This policy pertains to this website by Girlguiding Staffordshire, an organisation headquartered in Stafford, UK. This includes www.girlguidingstaffordshire.org.uk, www.girlguidingstaffordshire.org.uk/unity/ additional Girlguiding Staffordshire websites, and digital assets produced and or managed websites (together, the “Site”).
Girlguiding Staffordshire is responsible for the processing of personal data and is a data controller for the purposes of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the General Data Protection Regulation (‘GDPR’)).
General Data Protection (GDPR)
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. It becomes enforceable on 25 May 2018.
According to the European Commission, “personal data is any information relating to an individual, whether it relates to his or her private, professional or public life.
A lawful basis for data processing
Data will not be processed unless there is at least one lawful basis to do so. Mainly this will be when the data subject has given consent to the processing of personal data for one or more specific purposes.
Consent will be assumed if the data subject has made their personal details available through a recognised community and has volunteered to join one of Girlguiding Staffordshire websites. In these circumstances the data subject is taken to represent themselves and has joined Girlguiding Staffordshire’s network in order to receive information from Girlguiding Staffordshire. In addition it will be assumed that the details given are the data subject’s contact details
Girlguiding Staffordshire provide services relating to Girl Guiding activities, for which consent has been assumed includes but is not limited to;
- Receiving community based notifications such as up-dates and newsletters relevant to our services
- Email marketing
- Order processing
- Support queries
- Booking confirmation emails
Processing may also be necessary under certain other conditions such as but not limited to:
- for the performance of a contract
- for compliance with a legal obligation
- to protect the vital interests of the data subject or of another natural person
Records of Processing Activities
Records of processing activities will be maintained that include purposes of the processing, categories involved and envisaged time limits
Data protection by design and by default (Article 25) requires data protection to be designed into the development of business processes for products and services. Privacy settings will therefore be set at a high level by default, and technical and procedural measures will be taken by the controller to make sure that the processing, throughout the whole processing lifecycle, complies with the regulation.
GDPR makes special provision for special categories of persona data (Article 9). Quality Systems Consultancy does not process any of these categories.
The web hosts and social media providers that we use also all conform to GDPR standards.
In all circumstances where we collect personal data from you, we will only collect the minimum amount of data required for us to perform the defined processing purpose/s.
Right of access: citizens have the right to access their personal data and information about how this personal data is being processed. These include information on the data subject, details about the processing of data, such as the purposes of the processing, with whom the data is shared, and how Quality Systems Consultancy acquired the data.
Right to erasure: Article 17 provides that the data subject has the right to request erasure of personal data related to them on any one of a number of grounds.
St Peter’s School SiteChurch Lane, Hixon, Staffordshire, ST18 0PS.
Registered Charity no.: 524559
this gdpr policy was last updated in May 2018