1230 TWC - data privacy policy

1.          Values

Thank you for trusting us with some information about you.  We take that trust seriously and we want you to know how we use your information and why.

If you have queries about how we use your data, or comments or questions about this Policy, please do email us at meetings@1230.co.uk.

Policy updates: We keep this Policy under regular review, and this page may be updated from time to time.  Please come back here to check the latest version.  This Policy was last updated on 01 August 2018.

2.          Who are we?

We are 1230 The Women’s Company Ltd (“1230 TWC”), a limited company incorporated in England.

The Managing Director is Jackie Groundsell.

Contact details      email:  jgroundsell@1230.co.uk

telephone: 020 8650 8015

3.          Words with specific meanings

In this Policy, there are words and phrases that have a specific meaning or that we are using in a special way.  They are:

“personal data”               any information about an identifiable living human being.

“process”                       we “process” your personal data when we do anything with it, which might include:  collecting, recording, organising, storing, adapting, altering, retrieving, using, combining, disclosing, or deleting it.

“special category data”    means personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life or sexual orientation, health, genetic or biometric data.

4.          What this policy describes

This policy describes how we will collect and use personal data about you.

We process information about:

“Prospects”                    potential members and non-member meeting attenders;

“Members”                     current or past members of 1230 TWC;

“Suppliers”, “Associates”  suppliers or potential suppliers of goods or services to us.

5.          What information do we process, and WHY?

a.          Prospects and Attenders

Our new Members come mostly from referral by existing Members, from personal contacts made by people hosting 1230 TWC meetings, or via social media (sometimes we reach out to prospects, sometimes people approach us).  We may extend invitations to meetings by email.

Data we are collecting about you, if we can, are name, contact details, how we came across you, and background information from you or published by you on social media or freely accessible on the internet, on why you might be interested in joining 1230 TWC or how 1230 TWC might be of relevance or support to you.

If you sign up to our newsletter list, you will be sent what you asked for.  We normally operate ‘double opt-in’ lists when you need to reconfirm your subscription before anything is sent.  You can unsubscribe at any time by clicking the unsubscribe button on any email.

Our newsletter list is on Constant Contact.  Their Privacy Policy is here.  Constant Contact Inc is a US company.  They comply with the EU-US and the Swiss-US Privacy Shield Frameworks, providing for adequacy of data protection procedures for applicable English law.

If you book to attend a meeting or event, that is normally done on Constant Contact (see above), where we keep a record of your attendance. This is backed-up via Zapier, their Privacy Policy is here and then to our standard Microsoft application. We might also use Eventbrite from time to time.  Their privacy policy is here.  They also comply with the EU-US Privacy Shield Framework.

Financial and credit card details

Payment for meetings and events is usually handled through PayPal – their privacy policy is here.

You may pay in cash for meetings/events.  If you do so, your details and your payment will be recorded so that we can administer and manage our records properly.

At meetings/events where the Managing Director is present, you will also have the opportunity to pay by credit/debit card. The card-reader is provided by SumUp.  We do not hold your credit card details.  SumUp’s privacy policy is here.

We hold such personal data information that is routinely transmitted to us by SumUp and Paypal and our bank (Natwest) in order to administer our accounts.

Email

If we email you individually using our own email system, or respond to an email sent to us at any of our business email addresses, a copy of that email will also be stored.  We use Microsoft Outlook email, and their privacy policy is here.

We do not routinely keep special category data.  To the extent we might hold this, it was supplied or made publicly available by you.  The only reason why we might have to use this information would be to facilitate your attendance at meetings or events.

We process your personal data to send you the newsletter by consent – and when you withdraw your consent (by unsubscribing) we stop sending it.

Our other processing of your personal data is done on the basis that:

(1)     it is necessary for the performance of our contract with you about attending a meeting or event, or to take steps prior to entering into that contract; or

(2)     it is necessary for the purposes of our legitimate interest in developing, growing, and administering the Company, and our usefulness to our Members, and to provide relevant training and business support to them.

Our assessment is that the limited processing that we are doing will not be intrusive or objectionable.

b.          Member

We collect and keep the same information as for ‘Prospects and Attenders’ (see above), and record that you are a Member (as this gives you reduced rates for coming to meetings and other benefits and features of being a 1230 TWC Member).

We keep details of current and past Members on Constant Contact (privacy policy here).

In addition to the basis for processing data of Prospects and Attenders, we are also processing your data where it is necessary for the performance of our contract of your membership, and where it is necessary for our legitimate interests in managing and administering membership.  We assess that this will not be intrusive or objectionable to you.

c.           Supplier and Associates

We collect information on potential and actual suppliers and associates.  We generally use Members to provide services to the Company.  Most of the information we hold is provided by you, but we do add to it the same kind of data we use for Prospects (see above).

If you become a supplier or associate we keep a copy of the contract between us and your bank details so we can pay you.  We also keep a record of invoices/payments for accounting purposes.

We keep a record of the work you undertook for us, along with any comments, reviews or suggestions about that work including complaints (if any) and their resolution.

This information is all needed to manage our customer relationships and our supply chain.

6.          Social media

We have an active presence on social media on LinkedIn  Facebook Twitter Pinterest and Instagram (Click the name of the platform for a link to their privacy policy.)

We can see the profile of people who like our pages or link/connect with us on social media.  We participate in conversations/comments, and we can see what you post and what you have published about yourself.

Information you publish will be visible to us, depending on your privacy settings in the relevant platform. Your information is held by the platform and is subject to their data policy – we don’t control those.

7.          Newsletters and Automated emails

We may monitor who opens what in our newsletter lists, and pre-set sequences of information we send you.  We do this so we can see if content is popular and generate more of it, or if it is not read.

There may be sub-routines that trigger if you click on links or articles.  These are designed to offer you more information about things you are interested in.

You can unsubscribe from these sequences at any time.

From time to time, we contact individual email newsletter subscribers but this is rare.  This would normally be if something odd were going on and we wanted to check you could see and use the content or find out what was causing a problem.

8.          Data sharing – 3rd parties

We do not sell or exchange your personal data with organisations which may want to sell you something or use your data for research or other purposes.

a.          Platforms

As described above, we are processing data on Constant Contact, Eventbrite, and Outlook/Microsoft 365.  These are all EU-US Privacy Shield compliant.

b.          People

We are a micro-organisation.  The Managing Director is the principal processor of personal data.

If we need to use external suppliers (for example, VA or IT support), they may have some access to your data – which will be limited to what is necessary for them to provide their services to us.

9.          Where is your data located?

Like most micro-organisations, we do not have any tailor-made software – we use mainstream packages for everything from our customer records, to email, to accounting.  Some of your data may be held in the EEA, and some may be held in services in the USA (with suitable data privacy shields).  We have picked mainstream suppliers with appropriate security standards.

10.        Retention periods

Your information will be kept during and after membership, and on the newsletter list until you unsubscribe.  We retain our meeting attendance data indefinitely, on ICO advice that your attendance at meetings might be relevant in your defence of legal proceedings.  Data on Eventbrite and Constant Contact is retained in accordance with their policies.

We keep financial information for seven years in order to satisfy the authorities.

11.        Your rights

You have the right to know what information we are collecting on you, and to amend it if it is inaccurate.

If you feel for some reason we have information we should not be keeping, or it is out of date or otherwise wrong, please let us know and we will take appropriate action.

Most of the information we hold is not based on your individual consent but is based on our needing the information to grow and run our Company.

If you want to know what information we have about you (if any) email us at the email address set out above and give us your name, email address(es) and we will happily do a search and let you know what information we hold on you and how we are using it/have used it.

You have a “right to be forgotten” - but that does have some legal limits to it.  If you want us to remove information about you, let us know.  If you have been a Member, we may not be able to remove all data as we will have to ensure that we can continue to comply with legal, accounting, and taxation requirements.

The generally applicable rights always apply: right to be informed, right of access, right to rectification, right to erasure, right to restriction and so on. For more information please see Your rights in relation to your personal data.

12.        Complaints

If you have a complaint about the way we are handling your information or how we have responded to a request for information or removal, you can take this up in the first instance by emailing us at the email address set out above.

If we can’t sort it out, the relevant supervisory authority for us is the Information Commissioner for the UK.  You can contact them here.

13.        Cookies

If you visit our website, we use cookies and similar technologies to

-        recognise your repeat visits and preferences

-        analyse our website traffic

Our cookies do not identify you personally to us.

If you click through a link on our website to a different website, then the cookie policy for that website will then apply to your session, and we have no control over those.

To learn more about cookies, including how to disable them, view http://www.allaboutcookies.org/ or https://www.aboutcookies.org/.

By using our website, you agree to our use of cookies unless you have disabled them yourself.  Please note that by deleting or disabling future cookies, your user experience may be affected, and you might not be able to take advantage of certain functions of our site.