The John Godber Centre
At the John Godber Centre we have always honoured our clients right to data privacy and protection. We do not use data collected for any purpose other than the reason it was supplied and will not share your data with any other parties. We place a high priority on protecting and managing your data and will ensure we are compliant with legislation.
If after reviewing our policy you have any queries or concerns please email – email@example.com or write to us: John Godber Centre, Ogle Street, Hucknall, Nottingham, NG15 7FQ
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession.
The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”). The governing body is the Information Commissioner’s Office (the “ICO”).
Who ARE WE?
For the purpose of the “GDPR” the data controller, registered with the ICO is The Parochial Church Council of the Ecclesiastical Parish of Hucknall Torkard (‘PCC’ and ‘PCC of Hucknall’).
This policy relates to: The John Godber Centre, Ogle Street, Hucknall, Nottingham, NG15 7FQ
HOW DO WE PROCESS YOUR PERSONAL DATA?
The PCC of Hucknall (and The John Godber Centre) complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
WHAT IS THE LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA?
The John Godber Centre collects data on a lawful basis to arrange or fulfil a contract and meet legal obligations.
We collect and use your personal data to enable us to enter into, administer and manage your hire booking with us in order to fulfil our contract with you and your data will only be used for the purpose it was given. This will include contacting you about your event requirements, sending you information relating your booking(s), sending you invoices, requesting information about returning payments, promoting your event/sessions where you have asked us to.
Responding to requests
We collect and use your personal data to enable us to contact you in response to an enquiry and respond to any communications you might have sent us (either email, phone or messages on social media) to provide information asked for.
Where a provisional booking has been made and you have voluntarily provided us with contact information this will be used to contact you to confirm the booking and arrange a booking contract with you or cancel the enquiry. Your information will not be used for any other purpose if the booking is cancelled.
Our new online contact form will be used to collect and use your personal data to enable us to inform you of news, events, activities, offers and services or enquiries at the John Godber Centre that you have opted into.
We will only send marketing and promotions if you provide consent to do so via our new contact form on our website (http://www.johngodbercentre.co.uk/contact-or-find-us), or have opted in to receive email communications at the point of making your booking. All previous marketing and contact lists will no longer be used unless you are a previous customer to whom we send priority booking notices to (i.e. Stall Events).
We may invite you to complete surveys or provide us with feedback. You can choose not to take part.
We do not share your information with any other third party including suppliers other than promoting your events and sessions on our website, in the building and on our social media pages by request.
Please note that in line with the John Godber Centres premise licence conditions CCTV is installed in the building and overlooking the carpark which captures personal data about visitors to the Centre building and Church carpark. This is for the prevention and detection of crime and for protecting the safety and security of our visitors, guests and staff whilst at The John Godber Centre. We will only share this information with individuals themselves or in response to legal proceedings.
HOW LONG DO WE RETAIN YOUR INFORMATION?
We will only retain your personal data for a reasonable period; after you have stopped being an active enquirer, customer or supplier and as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements (up to 7 years).
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Data you provide us by filling out our booking forms, completing our online contact form or information you provide us by corresponding with us by telephone, email or messenger. This includes name, address, email address and telephone information
- In order for us to make payments to you (as a customer or supplier) we may ask for financial information
- Email and letters may be kept as a record of correspondence
- Information that we collect about you on our websites – IP Addresses and Cookies.
With regard to each of your visits to our site we may automatically collect the following information:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
This information enables us:
- To estimate our audience size and usage pattern
- To recognise you when you return to our site
- Make improvements to the customer experience
- Understand which promotional tools are successful.
By visiting this or any of our websites (also referred to as “sites”) you are accepting and consenting to the practices described in this policy.
This policy only applies to our website. If you leave our site via a link or otherwise, you will be subject to the policy of that website provider. We have no control over that policy or the terms of the website and you should check their policy before continuing to access the site.
Most modern browsers allow you to refuse to accept cookies and delete cookies. The methods used to refuse or delete cookies differ depending on the browser used and its version. Up-to-date information on these methods can be found using these links:
SHARING YOUR PERSONAL DATA
Your personal data will be treated as strictly confidential. The John Godber Centre does not share your personal data with any third party company or organisation other than those listed below and for the purposes listed. We will not share your data with suppliers booked by us or to any other third parties than those listed below without your consent.
- The Parochial Church Council of the Ecclesiastical Parish of Hucknall Torkard as data controller includes St Mary Magdalene Church (of which John Godber Centre is the Church Hall) St Peter and St Pauls Church and Church Hall, St Johns Church and Church Hall. Personal data may be shared with individuals from these organisations but only used for the purpose it was given and for reasons stipulated in this policy (reporting, accounting or response to correspondence from you) Marketing from these other organisations will only be sent if consent has been given by our new contact forms and you have requested to receive marketing materials from the Churches and Church Halls.
- St Marys Trading Company holds the premise licence for the Centres bars and only the hirers surname and type of party will be shared with individuals from this company in order for the John Godber Centre to fulfil its contract with you and for reasons stipulated in this policy (reporting, accounting or response to correspondence from you). Other personal data, address, email or phone numbers, will not be shared with this company.
- Our insurers where necessary in connection with our insurance cover and provision, including CCTV footage.
- Our accountants for accounting and tax purposes.
- We may transfer your personal information to a third party as otherwise permitted by the “GDPR”, for example legal advisors or in order to comply with a legal requirement or obligation placed on us by law. We may be required to share personal information with statutory or regulatory authorities to comply with statutory obligations. Such organisations include the Health and Safety Executive and police for the purposes of safeguarding children.
- We may transfer CCTV to a third party security organisation (e.g. Police) in respect of any connection with a crime or security issue.
- The John Godber Centre uses external cloud based systems for its IT and accounting and personal data is stored on these systems though not directly shared with these third parties. These systems are encrypted and accessed by passwords by Centre staff and volunteers and the information stored is only for the purposes it was collected for.
INFORMATION WE RECEIVE FROM OTHER SOURCES
There are times we may receive personal data from third parties in order to fulfil the contract of the booking (i.e. trainer contact details, sub-contractor’s details, guest details) This data will be treated the same as data received from an individual outlined in this policy.
WHERE WE STORE YOUR PERSONAL DATA
We do not store or transfer your personal data outside of our organisation or the UK.
Booking forms, invoices and printed correspondence are kept in the Centre office which is only accessible by staff and volunteers and is locked when not occupied and stored in a locked cabinet. Financial information provided for the purpose of refunds and payments to customers and suppliers are kept in a locked cabinet at all times.
Our CCTV system is also in the locked Centre office and footage is held for 31 days in line with our premises licence conditions.
Our accounting package (storage of information for customer’s invoices and supplier payments), email, remote desktop and computerised diary (storage of customer information relating to enquiries and bookings and electronic copies of correspondence and reports) are cloud based systems operated by external providers who have all confirmed their GDPR compliance and privacy policies. Access is password protected and there are firewalls in place to protect against external breaches.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –
- The right to request a copy of your personal data which the PCC of Hucknall holds about you;
- The right to request that the PCC of Hucknall corrects any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for the PCC of Hucknall to retain such data;
- The right to withdraw your consent to the processing at any time
- The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable) [Only applies where the processing is based on consent or is necessary for the performance of a contract with the data subject and in either case the data controller processes the data by automated means].
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data, (where applicable) [Only applies where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics]
- The right to lodge a complaint with the Information Commissioners Office.
Further details on these rights, when they apply, how to exercise them and the exemptions and wider rules and requirements that apply to such rights can be found by visiting the Information Commissioner’s website at ico.org.uk
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We may wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
Any breaches in data protection will be reported within 72 hours of us becoming aware of the breach.
To exercise all relevant rights, queries or complaints, please in the first instance contact the Centre Manager at firstname.lastname@example.org
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.