Charity No 1116884
The privacy and security of your information is important to us. This statement explains who we are, the types of information we hold, how we use it, who we share it with and how long we keep it for. It also informs you of certain rights you have regarding your personal information under current data protection law and is based on guidance from the Information Commissioner’s Office. You can find out more about the ICO here: https://ico.org.uk/.
MAIN Charity is registered as Data Controller with the Information Commissioner’s Office in respect of the products and services we provide to you. The Charity shall be bound under the obligations placed upon it as a Data Controller under the GDPR.
You can contact us for general data protection queries by email on: email@example.com or in writing to: The Data Protection Officer, MAIN, Finlay Cooper Centre, Elizabeth Terrace, North Ormesby, TS3 6EN. Please advise us of as much detail as possible to comply with your request.
What information do we collect?
The Charity shall collect all necessary Personal Data required for it to be able to fully comply with its obligations for payroll and personnel management, as well as for operational purposes if required. The Charity shall use any data it holds to ensure it can monitor and comply with any current legislation.
The Charity shall collect data such as your name, address, phone numbers, salary, pay and other benefits information, date of birth, bank details, marital status, N.I. number, driving licence details, passport and right to work information, D.B.S. record, racial and/or ethnic origins, personnel records information such as attendance, sickness, disciplinary and health records, and next of kin details. This may not be an exclusive list and please note that not all of this data would necessarily be shared with any third party. The Charity shall ensure that only the relevant and necessary information would be shared in order to comply with the legitimate reason for doing so.
To enable us to provide you with the right product or service to meet your needs we will collect personal information which may include your name, telephone number, email address, postal address, occupation, additional details of risks related to your enquiry or product as well as payment details (including bank account number and sort code). We shall only collect this information where it is necessary for us to do so to provide to you our products and/or services.
We shall collect and store relevant information such as contact name, address, phone numbers and bank account information in order to be able to utilise your products and services and make payments to you. We may share this information with our bank and/or accountants, but will not otherwise share your information without your consent to do so.
To enable us to provide you with the right support to meet your needs we will collect personal information which may include your name, telephone number, email address, postal address, occupation, additional details of risks related to you, including some medical information. We shall only collect this information where it is necessary for us to do so to provide support to you.
Data via our Website
In respect of the website, any comments left by you and the metadata will be retained indefinitely. The reason for this is so that any comments can be recognised more easily and followed-up automatically rather than holding them in a moderation queue. If you are a registered user of our website(s), we will also store personal information relation to your user profile. You will be able to see, edit and/or delete your personal information at any time, except you will be unable to change your username. However please contact the website administrator who will amend this for you.
We will not share this information with any other third-party without your express consent.
How do we use your personal information?
We will use your personal information to
- Assess and provide the products or services that you have requested
- Communicate with you
- Develop new products and services
- Undertake statistical analysis
We may also take the opportunity to
- Contact you about products that are closely related to those you already hold with us
- Provide additional assistance or tips about these products or services
- Notify you of important functionality changes to our websites
Only where you have provided us with consent to do so, we may also from time to time use your information to provide you with details of marketing or promotional opportunities and offers relating to other products and services from the Charity or its associates.
In addition, and from time to time, we will need to contact you for a variety of reasons relating to your products or service.
When do we share your information?
We may be required to provide your Personal Data to a third party who is classed as Data Processor. This is an entity who is required to process some or all of your Personal Data in order for us to be able to provide our product and/or service to you.
Examples of these may be to:
- ACAS or the Employment Tribunal Service as part of conciliation;
- your Payroll Bureau or Accountant in respect of pay information;
- the Health and Safety Executive in respect of workplace safety;
- venues in respect of training arrangements;
While the information you provide may be disclosed to these parties, it will only be used for the provision and administration of the service provided and will not be used for any other purpose.
We will only share your information for any direct marketing of additional services and products related to similar products and services to those you already hold with us, where we have your explicit consent to do so.
If we provide information to a third party we will require it and any of its agents and/or suppliers to take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Statement and the GDPR.
We may of course be obliged by law to pass on your information to the police or other law enforcement body. We may also share your information with anyone you have authorised to deal with us on your behalf.
Securing your personal information
We follow strict security procedures in the storage and disclosure of your personal information in line with industry best practices, including storage in electronic and paper formats.
- Paper Documents
- is held in secure filing cabinets, in a secure location and with restricted access such that only persons within the Charity who have a legitimate reason to access the Personal Data may do so.
- Electronic Data
- the IT infrastructure and servers on which the Personal Data is held, is located within a secure 3 Data Centre and is backed up in a second diverse location within another secure UK-based Data Centre.
- Restricted Server Access
- the network server is constructed with a data structure such that any Personal Data is only accessible by persons within the Charity who have authorised access and legitimate reasons to access such data.
- our websites are managed by a third-party and all the information that you provide to us, including information provided via forms you may complete on our websites, and information which we may collect from your browsing (such as clicks and page views on our websites) is stored securely in a secure data centre.
Any new information you provide to us may be used to update an existing record we hold for you.
How long do we keep your information for?
We will not keep your personal information longer than is necessary for the purpose for which it was provided unless we are required by law or have other legitimate reasons to keep it for longer (for example if necessary for any legal proceedings).
However, in order to be able to handle any complaints or future queries regarding the services offered, we will normally keep information for no more than 6 years after termination or cancellation of a product, contract or service we provide.
Under data protection law you have the right to change or withdraw your consent and to request details of any personal data that we hold about you.
Where we have no legitimate reason to continue to hold your information, you have the right to be forgotten.
If you wish to inform us of changes in consent for marketing, please contact us at the address or telephone number indicated in any recent correspondence or emails you have received from us.
Further details of your rights can be obtained by visiting the ICO website at https://ico.org.uk/.
Review of Policy
MAIN Charity reviews this Privacy Statement annually to ensure it remains up to date, fit for purpose and relevant to our business operations and needs.