Our Free Minds CIO is committed to protecting your privacy. This privacy policy explains our data processing procedures, i.e. how we manage the data you share with us through various channels, and your rights and options regarding how your data is used. We recommend you read it carefully so that you understand how we collect and manage your personal data.
Any data you provide to us is on a completely voluntary basis. However, without providing us with certain types of personal data, we cannot provide you legal access to certain services.
The rules on processing personal data are set out in the General Data Protection Regulation (the GDPR).
Definitions
Categories of data: Personal data and special categories of personal data
Personal data – The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier (as explained in Article 6 of GDPR). For example, name, passport number, home address or private email address. Online identifiers include IP addresses and cookies.
Special categories personal data – The GDPR refers to sensitive personal data as ‘special categories of personal data’ as explained in Article 9 of GDPR). The special categories specifically include genetic data, and biometric data where processed to uniquely identify an individual. Other examples include race and ethnic origin, sexual orientation, health data, trade union membership, political opinions, religious or philosophical beliefs.
Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Third party – means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
When do we collect personal information from you?
We collect personal information from you when you provide it directly.
For example, when you send us messages through our website or via emails in order to make enquiries, arrange visits or give us your opinions; when you give us your names, phone numbers, email addresses to join our various communications groups; when you provide your home addresses for our invoicing system, when you complete the sign-up forms to book our sessions, and when you choose to go through DBS checks so that you can be present at our sessions with your child.
We collect personal information from you when it is publicly available.
This could include when you interact with us via social media (Facebook, Instagram, Twitter, YouTube, etc).
We collect personal information when it is provided indirectly, i.e. by a third party.
For example, when you get in touch with us through a third party, e.g. a current member of Our Free Minds who is also your friend; when you make payments for donations to Our Free Minds through Paypal or bank transfer.
We also collect certain information via our website.
Our Free Minds only collects the information you provide to us. We do not collect information about your IP address, or what device you are using to access our website.
We may collect and store the following types of personal data:
Your full name, postal address, contact telephone number(s), email address, date of birth, gender, emergency contact details and in some cases any relevant medical conditions.
Photograph(s) or video(s) of you participating in our sessions (we only do this with your permission).
Certain financial or billing information such as bank details and/or credit/debit card details. Where this information is stored, however, it is done so via a regulated financial provider such as Stripe or Worldpay and data is encrypted and stored in a limited way.
We may use this data for the following reasons:
To register you as a member of Our Free Minds via our registration process.
To allow you to make bookings at Our Free Minds either online, by phone or face-to-face.
To allow you to make other types of purchases at or donations to Our Free Minds, such as at our market days or fetes.
To help us communicate with you to answer any questions you have asked of us.
To inform you of any cancellations or rescheduling of sessions, or activities you, or a child under your supervision, may be booked onto.
To provide you with information regarding upcoming events, other activities and news where appropriate.
To allow you to apply to volunteer or work with us.
To allow a rapid response in the event of a medical emergency or to support emergency service personnel in the advent of an accident or medical situation.
For the prevention of fraud or misuse of personal data by others or for the misuse of our facilities.
For the establishment, defence and/or enforcement of any legal claims against Our Free Minds.
To keep our facility safe and secure and to help protect our staff and members.
We may use your contact details to communicate with you about new services, courses, events or promotions which we feel may be of interest to you. This may happen through emails, WhatsApp messages, phone calls or social media.
Communications of this nature will only happen if you have given us your express consent to do so, so in the case of marketing information via email you may have either signed up via our website directly or opted-in via our registration process to grant this consent. With regards to social media you may receive our posts in your social feeds if you have chosen to connect with us.
Where you have provided us with consent previously but no longer wish to receive communications of a marketing nature from us then please contact us by emailing info@ourfreeminds.org.
The terms set down under the General Data Protection Regulation (GDPR) states that organisations must rely on a lawful basis/legitimate interest to use any personal data collected. For Our Free Minds CIO this is considered to be:
Where you have provided specific consent for us to use your personal data, such as registering as our members, joining our electronic communications groups or following us on social media.
Where we are obliged to do so for legal reasons, such as regulatory bodies which govern our industry, government bodies or legal establishments, or where there is vital interest such as emergency services.
Where necessary to allow us to provide our service to you upon your request, for example, for the completion of a booking, entry fee to the venue or subscription.
We will only collect and store personal data for a child when we have consent to do so by either the child or the parent/legal guardian of the child in question. Our Free Minds operates a rigorous Safeguarding Policy to ensure that all children are kept safe and are protected and this extends to include the appropriate handling of data.
Personal information and other registration or permission based documents will only be held for the duration that you want us to hold it and are using our services.
We will annually review the data and determine whether it is still in your interest for us to hold it. If we are at all unsure we will contact you to confirm if you would still like us ro hold and process your data. If we don’t hear back from you in 30 days we will delete all of the personal data we hold.
We will never sell or share your personal data for marketing or promotional purposes. However, we may divulge some personal data to third parties in order for us to achieve our legal or contractual obligations as a Company.
For example, we may disclose certain elements of a customer’s personal data to emergency services, government bodies or legal representatives in case of an accident, medical situation or legal dispute.
Our Free Minds is committed to keeping your personal data as safe and secure as possible.
Data is stored electronically on secure servers either directly (i.e. created electronically in the first instance via an electronic device) or indirectly (i.e. where a paper record has been created it is then scanned). Any paper copies or paper data will be held under lock and key.
Your personal information is accessible only by trained staff and certain parts of your personal data is limited to staff members who require a higher level of access, such as senior managers and directors.
We have security measures in place to prevent unauthorised access to stored data.
You have the right to withdraw your consent for us to use your personal data at any time, including unsubscribing from our mailing list, and your rights further extend to the following options:
We do not use any form of automated decision making.
We may update this Privacy Policy from time to time in order to keep our policies up to date. We also formally review this policy on an annual basis. If any significant changes are made to this policy we will endeavour to communicate this with you.
If you have any concerns regarding your data or you wish to contact us regarding your personal information and its usage please contact us using the details below.
Email our Data Protection Officer on: info@ourfreeminds.org
Please mark any correspondence for the attention of our Data Protection Officer.
If you feel an enquiry you make with us isn’t being handled to your satisfaction you have the right to make a complaint to the Information Commissioner’s Office (ICO) contactable via www.ico.org.uk.
This policy was adopted by: Our Free Minds
Date: 30.08.2022
To be reviewed: 30.08.2023
Signed: Guy Asherson-Taylor