed in this organisation will take the following forms:
Gathering and Checking Information
Before personal information is collected, we will consider: what details are necessary for our purposes and how long we are likely to need this information.
The organisation will take steps to ensure that personal data is kept secure at all times against unauthorised or unlawful loss or disclosure. The following measures will be taken: computer systems containing personal details are password restricted, all systems are routinely backed up to external hard drive stored in a locked cupboard (access to cupboard is restricted to essential staff only), access to physical server is restricted to essential staff only.
Any unauthorised disclosure made by a volunteer may result in the termination of the volunteering.
Data stored externally,
Subject Access Requests
Anyone whose personal information we process has the right to know:
This policy will be reviewed yearly to ensure it remains up to date and compliant with the law.