1.1 This policy explains when and why the Way of St Andrews collects personal data about our Friends and Organisations (Members), how we use it, how we keep it secure and your rights in relation to it.
1.4 We will always comply with the General Data Protection Regulation (GDPR) when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner www.ico.org.uk. We will be the data controller of the personal data we hold about you.
2.1 We are the Way of St Andrews and can be contacted through the website or firstname.lastname@example.org.
3.1 Member’s name, address, telephone numbers, email, address(es) and pilgrimage data.
4.1 We will not transfer your personal data without your consent.
4.2 We have implemented appropriate technical and organisational measures to protect your
4.3 We will notify you promptly in the event of any breach of your personal data which might
expose you to serious risk.
5.1 We don’t share your personal data with any third parties unless required to do so by law.
6.1 We will hold your personal data for as long as you are a subscriber and thereafter only to enable us to comply with any legal obligations we may have.
7.1 You have rights under GDPR:
(a) to access the personal data we hold about you;
(b) to be provided with information about how your personal data is processed;
(c) to have your personal data corrected;
(d) to have your personal data erased in certain circumstances;
(e) to object to or restrict how your personal data is processed;
(f) to have your personal data transferred to yourself or to another business in certaincircumstances.
7.2 You have the right to take a complaint about how we process your personal data to the Information Commissioner:
0303 123 1113
Information Commissioner’s Office
Cheshire SK9 5AF