Privacy Policy for Totally Leighton Buzzard

In accordance with the UK's General Data Protection Regulation (UK GDPR and other relevant legislation) and as a responsible local community group, Totally Leighton Buzzard is committed to protecting your privacy and to making sure all your personal information is handled in a safe and responsible way. 

This policy explains more about why we need or hold your data, our purpose in holding personal data and what your rights are and how we aim to adhere to excellent data protection principles as a community group. 

Definition of Personal Data

Personal Data means any information that can be used to identify a person -- such as name, address, telephone number etc. By providing your personal data, you agree that we can use it in accordance with this policy. Please make sure you take time to read our policy and understand it.

Who we are

Totally Leighton Buzzard (including the Repair Cafe Leighton Buzzard) Email: totallylocallyleightonbuzzard@outlook.com

When and what information we collect

You provide personal information such as your name and email address when you either email, make an online enquiry or booking to attend one of our Repair Café events or one of our other community events such as Fun Palaces. 

We also collect personal information if you want to become a volunteer. 

We will only collect, store and use the minimum amount of data that we need for clear purposes, and will not collect, store or use data that we do not need. 

We will only collect, store and use data for: 

  • Purposes for which an individual has given explicit consent, or 

  • Purposes that are in our group's legitimate interests, or 

  • To protect someone's life, or 

  • To comply with legal obligations 

Your information may be stored securely on a third party website (ie Google Drive) for administration purposes, such as issuing of a newsletter or to advise you of group activities. 

Your information is never shared or passed on to any other third party groups, organisations or individuals without your  consent. 

How your information is used

Our use of your personal data will always have a lawful basis. Your data will be used because you have consented to our use of your personal data and because it is in our legitimate interests. 

We require your details to understand and respond to your enquiry, to provide you with a prompt and reliable service, and to send marketing communications and/or newsletters when they become available and if you have opted in to receive them.

Who has access to your information?

We will not sell, distribute, or lease your personal information to third parties. Any personal information we request will be safeguarded under current legislation.

Your personal data will be kept for as long as it is needed in order to use it as described in this privacy policy, and/or for as long as we have your permission to keep it. Personal data can be deleted on request.

Your choices

You have a choice about whether or not you wish to receive information from us. We will not contact you for marketing purposes by email unless you have given your prior consent. We will not pass your details to any third parties for marketing purposes. Also, you can change your marketing preferences at any time by contacting us by email.  

You have a right to request a copy of the personal information we hold about you and have any inaccuracies corrected. Any such requests should be made via email.  

To withdraw your consent to us using your personal data at any time, and to request that we delete it, please email the group. 

We will not keep your personal data for any longer than is necessary.

Security

Data security is very important to us. We have taken suitable measures to safeguard and secure data collected, such as ensuring that any computers used by the group are password protected. 

We will endeavour not to have data breaches. In the event of a data breach, we will endeavour to rectify the breach by getting any lost or shared data back. We will evaluate our processes and understand how to avoid it happening again. Serious data breaches which may risk someone's personal rights or freedoms will be reported to the Information Commissioner's Office within 72 hours, and to the individual concerned. 

Review of this policy

We keep this policy under regular review and always welcome your comments. If you have concerns about this our privacy policy or believe that Totally Leighton Buzzard has not adhered to this policy, please email: totallylocallyleightonbuzzard@outlook.com and we will take reasonable efforts to promptly determine and remedy any issue.

9 February 2023 - Totally Leighton Buzzard