Privacy Policy

Stow Park Community Centre

Data Protection Policy

June 2025

 

Introduction

Who We Are

We are Stow Park Community Centre, a registered charity number 1155442. Our postal address is Brynhyfrd Road, NEWPORT NP20 4FX. Our website address is: https://stowpark.org.

The Trustees of Stow Park Community Centre are the data controller. This means they decide how your personal data is processed and for what purposes. They can be contacted at the above address. Stow Park Community Centre is registered with the Information Commissioner’s Office number ZB481022.

Policy statement

Stow Park Community Centre is committed to a policy of protecting the rights and privacy of individuals, voluntary and community group members, volunteers staff and others in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018. This policy applies to all voluntary and community group members and staff at the Community Centre. Any breach of this policy is considered to be an offence and, in that event, disciplinary procedures apply.

As a matter of good practice, other organisations and individuals working with the Centre, and who have access to personal information, will be expected to have read and comply with this policy. It is expected that any staff who deal with external organisations will take responsibility for ensuring that such organisations sign a contract agreeing to abide by this policy.

Legal Requirements

Data is protected by the Data Protection Act 2018 and the UK General Data Protection Regulation. The purpose of the legislation is to protect the rights and privacy of individuals and to ensure that personal data is not processed without their knowledge, and, wherever possible, is processed with their consent.

The Act requires us to register the fact that we hold personal data and to acknowledge the right of ‘subject access’ – voluntary and community group members and staff must have the right to copies of their own data.

Managing Data Protection

We will ensure that our details are registered with the Information Commissioner. Stow Park Community Centre is registered with the Information Commissioner’s Office number ZB481022.

Purpose of data held by the Community Centre

Data may be held by us for the following purposes:

  1. Staff recruitment and administration, including checks with the Government Disclosure and Barring Service.
  2. Volunteer recruitment and administration, including checks with the Government Disclosure and Barring Service.
  3. General operations management of the Centre, including management of room bookings by external organisations and individuals.
  4. Accounting and financial record keeping as required by the Charity Commission, for example claiming Gift Aid on donations.
  5. Advertising, Marketing and Public Relations.
  6. Journalism and Media.
  7. Research, for example Community Surveys.

Data Protection Principles

In terms of the Data Protection Act, the Trustees of Stow Park Community Centre are the ‘data controller’, and as such determine the purpose for which, and the way in which, any personal data is, or are to be, processed. We must ensure that we have:

Fairly and lawfully processed personal data

We will always put our logo on all paperwork, stating our intentions for processing the data and state if, and to whom, we intend to give the personal data. Also provide an indication of the duration the data will be kept.

Processed for limited purpose

We will not use data for a purpose other than those agreed by data subjects (voluntary and community group members, staff and others) unless there is a legal basis for doing so. If the data held by us is requested by external organisations for any reason, this will only be passed if data subjects (voluntary and community group members, staff and others) agree, unless there is a legal basis for doing so, such as crime prevention. Also, external organisations must state the purpose of processing and provide evidence of their own Data Protection policy.

Adequate, relevant and not excessive

The Trustees will monitor the data held for our purposes, ensuring we hold neither too much nor too little data in respect of the individuals about whom the data are held. If data given or obtained are excessive for such purpose, they will be immediately deleted or destroyed.

Accurate and up to date

We will provide our members (voluntary and community group members, staff and others) with a copy of their data once a year for information and updating where relevant. All amendments will be made immediately and data no longer required will be deleted or destroyed. It is the responsibility of individuals and organisations to ensure the data held by us are accurate and up to date. Completion of an appropriate form (provided by us) will be taken as an indication that the data contained are accurate. Individuals should notify us of any changes, to enable records to be updated accordingly.

Not kept longer than necessary

We discourage the retention of data for longer than it is required. All personal data will be deleted or destroyed by us after one year of non-membership has elapsed, unless there is a legal basis for retaining the data for a longer period.

Processed in accordance with the individual’s rights

All individuals that Stow Park Community Centre hold data on have the right to:

  • Be informed upon the request of all the information held about them within 40 working days of making a request in writing to the Trustees.
  • Prevent the processing of their data for the purpose of direct marketing.
  • Compensation if they can show that they have been caused damage by any contravention of the Data Protection Act 2018 or the UK General Data Protection Regulation.
  • The removal and/or correction of any inaccurate data about them.

CCTV

Stow Park Community Centre operates CCTV within the boundaries of the Centre for the purposes of crime prevention and for the safety of staff and users of the centre. If deemed necessary, the CCTV recordings may be shared with Gwent Police, who will process the data in accordance with their privacy policy at https://www.gwent.police.uk/hyg/fpngwent/privacy-notice/.

Secure
Appropriate technical and organisational measures shall be taken against unauthorised or unlawful access or processing of personal data and against accidental loss or destruction of data.

All Stow Park Community Centre computers have a log in system which is password protected, which allows only authorised staff, volunteers and Trustees to access such data. Passwords on all computers managed in accordance with guidelines issued by the National Cyber Security Centre.

All personal and financial data relating to the operation of the Centre is kept in a locked filing cabinet and can only be accessed by the Trustees. When staff members are using the laptop computers out of the office care should always be taken to ensure that personal data on screen is not visible to strangers.

Not transferred to countries outside the United Kingdom, unless the country has adequate protection for the individual.

Data must not be transferred to countries outside the United Kingdom without the explicit consent of the individual.  The Association takes particular care to be aware of this when publishing information on the Internet, which can be accessed from anywhere in the globe. This is because transfer includes placing data on a web site that can be accessed from outside the United Kingdom.

Mailing list

We will maintain a mailing list. This will include the names and contact details of people who have consented to receive information on events, publicity or fundraising appeals from Stow Park Community Centre.

When people sign up to the list, we will explain how their details will be used, how they will be stored, and that they may ask to be removed from the list at any time. We will ask them to give separate consent to receive publicity and fundraising messages and will only send them messages which they have expressly consented to receive.

We will not use the mailing list in any way that the individuals on it have not explicitly consented to.

We will provide information about how to be removed from the list with every mailing.

We will use mailing list providers who store data within the United Kingdom.

Web Site

Stow Park Community Centre operates a web site for which the following Privacy Policy applies.

Comments

Comments are currently disabled on our web site. Visitors have no means of leaving comments except via the contact forms, and such comments are not visible on the web site after the form has been submitted.

When visitors leave comments on our Facebook page, our page administrators are notified. Facebook may take additional actions as specified in their privacy policy at https://www.facebook.com/privacy/policy.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website. Instructions on how to remove location data from photos taken using iPhones and Android phones are here (iPhones) and here (Android).

Cookies

If you visit our login page for the purposes of web site administration, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

Stow Park Community Centre will never sell your data. We use it ourselves for administrative and operational purposes, or to inform you of events, fundraising, services and activities at the centre.

Stow Park Community Centre operates CCTV within the boundaries of the Centre for the purposes of crime prevention and for the safety of staff and users of the centre. If deemed necessary, the CCTV recordings may be shared with Gwent Police, who will process the data in accordance with their privacy policy at https://www.gwent.police.uk/hyg/fpngwent/privacy-notice/.

Your data may also be anonymised and shared with various organisations who give grants, for the purposes of grant applications or for statistical reporting. You will never be personally identified in such applications or reports.

How long we retain your data

If you leave a message through our web site or Facebook page for us to contact a class or group organiser, that data is passed on to the relevant organiser and is not retained by us.

What rights you have over your data

Your rights over your data are explained on the web site of the Information Commissioner’s Office.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Foodbank (UNDER REVIEW)

If you are a user of the Foodbank, any data you provide is strictly processed under the privacy policy of The Trussell Trust at https://www.trusselltrust.org/privacy/.