Privacy policy

Cambridge Storytellers Privacy Policy 2018

Policy Statement

Cambridge Storytellers are committed to a policy of protecting the rights and privacy of individuals in accordance with current legislation. The policy applies to all Members and supporters of Cambridge Storytellers (CS).

Legal Requirements

The purpose of UK legislation is to protect the rights and privacy of individuals and to ensure that personal data is not processed without their knowledge, and, wherever possible, is processed with their consent.

Managing Data Protection

Purpose of data

Data may be held by CS for the following purposes:

  • To advise of upcoming events scheduled by CS.
  • To confirm bookings and/or other transactions that may have been agreed to
  • To realise the objectives of CS
  • To keep accounts & records including membership
  • To book artists, venues and other services in relation to the putting on of public performances
  • To advertise and market events

Data Protection Principles

Cambridge Storytellers as ‘data controller’:

  • will treat you and your data with respect.
  • will put the CS logo on all paperwork.
  • will only use data collected for a specific purpose, for example, to receive our newsletter, for that specific purpose.
  • will collect the minimum necessary data, that is, email address only, to receive our newsletter.
  • will not sell data.
  • will not share data, except with a secure third party for the sole purpose of mailing newsletters securely.
  • will ensure each newsletter includes a message offering subscribers the opportunity to unsubscribe, or to amend their details.
  • will ensure that any deletions or amendments that are requested are processed in a timely manner.

Processed in accordance with the individual’s rights

All individuals that the Cambridge Storytellers hold data on have:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling

For full detail on these rights, visit https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Secure

Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of data. Passwords on all systems where member data is held must be changed frequently. All personal and financial data is kept securely and can only be accessed by the Treasurer.

Not transferred to countries outside the European Economic Area

Data will not be transferred to countries outside the European Economic Area without notifying the individual; for example CS may choose to use a service that processes your data outside the EU such as email or other digital systems. In this case, Cambridge Storytellers will ensure that there is an appropriate notification to members and that the service user complies with relevant legislation and uses secure data transfer protocols (eg within the Privacy Shield agreement).

Policy approved by

Shirley Lowe        Chair, Cambridge Storytellers            8.5.18

Malcolm Busby        Treasurer, Cambridge Storytellers        8.5.18

Rachel O’Leary        Secretary, Cambridge Storytellers        8.5.18