“Personal data” means any data about a living individual who can be identified by use of that data. “Processing” such information, that is storing and using it, is governed by the General Data Protection Regulation 2018 (the “GDPR”) under which the Friends of Shakespeare’s Church as “Data Controller” has certain obligations. Contact details for WCHCT are given below.
How do we process your personal data?
The Friends of Shakespeare’s Church complies with its obligations by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure, and by ensuring that appropriate technical measures are in place to protect personal data.
We use personal data for the following purposes:
- Administration of Friends of Shakespeare’s Church membership including sending out membership materials;
- Responding to requests for support and for tickets for our events;
- Administration of donations, benefactions, legacies;
- Administration of contracts with us; and
- Limited research and statistical analysis to inform the work of Friends of Shakespeare’s Church.
Personal data provided to us will be used for the purposes for which you submit it and in accordance with whatever consent you may give for its future use.
- If you are a member of the Friends of Shakespeare’s Church, the uses will include sending you confirmation of your membership, subscription, and membership materials such as notification of the annual meeting and newsletters with details of our events and other activities.
- If you book with us to attend an event, we shall use your data to collect payment and to send you any ticket or joining instructions.
- If you donate to Friends of Shakespeare’s Church, have done so in the past or pledge to do so in the future, we would like to report to you periodically on the Friends of Shakespeare’s Church’s progress and plans and to invite you to events. You will be asked whether you would like to stay in touch in this way.
You can, at any time, ask us to take you off a specific circulation list that you have joined or withdraw your consent for us to hold your data by emailing email@example.com for the appropriate form.
Personal data relating to children under a legally determined age (currently 16 years) cannot be processed without the consent of a parent or legal guardian.
What personal data do we process?
Friends of Shakespeare’s Church processes personal data that you give to it when you become a member of the Friends of Shakespeare’s Church, register for one of its events, make a donation or enter into a contract with Friends of Shakespeare’s Church. The personal data collected will typically include your name, billing and delivery addresses, email address, telephone number, and banking details connected with any payment you are making.
We hold Gift Aid declarations to allow the proper recording of your donations and to meet the legal requirements for audit. The law currently requires us to keep this information for a period of six years after the relevant payment date.
Information collected from visits to our website
Currently, we do not use third-party suppliers to collect information about how people arrive at our site and navigate through it – but, as is common practice, we may do so in the future
What are the legal grounds for our processing your personal data?
- That the processing is necessary to fulfil a request which you have made such as establishing your membership and providing membership materials, providing you with a ticket for an event, or processing a donation or grant application made by you.
- That you have consented to our processing your personal data for some specific purpose which we have offered to you as an option.
- That the processing is necessary to fulfil a contract made with Friends of Shakespeare’s Church, e.g. contracts between Friends of Shakespeare’s Church and its service providers.
- That the processing is necessary to meet a legal requirement, e.g. for financial or tax audit.
- That the processing serves some legitimate purpose justifiable in the context of individual’s interests and rights by the value it brings to the work of Friends of Shakespeare’s Church, e.g. research undertaken by Friends of Shakespeare’s Church to inform its overall planning to raise awareness of its activities.
With whom do we share your personal data?
Personal data may be shared where necessary as follows:
- With Friends of Shakespeare’s Church Trustees and officers of Friends of Shakespeare’s Church;
- With agents and other third parties acting for Friends of Shakespeare’s Church under contract or subcontract to undertake work such as maintaining our database and website and sending out mailings.
Personal data is collected and processed according to this policy and the Friends of Shakespeare’s Church’s security procedures. Under these procedures, an audit of categories of data held and permissions to access and use that data is undertaken by the Friends of Shakespeare’s Church at least annually. Third parties may use your data only for the purposes for which we pass it to them providing they follow security procedures which are at least as stringent as the Friends of Shakespeare’s Church’s.
How long is your data kept?
Your data is held only for so long as the legal grounds for processing set out above apply. Records required for financial or tax audit have to be held for six years after the relevant transaction.
The nature of our work is such that we may have lifelong relationships with donors, beneficiaries and members. Legacy income is important to the running of the Friends of Shakespeare’s Church. We keep data as long as is necessary to carry out legacy administration and communicate effectively with the families of people leaving us legacies.
Your rights and your personal data
Unless subject to an exemption under the GDPR, you may exercise the following rights with respect to your personal data free of charge: –
- The right to request a copy of your personal data which the Friends of Shakespeare’s Church holds (in certain circumstances, that information to be available on request in transmissible digital form);
- The right to request that the Friends of Shakespeare’s Church correct any personal data if it is found to be inaccurate or out of date;
- The right to request that your personal data be erased where it is no longer necessary for the Friends of Shakespeare’s Church to retain such data;
- The right to withdraw any consent that you have given for your data to be processed;
- The right to object to the processing of personal data where the processing is justified by legitimate interests including research and statistical analysis;
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request that a restriction be placed on further processing such that it may be held but no longer used while the matter is addressed; and
- The right to lodge a complaint with the Information Commissioners Office
Revision of this policy
This policy will be reviewed regularly by the Trustees of the Friends of Shakespeare’s Church and up-dated as necessary.
If we wish to use your personal data for a new purpose not covered by this Policy, then we shall provide you with a new Policy explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we shall seek your prior consent to the new processing.
We reserve the right to amend this policy at any time in response to your feedback, new or altered WCHCT systems and procedures, Internet best practices and UK and European law.
Date of Review: September 2021