Wraysbury & Horton Resilience

Wraysbury & Horton Resilience Logo
Wraysbury & Horton Resilience – Supporting the community

Wraysbury & Horton Resilience Data Protection & Confidentiality Policy

Date adopted: 1st April 2025

Review date: 31st March 2026

——————————

1. Introduction

Wraysbury & Horton Resilience (WHR) is committed to protecting the personal data of its members, volunteers, and the community it serves. This policy explains how we handle, store, and protect personal information in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

——————————

2. Scope

This policy applies to all WHR volunteers, committee members, and representatives who handle personal data in the course of their duties.

——————————

3. Definitions

Personal Data: Any information that can identify an individual, e.g. name, address, phone number.

Processing: Any action taken with personal data, including collection, storage, sharing, or deletion.

Data Subject: The individual whose personal data is being processed.

——————————

4. Data Protection Principles

WHR is committed to the following principles:

Lawfulness, fairness and transparency: We process data lawfully and with the individual’s knowledge.

Purpose limitation: We collect data for specified and legitimate purposes only.

Data minimisation: We only collect the data necessary for our activities.

Accuracy: We keep personal data accurate and up to date.

Storage limitation: We retain data only as long as necessary.

Integrity and confidentiality: We handle data securely.

——————————

5. Legal Basis for Processing

WHR collects and processes personal data for the following lawful reasons:

– Consent (e.g. signing up for updates)

– Legitimate interests (e.g. coordinating emergency response volunteers)

– Legal obligation (e.g. safeguarding records)

——————————

6. Data We Collect

Examples of personal data we may collect:

– Names, contact details, addresses

– Emergency contact information

– Health information (e.g. relevant to volunteering roles)

– DBS certificate numbers (if applicable)

——————————

7. Data Storage and Security

– Data is stored securely (password-protected files, locked cabinets)

– Access is limited to authorised personnel only

– Volunteers must not store personal data on personal devices without approval

——————————

8. Sharing Data

We do not share personal data with third parties unless:

– We have consent

– It is necessary for safeguarding or legal purposes

– It is required by law

——————————

9. Rights of Data Subjects

Individuals have the right to:

– Be informed about how their data is used

– Access their data

– Rectify inaccurate data

– Request deletion (subject to legal limitations)

– Restrict or object to processing

Requests should be submitted to the WHR Data Protection Lead.

——————————

10. Data Breaches

Any suspected data breach must be reported to the WHR committee immediately. Serious breaches will be reported to the Information Commissioner’s Office (ICO) within 72 hours if necessary.

——————————

11. Training

Volunteers and members handling data will receive guidance and, where appropriate, formal training to ensure compliance.

——————————

12. Review

This policy will be reviewed annually or when relevant legislation changes.

Data Protection Lead: Dianne Cranmer Dianne.Cranmer@Wraysbury.com