Privacy policy

BEACH ACCESS NORTH EAST DATA PROTECTION POLICY
We are covered by the General Data Protection Regulation (2018). This means if we store your data we are obliged to ask your permission to do so, and you have rights over that data at all times, including checking it for accuracy and the right to ask for it to be deleted in a timely fashion as per the regulations.
If we ask you for data to send to a third party we will inform you of this at the time and you have the right to decline.
To comply with the legislation we have a Data Protection Policy document, we have a consent form, we also have data protection procedures including reviews of what data we hold and how/where it is stored.
We will keep a paper record of any consent where necessary, which will be destroyed by shredding at the same time as any electronic data is deleted, if you request us to do so or as stipulated in our procedures.
We will conduct annual audits of all personal data: what it is, whether it still required and where it is stored. Anything deemed to be no longer relevant will be immediately destroyed by shredding or deletion.
We will designate a Data Protection Officer.
Our Lawful Bases (as per Article 6(1), Article 6(2) and Recital 40) are: Consent: “the individual has given clear consent for you to process their personal data for a specific purpose” and Legitimate Interest: “the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.”
RECORD OF CONSENT TO HOLD TRUSTEE/VOLUNTEER/MEMBER PERSONAL DATA Beach Access North East needs to hold your personal information, namely your full name, address, email address and telephone numbers. We require this information to ensure the smooth running of the organisation. If you are Trustee we ask you to give this information and more directly to NEREO who act as our Disclosure Barring service agency, your privacy is covered by their adherence procedures to the General Data Protection Regulations. We also ask for this information to register you as a Trustee with the Charities Commission. We retain only your name if you agree to become a user member of our service.
We do not pass this information on to any other third party.
Our lawful bases as per the Regulations are Consent: “the individual has given clear consent for you to process their personal data for a specific purpose” and Legitimate Interest: “the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.”
We store this information on our google docs platform accessible only to registered users, you will be given an account by our secretary who is the administrator for this platform. Trustees or volunteers may store this information on personal mobiles and other electronic devices and only if they are password protected. They are all bound to remove this information should you request this, within the one month period stipulated in the General Data Protection Regulations. They are all also bound only to use this information in the smooth running of the organisation and for no other purpose. Should you feel this information has been abused or procedures not followed you are entitled to complain to the Data Protection Officer – Caroline Corfield, or should you feel this is not appropriate directly to the Information Commission Office – www.ico.org.uk/concerns/
By giving your data to the charity it has been agreed with you that you give your permission for your personal data to be held by Beach Access North East.Reg. Charity No. 1172413 according to their Data Protection Policy.