Terms & Policies

Equality and diversity should always be taken into account in the work we perform. We will try and ensure that everyone is treated equally and fairly:   

 

  • Diversity amongst STRONGER PEOPLE C.I.C’s staff, directors & volunteers will be valued. Differences and individual skills will be promoted and utilised.

 

  • The same opportunities for involvement will be provided for every STRONGER PEOPLE C.I.C member 

 

  • The differing needs of our individual staff members & volunteers will be taken into account when booking venues and arranging the dates and times for STRONGER PEOPLE C.I.C sessions/meetings

 

  • STRONGER PEOPLE C.I.C Sessions/meetings will be arranged so that as many people as possible have the opportunity to attend and to gain access to a venue.

 

 

Involving and representing the community

 

  • Stronger People C.I.C will actively seek to represent an accurate cross-section of the community, including hard to reach groups and those who are under-represented

 

  • Stronger People C.I.C will attempt to increase involvement and representation by advertising sessions/meetings in a wide variety of locations including libraries, shops, schools, community and health centres, places of worship, and colleges

 

  • Publicity and advertising, where possible, will be made available in a variety of different formats and languages to include the whole community

 

  • Stronger People C.I.C where possible will seek to assist minority and hard to reach groups by identifying their needs in the community and establishing links with other organisations. 

 

Conduct during sessions/meetings

 

  • Stronger People C.I.C will not tolerate any discriminatory or offensive behaviour

 

  • Stronger People C.I.C will not tolerate racist, sexist or discriminatory remarks (relating to age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex and sexual orientation) during any sessions/meetings and will ensure to challenge these behaviours in appropriate ways. 

GENERAL DATA PROTECTION REGULATION (GDPR) GUIDELINES AND PROCEDURES

 

General Data Protection Regulation supersedes the Data Protection Act 1998. Stronger People C.I.C has updated its policies and procedures to reflect the new rights of individuals under GDPR, namely: 

  • the right to be informed; 

  • the right of access;

  • the right to rectification; 

  • the right to erasure; 

  • the right to restrict processing;

  • the right to data portability; 

  • the right to object; and

  • the right not to be subject to automated decision-making including profiling.

 

Stronger People C.I.C keeps information on its staff, members and users, in order to meet our legal obligations and keep individuals safe when they are participating in our activities. Our reasons for keeping this information are covered by the lawful bases allowed in GDPR, namely:

(a) Consent:  The individual has given clear consent for you to process their personal data for a specific purpose. 

(b) Contract:  The processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.

(c) Legal obligation:  The processing is necessary for you to comply with the law (not including contractual obligations).

(d) Vital interests: The processing is necessary to protect someone’s life.

(e) Public task:  The processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law. 

(f) Legitimate interests: The processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)

 

Audit of data held

Stronger People C.I.C has conducted an audit of the personal and sensitive data that we hold in the organisation. This audit can be found as an annexe to this policy.

Designated person responsible for GDPR compliance

The designated person responsible for GDPR compliance at Stronger People C.I.C is Hallam Walker-Smart

 

Procedures

Data Collection

  • Stronger People C.I.C explains to people whose personal data we store how we intend to use that data through our privacy statement which is clearly accessible on our website.

  • Stronger People C.I.C gains active consent from individuals for holding their personal information by:

    • Requiring the person (or their parent/carer for those under the age of 13) to sign to say they consent at the point at which data is collected

    • We verify that the person giving consent on behalf of a young person under the age of 13 has the right to do so

    • Seeking consent on an annual basis for those on mailing lists – and removing people from data bases if they do not respond.

    • We keep records that demonstrate that individuals have given active consent for us to store and use their personal data

  • Our forms and templates include a standard form of wording to ensure that individuals understand what the purpose of the collection of the data is and what will happen to that data.  Importantly, our forms ensure that all individuals give their explicit consent when they supply information regarding medical conditions or are consenting to the use of their data for commercial purposes.  Good evidence of explicit consent is a box ticked on a form.

  • For people under the age of 13 we ensure that the child’s parent or carer give their consent by completing a paper form. We have a similar process for the carers of vulnerable adults who cannot give an agreement themselves

  • Our privacy statement is written in terms which can be easily understood by our members/users and their families/carers

  • Our staff and volunteers have been trained in using the personal data we collect only for the purposes that we state we use it for 

  • We store personal information securely, on password protected devices and/or in locked cabinets in secure premises. Only approved individuals have access to this data 

  • If someone withdraws consent for us to store and use their personal data, we immediately remove their data from our management information systems and shred any paper documents we hold concerning their personal information.

  • We review our data collection and storage systems every 2 years, to ensure that they remain fit for purpose

How we handle personal and sensitive data

 

Stronger People C.I.C ensures that any confidential information is handled sensitively, stored appropriately and destroyed when no longer used. 

 

  1. We ensure that sensitive information, whether on computer file or paper copies, is kept securely with access strictly controlled and limited to persons who need to have access to this information in the course of their work. 

  2. Sensitive data which could be a risk to individuals if in the public domain (e.g. health records, employment history) is held on fully secured, encrypted with a password, devices

  3. Confidential information will only be used for the specific purpose for which it was requested and with the person’s full consent (although see below for information relating to welfare).

  4. Once the information is no longer needed, confidential information will be destroyed by secure means (e.g. shredding, pulping or burning).

 

Information relating to the welfare of children, young people or vulnerable adults

Stronger People C.I.C works with children, young people or vulnerable adults with respect to their welfare, and we inform people that:

  • Information will only be forwarded on ‘a need to know’ basis in order to safeguard the child/young person/vulnerable adult

  • Giving such information to others for the protection of the child/young person/vulnerable adult is not a breach of confidentiality if it follows the agreed processes of local safeguarding authorities

  • We cannot guarantee total confidentiality where the best interests of the child/young person/vulnerable adult are at risk

  • Primary carers, children, young people and vulnerable adults have a right to know if a report is being made to the Health Services or police, unless  informing them could put the child/young person/vulnerable adult at further risk. If a decision is taken not to inform primary carers of such a report, reasons for that decision will be recorded

  • Images of a child/young person under the age of 18/vulnerable adult/will not be used for any reason without the consent of their parent/carer

  • Images of members over 18 will not be used without their consent. We cannot, however, guarantee that cameras/videos will not be used at public events

 

Procedures are in place for recording and storing data in line with our privacy statement.

Information on employees and volunteers

Stronger People C.I.C holds information on its employees as required by government departments. We also hold data about our volunteers to enable us to respond to their needs and meet the requirements of our funders (where appropriate). We hold information on employees and volunteers for the duration of their employment/volunteering with us, and for 5 years after they have left our organisation.

 

Employees and volunteers can ask to see any information that we hold about them. Stronger People C.I.C will respond to such requests in a timely manner, within 30 days of receiving the request.

 

Dealing with a Data Protection Request

 

  • Under GDPR, anyone can ask if an organisation holds personal information about them, through a Subject Access Request (SAR). Stronger People C.I.C will respond to their request within 30 days. This includes written records as well as data held on computer systems.

 

  • The person has the right to know:

  • What information is being used

  • Why it’s being used

  • Where it came from

  • Who can see the information?

 

  • Stronger People C.I.C will send them a hard copy, if possible, such as a letter or print out, unless both parties agree otherwise 

 

  • Stronger People C.I.C will make sure the recipient can understand the information, i.e. explain what any codes mean

 

  • Stronger People C.I.C follows the advice of the Information Commissioner on what type of personal data must be disclosed if an organisation receives a subject access request. The key steps that must be followed when deciding whether to disclose personal data are that data should be disclosed if:

 

  1. A living individual can be identified from the data.

 

  1. The data relates to the identifiable living individual, whether in personal or family life, business or profession.

 

  1. That data is obviously about a particular individual.

 

  1. The data linked to the individual provides particular information about that individual.

 

  1. The data is used to inform or influence actions or decisions affecting an identifiable individual.

 

  1. The data had biographical significance in relation to the individual.

 

  1. The data focuses or concentrates on the individual as its central theme rather than some other person.

 

  1. The data impacts or has the potential to impact on an individual whether in a person, family, business or professional capacity.

 

  • Particular care will be taken when disclosing information if a third party can be identified from the data.  Special provisions apply in such circumstances.

 

 

Transferring information to third parties:

 

  • Stronger People C.I.C only shares information on our members and users with third parties when a suitable contract is in place with any ‘data processors’ processing personal data on the organisation. This includes funders and sport governing bodies. 

 

  • Stronger People C.I.C does not transfer data to third parties unless we have  authorisation (usually that the individual has given consent, or the recipient is an authorised ‘data processor’)

 

  • Stronger People C.I.C does not put personal data on the Internet without the individual’s consent.

 

Significant data breach

In the event of a significant data breach, such as lost or misplaced personal files, computers or memory sticks holding such information Stronger People C.I.C will inform the relevant authorities and the individuals involved within 72 hours. Authorities will be given full details of the breach and actions to be taken to mitigate the impact.

External links:

  1. Links to third party websites are provided solely for your convenience. If you use these links have not been reviewed and Stronger People C.I.C does not control and is not responsible for these websites or their content or availability.

  2. The existence of a link from any organisation's site on this site does not imply that Stronger People C.I.C endorses the activities or views of that organisation.

Stronger People C.I.C

Stronger People is a registered Community Interest Company (11474413)
Stronger People C.I.C, Carlton Road Business Centre, 27-31 Carlton Road, Nottingham, NG3 2DG