Hertfordshire Gardens Trust Privacy Notice
The Hertfordshire Gardens Trust (HGT) undertakes to collect and use your personal data in compliance with the General Data Protection Regulation (GDPR).
This Privacy Notice addresses the following questions.
1. What personal data does HGT collect and where does it come from?
2. What is this personal data used for?
3. Who is your data shared with?
4. How is your data stored?
5. Who is responsible for ensuring compliance with the relevant laws and regulations?
6. Who has access to your data?
7. What is the legal basis for collecting this data?
8. How you can check what data we have about you?
9. Does HGT collect any “special” data?
10. How can you ask for data to be removed, limited or corrected?
11. How long do we keep your data for, and why?
12. Who can I contact about my rights?
13. HGT Contact details
1. What personal data does HGT collect and where does it come from?
The members’ personal data which we routinely collect and retain is as follows: name, address, telephone number, email address, member category, year of joining, payment method, amount and date of last payment/donation, and Gift Aid status. We collect this data directly from our members except for some payment information which is communicated to us by our Bank. Although cheques from members for subscriptions, donations, outings and other events and activities are processed by us, we do not collect or retain details of members’ bank accounts.
2. What is this personal data used for?
We use members’ personal data for the administration of your membership; the communication of information on our outings and other events and activities, and for the distribution of printed Newsletters including inserts relating to our outings and other events and activities.
3. Who is your data shared with?
Members’ personal data is not provided to or shared with any third party. We occasionally provide anonymous statistical membership data to the Gardens Trust.
4. How is your data stored?
Most of our data, including our main membership database, is stored in digital form on computers. Some data is kept in the form of written documents held by members of the Executive Committee.
5. Who is responsible for ensuring compliance with the relevant laws and regulations?
Under the GDPR we do not have a statutory requirement to have a Data Protection Officer. The person who is responsible for ensuring HGT discharges its obligations under the GDPR is the Chair, Roger Gedye, email: chair@hertsgardenstrust.org.uk. He is the person who is responsible for maintaining a log of data breaches and notifying the Information Commissioner’s Office (ICO) and any members affected as necessary, in accordance with our legal obligations.
6. Who has access to your data?
Members of the Executive Committee of HGT have access, or will be given access, to members’ data as is necessary for them to carry out their legitimate tasks for the organisation but are not permitted to pass such information on to any other organisation or third party unless it is to comply with legal obligations as referred to in Section 7 below.
7. What is the legal basis for collecting this data?
HGT collects personal data which is necessary for the purposes of its legitimate interests as a membership organisation. For some data, such as that relating to financial matters, the basis for its collection, retention and processing is to comply with our legal obligations, for example, as required by the Charity Commission and HM Revenue and Customs.
8. How can you check what data we have about you?
If you wish to see the membership data we hold on you, please contact the Membership Secretary, John Craggs, email: membership@hertsgardenstrust.org.uk
9. Does HGT collect any “special” data?
The GDPR refers to sensitive personal data as “special categories of personal data”. We do not collect any sensitive personal data.
10. How can you ask for data to be removed, limited or corrected?
We collect a minimum amount of your personal data in order to efficiently administer your membership, to communicate with you and to meet our legal obligations. This data is listed in Section 1 above. A reduction in the extent of your data held by us may result in us being unable to maintain your membership. If you wish to discuss this or if your personal data needs to be updated or corrected (for example, change of address), please contact the Membership Secretary.
11. How long do we keep your data for, and why?
We keep members’ personal data for up to one year after a member dies or resigns or their membership lapses. If requested by a former member or their next-of-kin, we will immediately delete a former member’s personal data. Other data, such as that relating to accounting, is kept for seven years as legally required.
12. Who can I contact about my rights?
If you are unhappy with the way your data has been used, you can complain to the Information Commissioner’s Office (ICO) at www.ico.org.uk/global/contact-us/
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number.
13. HGT Contact details
If you have any questions about this notice or the way that we process your personal data, please contact John Craggs at membership@hertsgardenstrust.org.uk
Mead House
Bromley Lane
Wellpond Green
Ware
SG11 1NW
Tel: 07900 582525