Feminist Library Data Protection Policy

Feminist Library Data Protection Policy and Code of Practice

Contents

  1. About this Code
  2. Information we collect and why
  3. Do we have any other uses for the information you have provided
  4. Your rights and how we protect them
  5. Where to get more information about the Data Protection Act
  1. About this Code

This is our code of practice on how we use the information we collect about you when you sign up for the Feminist Library mailing lists. It explains the procedures we follow and the standards you can expect from us. It explains also your rights and how you can get access to the information we hold about you. Your rights are protected by the Data Protection Act 2003, which came into force in October 2007.

The Feminist Library will also be GDPR compliant by the GDPR deadline date of 25th May 2018.

This code of practice does not replace the law; it aims to show how we will comply with the law when we use the information that we collect.

  1. Information we collect and why

EBULLETIN MAILING LIST: When you sign up for the Feminist Library ebulletin mailing list we will ask you to complete the online form which requests various items of personal data.

In order to explain why we ask for particular personal information, we shall go through each of the questions we ask on the various forms and provide an accompanying explanation.

Personal details the Feminist Library asks you to provide:

  • Your name (first name and surname)
  • Your email address

 

Why do we require this information?

We need it so that we can send you the Feminist Library ebulletin and occasional news and events updates.

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at emma@feministlibrary.co.uk. We will treat your information with respect and will not share it with any third parties.

Security: The ebulletin mailing list data is stored securely on Mailchimp, our email marketing service. Please read more about their security policy here: https://mailchimp.com/about/security/

VOLUNTEERS PROGRAMME MAILING LIST:

The Feminist Library will use the information you provide to be in touch with you and to provide updates about the volunteer programme and volunteering opportunities only.

Personal details the Feminist Library ask you to provide:

  • Your name (first name and surname)
  • Your email address
  • Date of birth
  • Gender
  • Phone number
  • Emergency contact details
  • Do you have any support needs we should know about?
  • How did you hear about the Library?

We also give you the opportunity to fill in optional questions about Equality and Diversity. These are for monitoring purposes, to help us ensure the Library is reaching all sectors of the community. These are:

  • Age
  • Ethnicity
  • Sexuality
  • Disability

This is optional and is stored separately to the identifying data.

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at volunteer@feministlibrary.co.uk. We will treat your information with respect and will not share it with any third parties.

The Feminist Library will use your information in the context of the volunteer programme only. The information is used to keep our volunteers safe and make sure they have the best volunteer experience at the Feminist Library.

Security: This information is stored safely on our Google Drive in secure data centres.

FRIENDS MAILING LIST: Any donations you make to the Feminist Library are processed securely, as we only use trusted partners for processing your data payments that have already been set up to the Feminist Library via a recurring donation. All donations made through our online payments processing provider Charity Checkout are securely encrypted and processed using SSL with a minimum 128-bit encryption and firewalls. All credit/ debit card payments are processed via our PCI DSS Level 1 compliant payment gateway.

Personal details the Feminist Library ask you to provide:

  • Your name (first name and surname)
  • Your email address
  • Address
  • Phone number (optional)
  • Account details

Security: Your information is only ever used in agreement with what you have told us you are happy for us to use it for, and if you change your mind, you can always let us know and we will be happy to change your preferences. You can also login to your Charity Checkout online account at any time and update your data or cancel future payments that have already been set-up to your charity via a recurring donation. https://www.charitycheckout.co.uk/faq/

  1. Do we have any other uses for the information you have provided?

No.

  1. Your rights and how we protect them

When it comes to the information we hold about you, your rights are set out clearly in the law.

The Data Protection Act 2003 provides also that people who record and use personal data must be open about how it is used and that they must obey the 8 Data Protection Principles.

In some instances, the law exempts us from these principles. This is normally where obeying the principles would damage the fight against crime.

The next part of this document explains what the Data Protection Principles are and how we obey them. Remember, it is simply an explanation; the code does not attempt to replace the Act itself. In broad terms, the Data Protection Principles state that when we are dealing with people’s personal information, we must:

First Principle – Process it fairly and lawfully

Processing includes ‘obtaining, recording or holding information’. We must only obtain it fairly and lawfully. We have to tell you why the information is needed and how we may use it. We have explained this at Sections 2, 3 and 4 of the code. We only process the information in ways that the law allows.

The law imposes extra conditions on us when we are dealing with sensitive information. Information is considered to be sensitive if it deals with racial or ethnic origin; political opinions; religion; trade union membership; physical or mental health; sexual life; and offences or convictions and court proceedings. We will be sure to meet these requirements.

Second Principle – Process it for specific purposes and not in any manner incompatible with those purposes

This means that the information we have on you will be processed only in ways that the law allows.

Third Principle – Only process information that is adequate, relevant and not excessive

This means that we will process only the information that we need to do our job.

Fourth Principle – Ensure that the information is accurate and up to date

This means that we will do all that we reasonably can to ensure that we hold only accurate information. We will review it regularly. We will take all reasonable steps to ensure that the information we hold on you is accurate and up to date. Where this is proved not to be the case, we will either delete it or update it.

Fifth Principle – Ensure that the information is not kept longer than is necessary

As explained at Section 4, “Do we have any other uses for the information you have provided”, information that you provide when you sign up for the Feminist Library mailing lists is held until you unsubscribe from our mailing list.

Sixth Principle – Ensure that the information is treated in accordance with your rights

In accordance with this 6th Data Protection Principle, you have a right to: know what information we hold about you, ask us to amend anything that is incorrect, ask us to delete any personal information that we should not be keeping.

 Seventh Principle – Take care of your personal information

This means that we will do everything necessary to take very good care of any personal information that we hold on you. This includes: ensuring the integrity of the staff or volunteers who have access to your personal information, treating your personal information as confidential and in accordance with our formal procedures for the handling and storage of personal information.

Eighth Principle – Ensure that your personal information is not transferred outside the European Economic Area unless there are suitable safeguards in the countries to which it needs to be sent

This Principle is unlikely to affect you

  1. Where to get more information about the Data Protection Act

If you want to know more about the Data Protection Act 2003, you should write to:

The Information Commissioner,

Wycliffe House,

Water Lane,

Wilmslow,

Cheshire,

SK9 5AF

Or visit the website at: https://www.gov.uk/data-protection