Privacy Statement

Privacy and confidentiality of data is of prime importance to The Sustainable Land Trust (SLT).  

This Privacy Statement sets out the details of our processing of personal information of  employees, service users, volunteers, clients, sub-contractors and supporters as well as those who  receive our marketing information. It is important that you read this statement so that you are  aware of how your information is used and your rights as an individual.  

The SLT Data Controller is Mrs Kathryn Hiseman 

[email protected] Mobile: 07718 997915 

We store personal information and process it in both electronic and paper form and draw upon it  for administration, communication, legal and commercial purposes. We are required by law to  obtain your consent to use your details, otherwise known as Personal Data, to tell you what we do  with it and how we protect it. This statement helps explain our policy, what your rights are and  what you can expect of us. SLT work always within our General Data Protection Regulations Policy  (GDPR) of which this statement forms a part.  

Terminology: 

GDPR General Data Protection Regulations 2018 – Data Protection law 

Data Controller The person who determines the purposes for which your data is  processed and the manner in which it is processed. 

Data Processor Any person who processes your personal data on behalf of the  Data Controller. 

Data Subject The living identifiable individual who is the subject of personal data – you.  

Cookies A small text file placed on your device by our website. See the Cookie Notice on  our website and the Privacy & Electronic Communications Regulations 2003. 

What is personal data?  

Your name and address, your email and your phone number are examples of personal data, but  so is any other information that can identify you an individual. This personal data belongs to you  and organisations like ours need your permission to store and use it (control and process it). We  have to tell you how we do this and give you the option to withdraw your permission.  

Identification can be by the information alone or in conjunction with any other information in the  Data Controller’s possession, or likely to come into its possession. The processing of Personal Data  is governed by the GDPR. 

What data do we collect about you?  

The type of personal data we collect about you will depend on the nature of your relationship with  us.  

• You may be an Employee, a Service User, A Volunteer, a Client, a Sub-Contractor or a  Supporter. 

• Information required for all categories includes: full name, address, contact information • Depending on your relationship with us we may also need further information such as a  DBS check, driving licence number, Parent/Guardian full contact details (if under 18) etc. • If we require any further information we will explain why it is needed.  

• We also need to know your communication preferences, what you wish to hear about us  and how often. 

How do we collect your personal data?  

We collect data in the following ways: 

• It is given by you 

• It is collected automatically eg from our website using cookies and data analytics • When you contact us by post, phone, emails or via digital platforms 

• When you respond to our marketing information  

How do we process your personal data?  

SLT complies with its obligations under the GDPR by keeping personal data up to date; by storing  and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting  personal data from loss, misuse, unauthorised access and disclosure and by ensuring that  appropriate technical measures are in place to protect your personal data. 

We use your personal data for the following purposes: 

• To manage records of employees, service users , volunteers, sub-contractors and clients • To manage financial records (including gift aid) 

• To share information with statutory bodies eg HMRC 

• To run external events eg site surveys, marketing events 

• To inform you of news, events, activities and services 

What SLT information may contain your personal data?  

With your specific permission your details may appear in marketing materials such as on our  website, on our social media sites or in our printed material such as a newsletter.  

How long do we keep your personal data?  

We do not keep data for any longer than it is necessary. It may continue to appear in printed  material until such time as it is updated, replaced or deleted.  

What is the legal basis for processing your personal data?  

• For employees we have legal obligations to meet 

• For volunteers we mostly require explicit consent btu there may also be a legal obligation  under Safeguarding for a DBS check (possibly with de-barring checks) 

• For clients and sub-contractors it is a contractual obligation 

• For service users it is a contractual obligation 

• For supporters it is legitimate interest to keep you up to date with our news 

Sometimes there can be more than one legitimate reason to process data but only a single reason  is required. SLT will not disclose information to any third party without your explicit consent except  where we need to meet our own legal obligations eg HMRC.  

Keeping information secure  

All data is stored securely and in accordance with GDPR; for example, personal information is  stored on a server with specific and restricted access internally, user permissions and file  passwords are also used. We use technical and organisational measures to deal with any  suspected data breeches, for example, we use Internet security programs such as a firewall, anti malware and anti-virus, and we have policies and procedures in place to manage data. If you  suspect any misuse, loss or unauthorised access to your information please let us know  immediately.  

Your rights & your personal data  

Unless subject to an exemption under the GDPR, you have the following rights with respect to  your personal data: 

• The right to access: you can request a copy of the personal data held about you • The right to correct: you can request correction to inaccurate or out of date personal data • The right to erase: you can request erasure of personal data where it is no longer  

necessary to retain such data (subject to SLT meeting its own legal obligations) • The right to object: you can object to processing of your personal data or withdraw your  consent to the processing at any time 

• The right to data portability: you can request your personal data in order to store or  transmit that data directly to another Data Controller 

• The right to restrict: you can request a restriction is placed on further processing where  there is a dispute in relation to the accuracy or processing of your personal data  • The right to complain: You can lodge a complaint with the Information Commissioners  Office:

Safeguarding  

SLT takes Safeguarding of Children, and Adults at Risk, very seriously. We operate Safeguarding  Policies and procedures internally, but we also have regulatory obligations to co-operate with  external bodies and law enforcement, local and central government agencies, should it be  necessary. In such circumstances, sharing of personal data will take priority over data protection.  SLT also operate a Whistleblowing Policy. 

Online presence  

SLT maintains its own website(s) and cookies are used online to make the site(s) more usable by  enabling basic functions like page navigation. Users may change their cookie consent preferences  at any time within the site. 

Some Personal Data is processed electronically online, for example, to make a donation, and/or to  sign up to Gift Aid, or to gather emails from supporters to receive newsletters and updates.  Personal Data is also processed online to circulate marketing emails through a third-party bulk  email programme. Some Personal Data may be used on social media sites.  

Online analytics are used to track site usability, but personal details are not collected. No personal  data is used online without explicit permission.  

SLT Wi-Fi  

SLT provides wi-fi access to authorised personnel only and operates an Acceptable Use of IT  Policy for Staff & Volunteers, for Students, Young People & Beneficiaries, and an E-Safety Policy.  The wi-fi is password protected and its use is strictly limited. Service users under 18 years of age  can use the wi-fi only with supervision.  

Further Processing  

If we wish to use your personal data for a new purpose, not covered by this statement, we will  provide a new statement explaining this new use prior to commencing the processing. Where  and whenever necessary, we will seek your prior consent to the new processing. 

Contact details  

To exercise all relevant rights, queries or complaints, please contact in the first instance: Office Manager: Tel 07712 481952 [email protected] 

Scroll to Top