UK & IRELAND PROVINCE
Data Protection Policy, May 2018
The Sisters of Our Lady of the Missions are committed to complying with all the relevant EU and Member State laws in respect of personal data, and the protection of the “rights and freedoms” of individuals whose information they collect and process in accordance with the GDPR. We acknowledge an individual’s fundamental right to privacy
We are a registered charity in England the number of which is 233599. We are also a registered charity in Ireland and the number is CHY 6440.
Personal data means all data held on any individual person who is connected with our congregation viz. members, donors, and staff.
All personal data is securely and appropriately stored. Where there are hard copies of personal data these are stored in fire proof cabinets and securely locked with only the authorised persons having access to the key which is also securely stored.
The offices are locked once the authorised person has left for the day so there is no access for any person to enter.
Any personal information is obtained fairly and for a lawful purpose. It is used for the purpose for which it was given in the first place and is kept accurate, complete and up-to-date. The information is retained for no longer than is necessary for the specified purpose. Any individual who requests a copy of the data held will be met with a positive response.
We accept that the data subjects have rights that must be respected. These rights include: To complain to appropriate authority when necessary; to have access to their personal data; to change, update their personal data; to have certain personal data deleted; to restrict processing.
Our donors are aware of the fact that any donations received are used for the purpose requested by the donor and for no other. Monies donated will be imbued with the same ethical ethos that informs our charitable mission.
We do not share the personal data of our donors with any third party other than those involved in fulfilling the wishes of the donor or when required to do so by law. These details such as names and addresses are securely locked in our computer systems and hard copies.
Our donors are given the option of continuing to donate to our missionary endeavours or to opt out. This is carried by using the notification set out below.
You may have heard GDPR mentioned in the media recently. The General Data Protection Regulation (GDPR) comes into force on May 25th 2018 and applies to ‘personal data’ – meaning any information relating to a person who can be directly or indirectly identified in particular by reference to a postal address, telephone number, email address, social media identity and CCTV images.
So what does this mean for you?
We bring to your attention your rights as a recipient of RNDM International Mission Newsletters, Christmas Brochures, emails, and postal contacts. You are receiving the above because you have requested them. Once we receive your details, you are added to a mailing list.
We collect, store and use your personal data in accordance with data protection legislation. Specifically,
- Save your details; name, address, postal code and if applicable your email address, onto a password protected secure computer
- Use your name and address to post you copies of Newsletters, projects etc. , from our community at 192 High St Wealdstone HA3 7UA
We do not:
- Use your details other than for the purpose(s) for which they were collected or give your detail to any other person.
More details about these new regulations and how they affect you, can be found in the Privacy Clause on our RNDM website: www.rndm-ukireland.org
If you no longer wish to receive Newsletters, Christmas Projects etc. please contact us by post to: Mission Promoter, Sisters of Our Lady of the Missions, 192 High Street, Wealdstone HA3 7UA;
e-mail: firstname.lastname@example.org and we will update our records accordingly. Many thanks.
Congregation of Our Lady of the Missions CIO
Registered Charity Number: 1189330
Congregation of Our Lady of the Missions (Ireland) CLG
Registered Charity Number: 20011833
We have in place appropriate measures that are designed to ensure that a breach of personal data does not occur. These are mentioned above in the way that we store all personal data relating to our members, donors and staff.
However, we are aware that even with the measures in place a data security breach may occur through human error, sending a document to an incorrect recipient, loss, theft, internet failure, inadequate back-up systems, hacking and ransomware attack, fire, flood.
We acknowledge that any personal data breach can have a negative impact on the lives of those whose personal data had been interfered with and so would wish to prevent this happening.
In the event of a data protection breach we will inform the data Commissioner as soon as possible. We will also inform the affected data subject and any third party should such action be deemed necessary. For example, if the data contained sensitive information relating to a child or vulnerable adult then the safeguarding authorities may need to know; or if there is a financial data breach the relevant financial institution may need to know. It may also be necessary to alert our insurance company of the breach.
While it may be necessary for us to contact the above third parties, we must not disclose the subject matter of the personal data to these parties. If we do we are at risk of creating a second breach of personal data. If the third party should require of us further information we will proceed with caution and possibly take legal advice.
When we become aware of a personal data breach we will assess the risk to individuals in order to ascertain if it is likely to result in a risk to the individual’s rights and freedoms.
- If not, then there is no requirement to notify supervisory authority or individuals. However the breach must be documented and a record maintained by the controller.
- If there is a risk we notify the competent supervisory authority.
- If the breach is likely to be high risk to the individual’s rights and freedoms we notify the individual concerned and provide information on steps he/she can take to protect him/herself from consequences of the breach.
- If the breach is not high risk, there is no requirement to notify the individual concerned.
In all circumstance where a breach has occurred we will document and keep a record of the breach and how it was dealt with.
We store records of our history in a purpose built Archives to which two people have immediate access. Anyone wishing to engage in research contacts our archivist who will arrange for the research to take place. Because of the risks concerning personal data protection we will reflect seriously before granting such a request.
We do not allow any third party to use phones or any other recording devises e.g. cameras within the archives.
We are aware of the need to exercise high levels of prudence and caution in regard to the data that is stored in our archives.
A record will be kept of all those who enter the archives for research.
The computers in our three main offices which hold personal and financial data are locked using a password and are backed up securely.
Any other computers in the building do not contain personal or financial data.
This website is for information only. Its use is governed by the terms and conditions set out here and your continued use of this website implies acceptance of these terms.
INFORMATION WE COLLECT ABOUT YOU
We may collect and process the following data from you in the following forms:
- A cookie, stored on the hard-drive of your computer.
- Email communications from you from our contact page(s) or other forms.
The types of information stored may be of the following type(s):
- Information that you provide by filling in forms on our website.
- Information about your computer and operating system, IP address and web browser if available.
- Statistical information about your visit to our site including time, date, duration and pages visited.
- Preferences chosen by you with regards to your experience on our site such as language selection.
ABOUT COOKIES AND COOKIE USE ON THIS WEBSITE
A “cookie” is a small data file that collects information when a website is visited. Some cookies are used for important functions of the website to help it run properly.
Some cookies only exist whilst you are visiting a website, but “persistent” cookies remain on your computer, either permanently, or for a specified duration before automatically deleting themselves. These “persistent” cookies can help the site to recognise you next time you visit and remember settings that you have chosen.
Our site uses Google Analytics cookies to provide us with information to help us better understand how our website is used by visitors to improve our service, determine the success of marketing or advertising campaigns etc.
This information is not shared with third parties, and we do not use this information to attempt to identify users or their personal information.
Google has further information about their cookies, including how to reject or delete them:
HOW TO REJECT OR REMOVE COOKIES
You can reject cookies from our or any other site by adjusting the setting on your web browser. You may also delete them if you wish.
See the instructions in the help feature on your particular browser.
Please note, however that you may not be able to use certain features of our website with cookies disabled.
HOW WE USE YOUR INFORMATION
Information that you pass to us via our online forms will only be used to fulfil the specific purpose to which the form is designed.
We will not pass your information or personal details to any other third party except for:
- Those directly involved in fulfilling your enquiries.
- Where required to do so by law, or pursuant to the prevention of fraud or any other suspected criminal activity.
All material contained on this website is covered by a disclosure protected by UK and International copyright laws and as such, nothing may be copied, transmitted or disseminated from this website without the express permission of this organisation. Other material is copyright by the owners and is clearly indicated or must be assumed to be copyright.
By continuing to use this website or providing information through the various forms, you agree to consent to the use of our cookies and treatment and storage of your information.