Privacy Policy
WHO WE ARE
Voice of the Postmaster.
We are a “data controller” for the purposes of the Data Protection Act 2018 and UK GDPR.
Our Facebook Page is operated by us. Our website is owned and operated by us:
PURPOSE OF THIS NOTICE
We are committed to respecting and protecting the personal data we hold. Accordingly, this Privacy Notice describes how and why we use your personal data and the lawful basis we rely on to process your information. It also provides information about your data subject rights. This Privacy Notice applies to all personal data provided to us whether by individuals themselves and by others.
We use the personal data provided to us for the purposes described in this Privacy Notice or as made clear in other ways when we collect your personal data. For instance, via a separate, standalone Privacy Notice.
WHAT IS PERSONAL DATA
Personal data. In this Privacy Notice, the term “personal data”, means information that allows us to identify you either directly, or in combination with any other information we may hold. The term “personal data” and “personal information” are interchangeable in this Privacy Notice for contextual purposes however both terms mean the same thing.
Special Category Personal Data. The UK GDPR defines special category personal data as information about a person’s race and ethnicity, religious or philosophical beliefs, trade union memberships, political opinions, genetic data, biometric and health data, and information concerning a natural person’s sex life or sexual orientation.
Criminal Offence data. Criminal offence data is data relating to criminal convictions and allegations of criminal activity. This includes information disclosed by the Disclosure and Barring Service (DBS) under the Government’s employment vetting scheme.
TYPES OF PERSONAL DATA WE PROCESS
The types of the personal data we process will depend on the products and service(s) required by our service users. For instance, we will usually require your contact details i.e., email or telephone number, and we may occasionally require further specific information, for instance, information about your special dietary requirements if you are attending a meeting or an event laid on by us. Similarly, we may collect information about your health i.e., whether you have sight loss or a hearing impediment so that you needs can be met.
The personal data we process is provided either directly from you or from a third party acting on your behalf and you should only provide the information that we require to fulfil our contractual obligations or the service(s) that you require.
Where we receive your personal information from a third-party, we may make you aware of the third-party’s details so that you are aware of where we obtained your information from and draw your attention to this Privacy Notice.
In addition to client information, we also process personal data relating to our suppliers, sub-contractors, and tradespeople. This data is held by us to manage our contractual relationships and provide professional services to our service users.
OUR LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA
We rely on at least one of the following lawful bases to process your personal data:
a. Consent: we may process i.e., collect your personal information with your consent. This includes when you agree to receive an email about our service offerings or receive information our services and events.
b. Performance of a contract: the processing is necessary for the performance of a booking you have with us, or for the purposes of entering into a booking.
c. Compliance with legal obligation: the processing is necessary for us to comply with the law i.e. for tax, social security, and includes the sharing information about criminal activity with relevant law enforcement agencies.
d. Protection of vital interests: the processing is vital to an individual’s survival.
e. Public interest: the processing is necessary to perform a task in the public interest or for its official functions, and the task or function has a clear basis in law.
f. Legitimate interests: the processing is necessary for our legitimate interests, or the legitimate interests of a data subject or third-party, unless there is a good reason to protect an individual’s personal data that overrides those legitimate interests.
We have an interest in operating our organisation in the most client-focused and professional way, and our processing of your personal data is done in accordance with this edict.
WHY WE PROCESS PERSONAL DATA
We process your personal data for many reasons, including but not limited to:
· Promoting and developing our service
· Hosting meetings
· Managing third party relationships
· Communicating technical updates
· Fulfilling regulatory requirements
· Meeting our lawful obligations
· Charity administration
· Fraud detection
People who contact us
Personal data may be collected when individuals e.g., requests via the filling in forms on our website or correspond with us by e-mail, phone, or otherwise. If you require ongoing support or advice, we will process your personal data for this purpose.
Advertising and marketing
We may send you information about Voice of The Postmaster services by post or by email if you have consented to receiving such communications. However, you can opt-out of receiving email communications at any time by clicking the ‘unsubscribe link’ at the bottom of any email you may receive from us.
COOKIES AND SIMILAR TECHNOLOGIES
We use cookies to optimise our website and help us deliver relevant and interesting content in our communications. We do this by placing a “Cookie” or text similar file on your computer that collects standard log information for example, your IP address and details on user behaviour such as any search criteria you entered, the web pages you visited and other technical information. This means when you visit our website, we collect the type of internet browser and computer operating system you are using and the domain name of the website from which you linked to our site. Also, when you view our web pages, we may collect technical information that helps us to identify the pages you found useful and thereby improve our website.
Google Analytics
We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) to analyse the information we gather through our use of cookies and similar technologies.
The information generated by cookies about your use of our website (including your IP address) is transmitted to and stored by Google on servers in the United States of America. Google uses this information to evaluate your use of our website and compile reports on website activity and internet usage. Google will not associate your IP address with any other data held by Google.
The information shared with Google is used solely for web server monitoring and to deliver the optimum visitor experience. However, Google may transfer this information to a third party where required to do so by law, or where such third parties process the information on Google’s behalf. By using our website, you consent to the processing of data about you by Google in the manner described and for the purposes set out above.
Profiling
We may us the information we collect, including information about your previous visits, to profile you and to find out more about you but in the least intrusive way. For instance, we may use the information we collect to display interesting content to you when you visit our website based on the pages you visited during a previous visit to our website.
Third-party cookies
Some of our web pages may contain cookies that have not been set by Stratford St. Mary Institute. For example, when you visit a page with content embedded from third parties such as YouTube or Facebook, these service providers may set their own cookies on your device i.e., ‘Analytical’, ‘Performance’ or ‘Targeting’ cookies.
We do not control the use of any third-party cookies, nor can we access them due to the way that cookies work, insofar as cookies can only be accessed by the party that originally set them. You are advised to check the information provided on third-party websites for more information about their use of cookies and similar technologies.
Links to third party websites
Our website connects you to the websites of our partner networks and affiliates. Accordingly, if you follow any of these links, you have left our website, and you should read the privacy notice/privacy policy of our partner networks and affiliates before submitting any personal data to these websites. We do not accept any responsibility or liability for what they do with your information.
Browser settings
Most internet browsers automatically accept cookies, but if you prefer, you can modify your settings to erase cookies from your computer’s hard drive, block all cookies or receive a warning before a Cookie is stored. However, if you do this you may not be able to use the full functionality of the websites you visit.
HOW LONG WILL WE HOLD YOUR PERSONAL DATA?
Typically, we retain your personal data related to any financial transactions in a live environment for 7 years, or for as long as necessary, to fulfil the purpose(s) for which it was collected, including as required by applicable laws or regulations. For instance, we are required to keep details of financial transactions for 7 years to meet accountancy and HMRC requirements.
We may delete your personal data if we have not had any contact or communication with you over a lengthy period as defined by the purpose for which your personal data was originally obtained, and we no longer have a purpose for retaining your information.
Where there is a need to retain your personal data for longer i.e., to establish, exercise, or defend your legal rights or ours, your personal data will be securely archived, and appropriate safeguards applied i.e., access to your information will be restricted. Additionally, we may retain information in an anonymised format (i.e., so you can no longer be identified) for research and analysis purposes.
Our record retention schedule takes account of our legal and accounting obligations, balancing these with what would be considered reasonable by those whose data we hold.
SHARING PERSONAL DATA
We will only share personal information with others when we are legally permitted to do so. When we share data with others, we put arrangements in place (i.e., data processing contracts or data sharing agreements) to protect the data and comply with our data protection, confidentiality, and security standards.
We may disclose your personal information to third parties if we are under a duty to do so or share your personal data to comply with a legal obligation (e.g., a court order), or use it to enforce or apply any agreements, or protect the rights, property, or safety of Voice of The Postmaster, or other individuals.
Occasionally, we may receive requests from third parties with authority to obtain the disclosure of your personal information, for instance, to check that we are complying with applicable laws and regulations, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for the disclosure of personal data where we are permitted to do so in accordance with applicable laws or regulations. This includes exchanging information with other companies and organisations for safeguarding purposes and sharing your personal information under reciprocal agreements with organisations that provide education or professional development services.
DATA PROCESSORS
Your personal information will only be disclosed to data processors to the extent necessary for the data processor to provide the services we require i.e., email, system administration, document management e.g., storage. Data processing contracts prohibit data processors from doing anything with your personal information that we have not instructed them to do.
LOCATION OF PROCESSING
Your personal information is processed within the UK.
SECURITY OF YOUR PERSONAL DATA
We take the security of your personal information very seriously. Accordingly, we have implemented appropriate technical and organisational measures to protect your personal information against unauthorised or unlawful processing and against accidental loss, destruction, or damage. These measures include having clear internal policies and procedures in place and maintaining the physical security to our premises and IT security technologies to prevent the unauthorised access, damage, and loss of your information.
Additionally, we have put in place appropriate security procedures and access controls to ensure the confidentiality of any special category personal data we process. For instance, information relating to the religious beliefs of our service users.
The transmission of information via the Internet is not completely secure, and while we do our best to protect your personal data, we cannot guarantee the security of any personal data transmitted to our site; any such transmission is at your own risk.
WHAT AT ARE MY DATA SUBJECT RIGHTS?
We support your data subject rights in relation to the processing of your personal data under the Data Protection Act 2018 and UK GDPR, including your:
· right to be informed (chiefly via this Privacy Notice)
· right of access
· right to rectification
· right to erasure
· right to restrict processing
· right to data portability
· right to object
· rights related to automated decision-making including profiling.
You can exercise any of these rights, including your right to request a copy of the information that Voice of The Postmaster holds about you (otherwise referred to as a Subject Access Request (SAR)), by contacting us using any of the methods shown below in the ‘How do I contact you?’ section. We will respond to your request as quickly as possible. Usually, this will be within one month of receiving your request.
To protect the confidentiality of your information and the interests of Voice of The Postmaster, we may ask you to verify your identity before proceeding with any request for information. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have permission to make such a request on your behalf.
UPDATING MY INFORMATION
You may choose to correct, update, or delete your personal data by contacting us using any of the methods shown below in the ‘How do I contact you?’ section.
If you have opted-in to receiving communications form us, your preferences will remain in effect until you tell us that you want to opt-out of receiving further communications.
You can change your mind at any time by contacting us using any of the methods shown below in the ‘How do I contact you?’ section.
WITHDRAWING MY CONSENT
Where we process information based on your consent, you may withdraw your consent at any time. You can do this by contacting us using any of the methods shown below in the ‘How do I contact you?’ section.
MAKING A COMPLAINT TO US
We hope you’ll never have cause to do so, but if you do want to complain about our use of your personal information, or our facilitation of your data subject rights, you can contact us using any of the methods shown below in the ‘How do I contact you?’ section. Your complaint will be investigated, and an appropriate response provided as quickly as possible.
MAKING A COMPLAINT TO THE INFORMATION COMMISSIONER
You can lodge a complaint with the Information Commissioner at any time. For instance, if you are unhappy with our processing your information, or we have failed to facilitate your data subject rights. The Information Commissioner can be contacted as follows:
By post: Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
By phone: 0844 496 4636 (local rate)
Further information can be found here: ICO Make a Complaint
HOW DO I CONTACT YOU?
You may contact us using any of the following methods:
By post: Chairman,VOTP, Handworth Post Office, 271 Handsworth Road, Sheffield, S13 9BN
By email: info@votp.org.uk
CHANGES TO THIS PRIVACY NOTICE
We routinely review our Privacy Notices to ensure they accurately reflect what we do with your personal information. This Privacy Notice was last updated in November 2024.