The Society has a responsibility to ensure that there is no unauthorised access or accidental loss of personal or sensitive data. This applies to the following types of data:
Personal Data - any data which relates to a living individual who can be identified from the data ( name, address, post code, etc)
Sensitive Personal Data - concerns the subject’s health or criminal record, or financial information (sort code, account number, debit or credit card details)
Commercially Sensitive Data - any information that could lead to commercial risk to the Society (eg members’ details, group leaders’ details, volunteers’ details)
Volunteers have access to the Society’s volunteer networking lists, which include personal details of volunteers living in the local area. These may be provided in print or electronic format.
The information provided on the lists is confidential and is not to be passed to any third-party. Names and addresses, email addresses and phone numbers are not to be published, distributed or used outside of the Society.
The Society’s policy is to ensure that no person’s details are passed on to a third party without the express permission of that individual. Volunteers have a responsibility to ensure that any personal details they are given or collect are treated with care.
If a volunteer wishes to share information on any of other volunteers with other parties, they must obtain permission from the individuals concerned and record that this permission has been asked for and given.
All hard copies of personal details are to be kept safe and stowed away at night and all redundant documents containing personal details should be shredded.
Hard copies of data should only be taken with you when travelling away from home when absolutely necessary. It should never be left in an exposed or unsecure place and should always be stored out of sight in a vehicle. Hard copies should not be given to other people.
Any personal data stored on desk top computers, laptop computers and mobile phones should be password protected. Passwords should be changed regularly. Portable devices should not be left unsecured or unattended. Electronic documents and files should be deleted when no longer required. Lost or stolen data should be reported to the Regional Manager immediately.
On leaving the volunteer position, the volunteer should ensure all reports, documents and files containing Society data are either passed on to the Regional Manager, or, if no longer required, deleted or shredded.
If you receive a subject access request (ie someone requests all the information the Society holds about them) this should be passed on immediately to the Society’s Data Protection Officer, Marion Wilson, at Head Office – Telephone 01264 321 980
Version 3: 5 July 2016