The new European Union General Data Protection Regulations (GDPR) came into effect on 25th May 2018 and we have updated our Data Protection Policy to reflect the new regulations. We take your privacy seriously and when you share your data with us we take care to protect it.
The General Data Protection Regulations have eight important rights which are outlined below:
- The right to be informed. This means that you have the right to know what we do with your data, why and how you can withdraw your consent for us to do that.
- The right of access. You have the right to know what data we store about you, check that it is accurate, or that it is being used lawfully and we will provide you with any data that we hold about you in the same format in which you made the request.
- The right to rectification. Should you believe the information we hold about you to be inaccurate then you may contact us and we will correct the information we store (including any 3rd parties).
- The right to erasure (to be forgotten). You may request that we erase the information which we hold about you. In order to comply with your wishes, we will have to cease providing you with the services.
- The right to restrict processing. You may ask us to restrict the processing of your personal information if you think it is inaccurate, you object to the processing, or you wish us to retain the information past the point at which we would normally remove it as you wish to establish or defend a legal claim.
- The right to data portability. You may request a copy of the data that we hold about you in a machine-readable format (for example an Excel spreadsheet or text file) for the purposes or re-using that data for any reason.
- The right to object. Should you object to our handling of your data in the areas of direct marketing, processing orders, or for any other reason, then you may inform us of your objection. If we agree with your written objection, and whilst we consider it, we will not use the data in the way to which you are objecting.
- Rights in relation to automated decision making and profiling. We may make automated decisions (via a computer algorithm) on certain aspects of the marketing materials that we send to you. We do not make any other automated decisions on your information. We do not make any decision on what the GDPR regulations suggest is special categories of personal information; nor make any decisions based on ethnicity, race, sex, gender or disability.
The personal data that you have provided for your membership record is held on a secure database managed by the RAPC Association Administrator.
Only our official security cleared staff can see and use your data in order to manage the RAPC Association business. The RAPC Association does not share your data with any other organisation, but may do in cases of Benevolence Applications to provide additional funding. Your personal information will not be used for another purpose without your consent.
You can ask for access to your personal data such as copies and other information about what we do with your data. You can also request that we change any incorrect personal data we have about you. You can also request that we delete your personal data, if it is no longer needed by us.
We retain your personal data in order to validate your service in the RAPC should you request assistance from us and for the Association to remain in contact with you to keep you updated with news and events and to send you the Primrose and Blue Journal.
The RAPC Association undertake that all data collected will be dealt with lawfully in accordance with applicable data protection law (The General Data Protection Regulations which become law on 25 May 2018). The lawful grounds on which we process your data will be based on one or more of the following:
- Where the processing is necessary in our organisation’s genuine interests as a charity or support provider. This is as long as this meets with your reasonable expectations and does not unreasonably interfere with your privacy rights. Normally this will be one of the reasons for processing your data, but this may change dependent on your personal circumstances.
- Where we have your consent to use this data (or your explicit consent in relation to sensitive personal data, where a benevolence case is being processed).
- Where we are under a legal duty to use or show your data.
- Where the processing of your data (including sensitive personal data) is in your or someone else’s vital interests such as a critical health, welfare or security issue.
- Where necessary to perform a contract to which you are a party or steps at your request to enter into a contract.
- For sensitive personal data, we may need to use your data as necessary for the establishment, exercise or defence of legal claims.
The RAPC Association is an ‘Assistance Provider’ and will receive sensitive data as part of Benevolence Applications. The RAPC Association will only record the sums paid to applicants and the reason for the payment and will not record any other sensitive data that is received as part of the benevolence application. This data will be retained for seven years. Your data may be shared with other support organisations so that we can meet your needs and find you additional support. Anonymised data will be kept to look at statistical information so that the RAPC Association can improve its work.
When your information is passed to another support organisation, in order to provide additional assistance, in the case of Benevolence Applications, they will then look at the best way to find you support. Different organisations have their own privacy policies and they may be different to this policy.
When collected, your data will be held by us and other support organisations for purposes in accordance with data retention policies that have been established in accordance with statutory requirements and codes of practice issued by the Information Commissioners Office.
Some organisations that provide funding to meet Benevolence Applications may retain records of the payment for up to seven years for accounting purposes. Please note that where a grant is awarded, the organisation providing that grant will retain this information for at least seven years.
If you have any questions about our data protection policy, or about the data we hold, then please contact firstname.lastname@example.org.
If you are not satisfied with our response, you have a right to complain to the Information Commissioner’s Office. See www.ico.org.uk.
To make this site work properly, we sometimes place small data files called cookies on your device. Most big websites do this too.
What are cookies?
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Cookies used by our service providers
ga- Google Analytics - Google Analytics uses this cookie name.
gid- Google Analytics - Google Analytics uses this cookie name.
gat_gtag_Google Analytics - Google Analytics uses this cookie name.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
(c) http://www.opera.com/help/tutorials/security/cookies/ (Opera);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
Blocking all cookies will have a negative impact upon the usability of many websites.
If you block cookies, you may not be able to use all the features on our website.
How to control cookies
You can control and/or delete cookies as you wish – for details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.