ESCaD Privacy Notice
This privacy statement sets out how ESCaD collects, uses, and protects any information that you give ESCaD, and what controls you have over the use of your personal information, in accordance with the General Data Protection Regulation (GDPR), and the Data Protection Act 2018 (DPA 2018).
ESCaD is committed to protecting your privacy. In order to keep in contact with you we will hold certain personal information. This information will only be used in accordance with this privacy statement.
Our contact details
Dr. B. Fisher acts as the Data Controller according to the Data Protection Act requirements. The Data Controller can be contacted at [email protected] or c/o 11 Regina Drive, Leeds, LS7 4LR.
The type of information we hold
We collect the following information from individuals who are members and supporters and organisations that affiliate to ESCaD:
- contact information including email address, postal address, and telephone numbers
- campaign, trade union, political party or name of the organisation that is affiliating to ESCaD
- membership and affiliation fees
- bank account information where we agreed to pay membership or affiliation by standing order, direct debit, or other online payment method
How we get the information and why we have it
We collect the information on membership or affiliation forms (electronic or paper), by online form on our website, email and from signing in forms at ESCaD events and stalls. When you provide us with personal information online, in written form or email we will ask you to consent to the collection and processing of this data for the purposes listed below.
What we do with the information
The information we collect is used to:
- Inform you of ESCaD events and meetings
- Inform you of other campaigns, events, meetings organised by affiliates and others about social care
- Share information about social care research, policy and practice
- Share individual views about social care policy and practice
- Get feedback, views and opinions to inform our policy and practice
- Ask you for membership fees, affiliation fees, donations and fundraising
- Ask you for information about how you can help ESCaD
How we store your information
We will ensure that any personal information we collect from you will be held in a secure environment. To prevent unauthorised access or disclosure we will always maintain any electronic information using password protection. Only people authorised by the officers will have access to your personal information where it is necessary to have your information to undertake specific tasks for ESCaD.
ESCaD stores personal information securely via a cloud based back-up system, which is encrypted by a 256 bit Advanced Encryption Standard. For further information on the policies of our storage provider, please contact the data controller.
Information received through any of the forms on the ESCaD website is temporarily stored. Our nominated data handler transfers information from the SQL database to our cloud based back-up system on a regular basis, and the SQL database is cleared of all personal data at least once every 30 days.
Any information relating to payments or donations made through PayPal will be subject to the PayPal Privacy Statement.
All people who are authorised to have access to your information will be responsible for the security, storage and retention of your information according to this Privacy Statement.
When you email or reply to an email at [email protected] you may provide other people with access to your personal information from your email address. It is up to each individual to maintain their group contact information to the level of privacy that they require.
We may also hold personal information on paper records, as signing in sheets and membership/affiliation forms.
Third Parties
In general we will not share any of your personal information with any individual or organisation without your express permission. However, there may be occasions when we need to disclose details such as the following:
- In order to comply with any legal obligations, eg the police, regulatory bodies and crime protection agencies
- In the event of a safeguarding disclosure or concern
- Service providers acting on our behalf, eg processing PayPal payments, mailing houses, website hosting, email delivery services – these providers will have confirmed our confidentiality agreements and be working in compliance with GDPR
Retention
We will destroy any personal information we hold about you when it is no longer necessary for the purpose that it was intended e.g signing in sheets at events. If you no longer wish to be involved with ESCaD you can request that we will destroy all your personal records.
Your data protection rights
At any time you can contact our data controller by emailing [email protected] to request information on what personal data we hold about you and/or to have any personal data we have removed/destroyed or amended. It is your responsibility to contact one of the officers of ESCaD to ensure the data we hold about you is up to date.
How to complain
If you have any complaints about the use of your personal information, please contact our data controller. If the complaint is about the data controller, please contact one of the other officers of ESCaD.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office,
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire,
SK9 5AF,
Helpline number: 0303 123 1113