Equality and Diversity Policy
Preservation of your privacy is important to St. Katharine's Trust and we are committed to letting you know how we use your personal information and to making only responsible use of your data.
1. Information about you
1.1 We will collect personal information from you when you or your organisation enquire about our activities, register as a member with us or subscribe to one of our services. This may include your name, title, email address, physical address, telephone numbers and job title. We may also ask for some additional, non-personal information.
2. Our use of this information
2.1 Process personal data fairly and lawfully.
2.2 Process the data for the specific and lawful purpose for which it collected that data and not further process the data in a manner incompatible with this purpose.
2.3 Ensure that the data is adequate, relevant and not excessive in relation to the purpose for which it is processed.
2.4 Keep personal data accurate and, where necessary, up to date.
2.5 Only keep personal data for as long as is necessary.
2.6 Process personal data in accordance with the rights of the data subject under the legislation.
2.7 Put appropriate technical and organisational measures in place against unauthorised or unlawful processing of personal data, and against accidental loss or destruction of data.
2.8 Ensure that no personal data is transferred to a country or a territory outside the European Economic Area (EEA) unless that country or territory ensures adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
3. Lawful basis
3.1 All data processed by St. Katharine's Trust must be done on one of the following lawful basis: consent, contract, legal obligation, vital interests, public task or legitimate interests (see ICO guidance for more information).
3.2 St. Katharine's Trust shall note the appropriate lawful basis in the Register of Systems.
3.3 Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
3.4 Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available and systems should be in place to ensure such revocation is reflected accurately in St. Katharine's Trust’s systems.
4. Subject access
4.1 Individuals have a right to access any personal data relating to them which are held by St. Katharine's Trust. Any individual wishing to exercise this right should apply in writing to the HR Manager, at St. Katharine's Trust address or email@example.com.
4.2 St. Katharine's Trust reserves the right to refuse or charge for requests that are manifestly unfounded or excessive.
5.1 The St. Katharine's Trust shall ensure that personal data is stored securely using modern software that is kept-up-to-date.
5.2 Access to personal data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.
5.3 When personal data is deleted this should be done safely such that the data is irrecoverable.
5.4 Appropriate back-up and disaster recovery solutions shall be in place.
7. 16 or under
7.1 We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
8. Other information
8.1 If you would like us to correct or update any information, or if you would like information deleted from our records, then please email us at firstname.lastname@example.org.