National Association of Writers' Groups
Privacy & Personal Data
Personal data represents information about a person which is identifiable as being about them. The data can be stored electronically or on paper, and includes images and audio recordings as well as written information.
Data protection is about how we, as an organisation, ensure we protect the rights and privacy of individuals; and comply with the law when collecting, storing, using, amending, sharing, destroying (paper) or deleting (electronic) personal data.
Overall and final responsibility for data protection lies with the Executive Committee, who are responsible for overseeing activities and ensuring this policy is upheld.
All volunteers are responsible for observing this policy and related procedures, in all areas of their work for the association.
↑ Overall Policy Statement
The National Association of Writers' Groups (NAWG) needs to keep personal data about its committee, individual members, writing groups and their members, volunteers and supporters in order to carry out the association's activities.
We will collect, store, use, amend, share, destroy or delete personal data only in ways which protect your privacy and comply with the General Data Protection Regulation (GDPR) and other relevant legislation.
We will only collect, store and use the minimum amount of data that we need for clear purposes; and will not collect, store or use data we do not need.
We will only collect, store and use data for:
- Purposes for which you have given explicit consent, or
- Purposes that are in our our organisation's legitimate interests, or
- Contracts with the individual whose data it is, or
- To comply with legal obligations, or
- To protect someone's life, or
- To perform public tasks.
We will provide you with details of the data we have about you when requested.
We will delete your data if requested by you, unless we need to keep it for legal reasons.
We will endeavour to keep personal data up-to-date and accurate.
We will store personal data securely.
We will keep clear records of the purposes of collecting and holding specific data, to ensure it is only used for these purposes.
We will not share personal data with third parties without your explicit consent, unless legally required to do so.
We will endeavour not to have data breaches. In the event of a data breach, we will attempt to rectify the breach by getting any lost or shared data back. We will evaluate our processes and understand how to avoid it happening again. Serious data breaches which may risk someone's personal rights or freedoms will be reported to the Information Commissioner's Office within 72 hours, and to the individual concerned.
To uphold this policy, we will maintain a set of data protection procedures for our committee and volunteers to follow.
This policy will be reviewed as necessary. It was last updated on 31st July 2018.
— Pam Fish, Chairman.
↑ Document History
|Version||Date||Who||Description / Changes|
|1.0.0||23-Jul-2018||KJM||Public release candidate.|
|0.3.2||10-Jul-2018||KJM||Preparations for converting to downloadable and printable documents.|
|0.1.1||24-May-2018||KJM||Converted to HTML and annotations for comments, questions and review added by Kevin. Also minor spelling and punctuation corrections.|
|0.1.0||23-May-2018||VLL||Original document provided in DOCX format.|
|Posted by:||Kevin Machin||Date:||June 13, 2018 6:40 pm|
|Comments:||0 – permitted||Article:||6404 – public|