Data Protection Policy

This policy applies to trustees in the UK and India, staff employed in India by the Trust (there are no UK staff) and volunteers. It is reviewed at regular intervals.
Policy statement

The Venkat Trust collects and uses information about people with whom it communicates. This personal information must be dealt with properly and securely however it is collected, recorded and used – whether on paper, in a computer, or recorded on other material.

The Venkat Trust regards the lawful and correct treatment of personal information as very important to the successful and efficient performance of its functions, and to maintain confidence between those with whom it deals.

To this end the Venkat Trust fully endorses and adheres to the Principles of Data Protection, as set out in the Data Protection Act 1998.

Purpose

The purpose of this policy is to ensure that the volunteers and trustees of the Venkat Trust are clear about the purpose and principles of Data Protection and to ensure that it has guidelines and procedures in place which are consistently followed.

The Venkat Trust undertakes that:

• Personal data will be processed fairly and lawfully
• Data will only be collected and used for specified purposes
• Data will be adequate, relevant and not excessive
• Data will be accurate and up to date
• Data will not be held any longer than necessary
• Data subject’s rights will be respected
• Data will be kept safe from unauthorised access, accidental loss or damage
• Data will not be transferred to a country outside the European Economic Area, unless that country has equivalent levels of protection for personal data.

The principles apply to “personal data” which is information held on computer or in manual filing systems from which they are identifiable. The Venkat Trust’s employees, volunteers and trustees who process or use any personal information in the course of their duties will ensure that these principles are followed at all times.

Procedures

The following procedures have been developed in order to ensure that The Venkat Trust meets its responsibilities in terms of Data Protection. For the purposes of these procedures data collected, stored and used by the Trust falls into two broad categories:

1. The Venkat Trust’s internal data records; volunteers and trustees
2. The Venkat Trust’s external data records; supporters or clients.

Founder Trustee Sylvia Holder is ultimately responsible for the policy’s implementation.

INTERNAL DATA RECORDS

The Venkat Trust obtains personal data (names, addresses, phone numbers, email addresses), application forms, and references and in some cases other documents from India based staff, volunteers and trustees. This data is stored and processed to distribute relevant organisational material e.g. meeting papers

Access

The contact details of India based staff, trustees and volunteers will only made available to other trustees and volunteers. Any other information supplied on application will be kept in a secure filing cabinet and is not accessed during the day to day running of the organisation.

Contact details of India based staff, volunteers and trustees will not be passed on to anyone outside the organisation without their explicit consent.

India based staff, volunteers and trustees will be supplied with a copy of their personal data held by the organisation if a request is made.

All confidential post must be opened by the addressee only.

Accuracy

The Venkat Trust will take reasonable steps to keep personal data up to date and accurate. Personal data will be stored for six years after a member of staff, volunteer or trustee has been involved with the organisation and brief details for longer. Unless the organisation is specifically asked by an individual to destroy their details it will normally keep them on file for future reference. The Founder Trustee has responsibility for destroying personnel files.

Storage

Personal data is kept in paper-based systems and on a password-protected computer system. Every effort is made to ensure that paper-based data are stored in organised and secure systems.

Use of photographs

Where practicable, The Venkat Trust will seek consent from individuals before displaying photographs in which they appear. If this is not possible (for example, a large group photo), the organisation will remove any photograph if a complaint is received. This policy also applies to photographs published on the organisations website or in the Newsletter.

EXTERNAL DATA RECORDS

Purposes

The Venkat Trust obtains personal data (such as names, addresses, and phone numbers) from supporters. This data is obtained, stored and processed solely to assist in the efficient running of services. Personal details supplied are only used to send material that is potentially useful and has been requested. Most of this information is stored on the Trust’s database.

Consent

Written consent is not requested as it is assumed that the consent has been granted when an individual freely gives their own details.

Personal data will not be passed on to anyone outside the organisation without explicit consent from the data owner unless there is a legal duty of disclosure under other legislation, in which case the Founder Trustee will discuss and agree disclosure with the other trustees.

Access

Only the organisation’s India based staff, volunteers and trustees will normally have access to personal data.

All India based staff, volunteers and trustees are made aware of the Data Protection Policy and their obligation not to disclose personal data to anyone who is not supposed to have it.

Information supplied is kept in a secure filing, paper and electronic system and is only accessed by those individuals involved in the delivery of the service.

Information will not be passed on to anyone outside the organisation without their explicit consent, excluding statutory bodies e.g. the Inland Revenue.

Individuals will be supplied with a copy of any of their personal data held by the organisation if a request is made.

All confidential post must be opened by the addressee only.

Accuracy

The Venkat Trust will take reasonable steps to keep personal data up to date and accurate.
Personal data will be stored for as long as the data owner/ client/ member supports our work. Where an individual ceases to support our work and it is not deemed appropriate to keep their records, their records will be destroyed. However, unless we are specifically asked by an individual to destroy their details, we will normally keep them on file for future reference.

If a request is received from an organisation/ individual to destroy their records, we will remove their details from the database and request that anyone else connected with the organisation destroy them.

Storage

Personal data may be kept in paper-based systems and on a password-protected computer system. Paper-based data are stored in organised and secure systems.

Responsibilities of India based staff, volunteers and trustees

During the course of their duties with the Venkat Trust India based staff, volunteers and trustees will be dealing with information such as names/addresses/phone numbers/e-mail addresses of supporters or volunteers. They may be told or overhear sensitive information. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully.

August 2015