top of page

PRIVACY POLICY

May 2018 REF:

 

Data Privacy Notice

 

Dear Clients/Service Users,

 

Your trust is important to us, so we have updated our Privacy Notice to explain more clearly what personal data we collect about you, why we collect it and how we use it. We’d like you to be aware that this is a short version of our Privacy Notice. Please advise a member of staff if you require a full version.

 

What personal data does Murray Hall Community Trust collect?

 

In order to engage with you, we need to collect specific data about you (including your name, address, contact details, date of birth, gender). In order to provide the appropriate service(s) and support to you we may need additional data relating to your history, such as employment, education and health.

 

We may also collect, store and use “special categories” of more sensitive personal data such as information about your race or ethnicity, health, disabilities or vulnerabilities, information about criminal convictions and current/previous details about your mental, emotional and physical health. This data is not used for marketing purposes, however it may be used for statistical purposes.

 

Why Murray Hall collects your personal data?

 

We use your personal data to provide you with a comprehensive and compassionate service. Your personal data allows us to provide you with services according to your individual needs. Without this data Murray Hall and its partners would not be able to reliably and safely provide any of the services that you require from us.

 

What are Murray Hall’s legal grounds for processing your personal data (including sharing it with others)?

 

We rely on at least one of the following lawful purposes for using your personal data:

 

1) Where it is needed to provide you with our support services;

2) Where it is in our legitimate business interests to do so;

3) To comply with our legal obligations;

4) With your consent or explicit consent;

5) For a public interest, and/or;

6) Where it is in your vital interests

 

All personal data is held securely and only accessed by those with a legitimate business interest to access it.

 

How long does Murray Hall keep your Personal Data?

 

We will keep your personal data whilst you are accessing our services and generally for 7 years after the project as ended to comply with funding regulations. (However we may be required by statute to retain it for longer).

 

Your rights under data protection laws.

 

You have a number of rights over the way in which we process your personal data. They are listed below. If you wish to use any of them, we will explain at the time if they are valid or not.

 

1) The right to be informed (this short Privacy Notice and the full Privacy Notice available at your request);

2) The right to request access to your personal data by completing a Subject Access Request form (available at your request);

3) The right to have personal data corrected or made complete;

4) The right to have personal data erased (also known as the ‘Right to be Forgotten’);

5) The right to object to processing of your personal data;

6) The right to restrict processing of your personal data;

7) The right to move, copy or transfer your personal data, and;

8) The right to query automated decision making;

 

We will need to request specific data from you to help us confirm your identity so that you can exercise any of these rights,

 

If you believe that Murray Hall Community Trust has not complied with your data protection rights, you can complain to the Information Commissioners Office via the following web-site (https://ico.org.uk/concerns/handling).

 

What if your personal data changes?

 

You should inform a member of staff in writing, to advise what has changed and put the date on the note provided so that we can keep our records up-to-date and accurate.

 

Transferring personal data outside of the UK/European Economic Area (EEA)

 

We are a UK based Charity and we do not transfer your data outside of the EEA. Some of our Cloud based providers do use Data Centres within the EU (France/Germany) however we have obtained assurances from them their security measures meet the requirements under General Data Protection Regulations (GDPR).

 

Changes to this Privacy Notice We may change this shortened privacy notice from time to time in order to reflect changes in the law and/or in our privacy practices.

bottom of page