The Association of Charity Independent Examiners

Data Privacy Notice

Policy version number

1.0

Date of Approval by the Board of Trustees

Date of Next Review

                                            

Introduction: About this document

ACIE is committed to protecting the privacy and security of the personal information of the people (Data Subjects) we deal with in the course pursuing our charitable purpose;.

This document describes how we collect and use personal information about Data Subjects in accordance with the General Data Protection Regulation (GDPR).

1.  Your personal data - what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller's possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the "GDPR").

2.  Who are we?

ACIE is the Data Controller (contact details below). This means it decides how your personal

data is processed and for what purposes.

3.  What kind of information do we hold about Data Subjects?

Personal data means any information about an individual from which that person can be

identified.

We collect, store and use the following categories of personal information about Data Subjects:

  • ·       Personal contact details such as name, address, phone numbers and email addresses
  • ·       Any relevant professional qualifications
  • ·       Information about use of our information and communications systems (e.g. email preferences and event registration)
  • ·       Information about specific services provided by members

We may also collect and store the following 'special categories' of more sensitive information:

  • ·       information about disability, access and dietary requirements

Registered charity in England & Wales 1139609 & in Scotland SC039066

Registered Company Limited by Guarantee 7461134

Registered in England at 1st Floor, Block C, The Wharf, Manchester Road Burnley BB11 1JG

4. How do we process your personal data?

ACIE complies with its obligations under the "GDPR" by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to it, and by ensuring that appropriate technical measures are in place to protect personal data.

We use your personal data for the following purposes:

  • ·       To enable us to fulfil our charitable purpose;
  • ·       To administer membership records;
  • ·       To promote the interests of the charity;
  • ·       To manage our employees;
  • ·       To maintain our own accounts and records (including the processing of gift aid applications);
  • ·       To inform you of news, events, activities and events run by ACIE;

5.  What is the legal basis for processing your personal data?

  • ·       Explicit consent of the data subject so that we can keep you informed about news, events, activities and services and keep you informed about the Charity’s events.
  • ·       Processing is necessary for carrying out legal obligations in relation to Gift Aid or under employment, social security or social protection law, or a collective agreement;
  • ·       Processing is carried out by ACIE employees provided:-
  • o   The processing relates only to members or former members (or those who have regular contact with it in connection with whose purposes); and
  • o   There is no disclosure to a third party without prior notification.

6.  Where your data is stored

The data that we collect from you is transferred to, and stored at, a destination outside the European Economic Area (“EEA”) due to our use of third party providers for the services we provide.   By submitting your personal data, you agree to this transfer, storing or processing.  We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Data Notice.   Your data is stored within a CRM database provided by Wild Apricot, a Canadian based company which uses servers operated by Amazon Web Services (AWS).  These cloud servers may be located in a destination outside the EEA, but the hosts are committed to GDPR compliance.  If you object to this transfer, storing or processing of your data, please contact us.

7.  Sharing your personal data

Your personal data will be treated as strictly confidential and will only be shared with other members of ACIE in order to carry out a service to other members or for purposes connected with the ACIE.  We will not sure your data with third parties outside of the organisation without prior notification.

Registered charity in England & Wales 1139609 & in Scotland SC039066

Registered Company Limited by Guarantee 7461134

Registered in England at 1st Floor, Block C, The Wharf, Manchester Road Burnley BB11 1JG

8.  How long do we keep your personal data?

When someone ceases to be a member we keep their data for seven years.  We do so because the Charity regulators from across the UK recommend keeping accounting records for six fiscal years plus one.  Since the majority of ACIE members are directly involved in charity accounting.  ACIE needs to be able to assist the regulators if they are investigating the work of a charity or a specific examiner.

After seven years, personal data will be safely deleted and destroyed.

Gift Aid records are also retained for six fiscal years plus one and will be safely deleted and destroyed after that time.

9. Your rights and your personal data

Unless subject to an exemption under the GDPR, you have the following rights with respect

to your personal data: -

·         The right to request a copy of your personal data which the ACIE holds about you;

·         The right to request that the ACIE corrects any personal data if it is found to be
       inaccurate or out of date;

·         The right to request your personal data is erased where it is no longer necessary for the
       ACIE to retain such data;

·         The right to withdraw your consent to the processing at any time

·         The right, where there is a dispute in relation to the accuracy or processing of your
       personal data, to request a restriction is placed on further processing;

·         The right to lodge a complaint with the Information Commissioner's Office.

10.  Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

11.  Contact Details

To exercise all relevant rights, queries of complaints please in the first instance contact the ACIE at info@acie.org.uk , phone 0131 659 9751 or by post ACIE, 19 Windsor Place, Edinburgh EH16 2AJ

You can contact the Information Commissioner's Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/ernail/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Registered charity in England & Wales 1139609 & in Scotland SC039066

Registered Company Limited by Guarantee 7461134

Registered in England at 1st Floor, Block C, The Wharf, Manchester Road Burnley BB11 1JG


The Association of Charity Independent Examiners

About Us:

Registered Company Limited by Guarantee 7461134
Registered in England at1st Floor, Block C, The Wharf, Manchester Road Burnley BB11 1JG

Registered Charity in England & Wales No: 1139609
Registered Charity in Scotland No: SC039066

Contact Us:

Telephone: 0131 659 9751 or 07899 891616 Email: admin@acie.org.uk       
Address: 19 Windsor Place Edinburgh EH15 2AJ


Powered by Wild Apricot Membership Software