CUPAR DEVELOPMENT TRUST
DATA PROTECTION AND PRIVACY POLICY
Cupar Development Trust (“CDT”) takes personal privacy seriously. CDT will use the information which members, potential members and others have provided only in support of the legitimate interests of CDT, to administer their accounts, and to provide those products and services they have asked for. CDT may collect, hold and use the following personal data:
- Name
- Designation and post-nominals
- Postal Address, including Post Code
- Telephone numbers (land line and mobile)
- Email address
CDT may use the personal data collected to send details of events organised by CDT, or by others if directly relevant to the objects and activities of CDT, and for fund-raising. CDT may collect, hold and use also, where necessary, details of members’ bank accounts and bank sort codes, and will use such data only to administer CDT membership and activities.
CDT will not share personal data with any third parties. CDT does not use automated profiling or sorting of personal data, and such data will never be shared with external organisations. All personal data will be held securely from point of collection to entry in CDT’s systems, and CDT will ensure that only those authorised and required to use personal data have access to it.
CDT will retain members’ personal data only for so long as membership of CDT is pending or continues. Anyone whose personal data is held may at any time request that it be deleted, and CDT will comply with such requests within a reasonable time.
CDT will record the addresses and email details of those who subscribe to CDT newsletters or attend CDT events, and may record also the details of visitors to the CDT website. Anyone whose personal data is held by CDT is entitled to make a “Subject Access Request”, and to be given a copy of that data on reasonable notice.
Members, potential members, or members of the public who wish to complain about any aspect of how CDT processes personal data should get in touch, in the first instance, with the Secretary of CDT. Should the Secretary not respond, or should that response be considered inadequate, then the matter should be raised with the Chair. Should the Chair not respond, or should the Chair’s response be considered inadequate, a complaint should be made to CDT’s Data Protection Officer. Details of these appointments are on the CDT website. Should a member or potential member wish to take further action, the matter should be raised with the Scottish Information Commissioner’s Office:
http://www.itspublicknowledge.info/home/ScottishInformationCommissioner.aspx
CDT will review compliance with this Policy at least annually.
DATA PROTECTION AND PRIVACY POLICY
Adopted by the Board of Cupar Development Trust on May 2018
……………………………………………………………………. Chair
