This document describes the HASTINGS BUSINESS CRIME PARTNERSHIP (the Partnership), explains why the Partnership processes the personal data of specific individuals (Members) and the lawful basis for that processing. It describes the kind of information about Members that the Partnership processes and what it does with that information.
Hastings TN34 3NA
The Partnership’s Data Controller is responsible for ensuring its compliance with current Data Protection law and can be contacted at the above address or email address. The Partnership is registered with the Information Commissioners Office as a Business Crime Reduction Partnership
Purpose of processing personal data
The Partnership processes Members’ personal data for the following purposes:
· to enable the efficient management of the Partnership; to manage the membership of the Partnership including subscriptions where relevant; invitations to the Partnership’s meetings;
· to defend and indemnify the Partnership in case of any Member’s non‐compliance with the Partnership’s Rules & Protocols;
· to enable the Partnership to communicate efficiently to Members by sending only relevant news, alerts and documents, and information about events which are relevant, to them.
Lawful basis of processing
The partnerships existing contract/agreement between itself and its Members requires that Members provide their name, postal and email addresses, telephone etc to the partnership. This contract/agreement means that the partnerships lawful basis for processing Members’ personal data is ‘contract’ and therefore the Partnership can process Members’ personal data without their further consent.
Categories and types of personal data processed
· Name, Business Name and place of employment, postal and email addresses, telephone and other contact details will be processed;
· No sensitive or ‘special category’ personal data (ethnicity, sexuality, religious beliefs etc) is processed by the partnership.
Sources of personal data
· Partnership obtains Members’ personal data from existing contracts/agreements with Members;
Recipients of member’s personal data
· Partnership Management, Data Controller and formally contracted
Data Processors may access Members’ personal data;
· Members personal data will not be passed to any third party organisation unless to the Police under warrant or with express permission of the member;
· The Partnership will not transfer Member personal data outside the UK.
Data retention period
The Partnership will retain Members’ personal data only for as long as each Member remains a Member of the Partnership; when a Member ceases to be a Member of the Partnership he/she must confirm this with the Partnership’s Management as specified in the Partnership’s Rules & Protocols at which time all associated personal data will be irrevocably deleted.
In the case of submitted reports, the submitting Member’s email address only will continue to be associated with such reports for as long as the report is retained by the Partnership; this is required where a report may be used for evidential purposes in legal proceedings.
Members can obtain a copy of all their personal data held by the Partnership; Members may access this at any time on the Partnership’s online system or may be obtained on application to the Data Controller (see Contact Details above).
Members have the right to complain about the Partnership to the Information Commissioner at https://ico.org.uk/concerns/handling/