Data Protection Policy

The ‘Friends of Reay School charity’ is a voluntary body of members (parents, carers, guardians, and teaching staff). We have always valued our working relationships through communication and trust, therefore when it comes to data privacy and protection it is our privilege to confirm the integrity and commitment we hope for our whole community. It is for the purposes of ‘building community and raising support’ that we would seek to process, protect, and manage your information. We understand that at times we may also receive information that is ‘personal’, meaning that it could be used to identify specific people. This document aims to deal with all kinds of information we hold on behalf of everyone involved.

 

Responsibility

The charity trustees are overly responsible for all aspects of the charity, however our charity secretary will be the appointed person for structuring and upholding the charities data protection policy.

 

Document contents:

  • Responsibility
  • Purpose & types of data
  • Data storage & protection
  • Data access, review & removal
  • Admin training
  • Data breeches and concerns

 

Purpose and types of data

To build community and raise support we need to be able to communicate, update, and engage all charity members and local community. Please see the table below.

 

Members &
Committee Members
Trustees Community
Volunteers
Local
Business
– Email address – Email address – First & last name – Business Name
– First & last name – First & last name – Contact number – Business Address
– Name/years of children – Residential Address – Email address – Registered ID
– Skills on offer – Date of birth – Skills on offer – Contact name (first/last)
– Kind of member (parent/guardian, teacher, carer etc.) – Contact number – Photos of volunteers (via specific opt-in) – Contact number
– Photos of members & children (via specific opt-in) – Photos of trustees (via specific opt-in) – Email address
– Skills on offer
– names on volunteer (via specific opt-in)

– Photos of volunteers (via specific opt-in)

Data storage & protection

The Friends of Reay School charity stores data digitally and may occasionally use official printed sign-up sheets. The following table will explain where and how we store our stakeholder’s information and how it is protected.

As the charity is a voluntary organisation we hold the bulk of our member’s data on a third-party email-marketing platform. This ensures more consistent data protection, reduction of human-error, and our voluntary administrators (other than the responsible person), can send email reflections out to subscribers without accessing or viewing their data.

 

Item Locations Protections
– PC – Secured office & mobile personnel – Password encryption
– Backups hardware – Secured office – Password encryption
– Backups software – Cloud services – Third-party policy (view)
– Hardcopy documents – Secured office – Scanned & destroyed
– Third-party emailing platform – Cloud services – Third-party policy (view)

Data access, review & removal

The Friends of Reay School recognises that any information that can be used to identify an individual person does not belong to them and is held on that person’s behalf. An individual has the right to contact the charity to request a review, update or removal, of their personal information. Any valid requests will be completed within 30 days of the request, unless an extension is required for complex/numerous requests. To protect information from fraudulent claims we require one of the following:

  • Unsubscribing from charity emails (see link at bottom of any subscription email)
  • Email requests to be sent to the charity from the individual’s recognised email account

Where there is any doubt to the ownership of any information, the charity will not release any information without taking further steps to verify that ownership.

 

Admin training

Our classroom representatives will process willing member’s data within their class year; therefore we will provide an induction into handling data in a way that upholds this policy.

  • General Data Protection Regulations overview
  • Correct channels of communication
  • Protecting information
  • Responding to data breaches

 

Data breeches and concerns

Upon confirmation of a data breach, the charity will notify the relevant individuals within 72 hours. Records of data breaches will be kept to strengthen our future safeguarding.

For any further queries please send your requests via email: friendsofreaysecretary@gmail.com