How we respect privacy when we deal with personal information collected by our organisation.
Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the Kaira Konko Active Support Unit, Manager
- “you”, “the user” refer to the person(s) using this
- GDPR means General Data Protection
- PECR means Privacy & Electronic Communications
- ICO means Information Commissioner’s
- Cookies mean small files stored on a users computer or
We collect information in the following ways:
When you give it to us DIRECTLY
There are many ways you may give us your information. For example, when you register as a supporter, make a donation, begin volunteering, stay at the Kaira Konko Lodge, make an enquiry about our work or communicate with us either by phone, in writing, including email or in person. We are responsible for your data at all times.
When you give it to us INDIRECTLY
Your information may be shared with us by independent organisations. These may relate, but are not limited to, online donation sites like Virgin Money Giving or JustGiving; and/or accommodation reservation services such as Booking.com or TripAdvisor, or other such services in any instance.
These independent third parties will only share your information when you have consented. You should check their Privacy Notice when you provide your information to understand fully how they will process your data.
Via Social Media
Depending on your settings or the privacy notices for social media and messaging services like Facebook, WhatsApp, LinkedIn or Twitter, you might give us permission to access information from those accounts or services.
Via information available publicly
This may include information found in places such websites (clubs, districts, supporters groups, individuals or organisations who have etc), Companies House and information that has been published in articles/newspapers.
Cookies are small text files that can be used by websites to make a user’s experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages. You can at any time change or withdraw your consent from the Cookie Declaration on our website.
Your consent applies to the following domains: www.kairakonko.com.
Cookie declaration last updated on xx/xx/xxxx by Cookiebot:
The type and quantity of information we collect and how we use it depends on why you are providing it. You should be able to control what cookies are placed on your device through your browser settings. Go to www.aboutcookies.org to find out more about cookies, including how to see what cookies have been set and how to manage and delete them.
We use Google Analytics to analyse the use of our websites by generating statistical and other information. Details captured during your visit to our websites will include, but are not limited to, traffic data, location data, weblogs and other communication data and the resources you access. However, all data collected is anonymous and will not identify you as an individual.
1. Personal data that we process
The following table explains the types of data we collect and the legal basis, under current data protection legislation, on which this data is processed.
Data (key elements)
Enquiring about our organisation and its work
Name, email, address, telephone (landline or mobile), message, membership of or employment of an interested party you are representing
Legitimate interests – it is necessary for us to read and store your message so that we can respond in the way that you would expect.
Subscribing to email updates about our work
Name, email, area of interest
Consent – you have given your active consent.
Making a donation
Name, email, address, payment information
Legitimate interests – this information is necessary for us to fulfill your intention of
donating money and your expectation of receiving a confirmation message.
Signing up as a member of the committee
Name, email, address, telephone (landline or mobile)
Legitimate purpose member of committee need to be members of Scouting
Website activity collected through cookies
– it is necessary for us to store a small amount of information, usually through cookies, to deliver functionality that you would expect, such as remembering the contents of your order before you have fully completed the process.
2. How we use your data
We will only use your data in a manner that is appropriate considering the basis on which that data was collected, as set out in the table at the top of this policy. For example, we will use your personal data for the legitimate interest of conducting our core activities, these will include:
- Providing you with the information or services you asked for,
- Providing you with information that we think you may be interested in,
- Providing services, products, guidance or information to individuals and/or organisations for their general activities,
- Communicating organisational and promotional messages and information to our supporters
- Communicating details of committee meetings, fundraising opportunities and special events
- Facilitate accommodation bookings , project support, meetings and other special event planning,
- Administering your donation, including processing Gift Aid,
- Supporting Scout Activities in the United Kingdom and Overseas,
- Preparation of Committee Contact Details,
- To present our website and its contents to you and to allow you to participate in interactive features on our website,
- Keep a record of your relationship with us,
- Understand how we can improve our services, products or information,
- In any other way we may describe when you provide the information,
- For any other purposes with your consent,
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including
You also have the right to complain to the ICO www.ico.org.uk if you feel there is a problem with the way we are handling your data. We handle subject access requests in accordance with the GDPR.
We do not collect any personal information on members classified as ‘sensitive’ under GDPR.
How we keep your information safe and who has access to it
We ensure that there are appropriate physical and technical controls in place to protect your personal details. For example, confidential paper records are securely stored, our online forms are encrypted and our network is protected and routinely monitored.
We undertake regular reviews of who has access to information that we hold to ensure that your personal information is only accessible by appropriate staff, Rotary members and our service/host providers. We do comprehensive checks on the companies we use before we work with them and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they may have access to as part of providing those services.
We have a duty to report certain types of personal data breaches to the relevant supervisory authority, and where feasible, we will do this within 72 hours of becoming aware of the breach. If a breach is detected and likely to result in a high risk of adversely affecting you, we will inform you without undue delay.
Where we store your information
Your personal information will be hosted securely within the UK or the EU by in Great Britain & Ireland.
However, Kaira Konko Lodge and Scout Centre run operations outside the European Economic Area (EEA). Although they may not be subject to the same data protection laws as organisations based in the UK, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law. By submitting your personal information to us you understand your personal data may be transferred, stored and processed at a location outside the EEA.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, alternatively you may contact the EMS provider directly.
Our EMS provider is; Send in Blue. We hold the following information about you within our EMS system;
- Email address
- P address
- Subscription time & date
If you are unhappy with how we have processed your personal information, please firstly contact our Data Compliance Officer, Manager, details below:
7 Chilgrove House, Marden Way, Petersfield, Hampshire, GU31 4PU
If you are still unhappy you may contact the following:
Information Commissioner’s Office
Wycliffe House Water Lane Wilmslow Cheshire, SK9 5AF
Helpline: 0303 123 1113 (local rate) or +44 1625 545 745