GDPR Privacy Notice
Welcome to the privacy notice for the Sierra Women Independent Group (SWIG)
Sierra Women Independent Group (SWIG) respects your privacy and are committed to protecting your personal information (personal data). This privacy notice lets you know how we look after your personal data which either you provide to us or we obtain and hold about you and it tells you about your privacy rights and how the law protects you.
It is important that you read this privacy notice so that you are fully aware of how and why we are using your data.
Sierra Women Independent Group (SWIG) is a Data Controller and is committed to protecting the rights of individuals in line with the Data Protection Act 2018 (DPA) and the new General Data Protection Regulation (GDPR)
If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the relevant executive member using the contact details below
Our full details are:
Sierra Women Independent Group (SWIG)
Malcom X Community Centre
141 City Rd,
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance
The data we collect about you
Personal data, or personal information, means any information about a living individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We only collect and store identity and contact data.
Identity Data includes first name, last name, title and date of birth
Contact Data includes home address, email address and telephone numbers e.g. information used to contact you.
How your personal data is collected
Sierra Women Independent Group (SWIG) collects personal data from and about you through direct exchanges.
You may choose to provide personal information to us directly e.g. by speaking to us at Sierra Women Independent Group (SWIG) events, by filling in forms when you become a member or by corresponding with us by post, phone, email or otherwise.
How we use your personal data
Sierra Women Independent Group (SWIG) takes its obligations under data protection law (including the General Data Protection Regulation (GDPR)) seriously. We keep personal data as up to date as possible and take active steps to rectify any personal data we find to be incorrect. We store and destroy personal data securely and do not collect or retain personal data which is in excess of our processing activities. we take steps to protect all personal data from loss, misuse, unauthorised access and disclosure by ensuring that appropriate measures are in place to protect personal data.
Sierra Women Independent Group (SWIG) ensures that personal data is processed in accordance with the principles of the GDPR and is processed:
Lawfully, fairly and in a transparent manner;
For specified, explicit and legitimate purposes and not processed in a manner which is incompatible with those purposes;
Accurately, relevantly and limited to what is necessary in relation to the purposes for which it is processed;
Kept accurate and where necessary kept up to date, with all reasonable steps being taken to ensure that all inaccurate data is erased or rectified without delay;
Is not kept longer than is necessary for the purposes for which the personal data is processed; and
In a manner that ensures appropriate security of the Personal Data including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical and organisational measures
How we use your data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests. Legitimate interest means the interests of Sierra Women Independent Group (SWIG) in operating as a membership organisation, supporting our members and the communities we work in. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Purposes for which we will use your personal data
Notifying you about events and fundraising
We like to notify our members about upcoming Sierra Women Independent Group (SWIG) events and fundraising opportunities so that you can play as much of a role in the life of Sierra Women Independent Group (SWIG) as you choose from time to time. Most of the time we will let you know about such opportunities on the basis that we have a legitimate interest in doing so.
You can ask us to stop sending you messages about Sierra Women Independent Group (SWIG) events or fundraising at any time by contacting any member of the Sierra Women Independent Group (SWIG) board.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Disclosures of your personal data
Sharing your personal data
We treat all personal data as strictly confidential, except where consent has been provided for it to appear in publications available to general members of the public.
Personal data will not be shared with third parties unless we are legally obliged to do so or:
with your explicit consent;
it is necessary for law enforcement purposes; or
it is necessary to protect our rights, property or safety of our members.
We implement reasonable and appropriate security measures against unlawful or unauthorised processing of personal data and against the accidental loss of, or damage to, personal data in accordance with our internal data security policy. In addition, we limit access to your personal data to those members, volunteer and executive members who have a need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place reasonable and appropriate procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How long will you use my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances you can ask us to delete your data. Please contact a member of the board if you require your data deleted.
Contacting the ICO
Further information, guidance and advice is available from the ICO at:
Information Commissioner’s Office
Tel: 0303 123 1113
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month.