Cornwallis East Kent Freemasons Charity (CEKFC)
Privacy Notice
About Us.
We are a local charity registered with the Charity Commission – Charity Number 1153575 operated and supported by Freemasons from within the Province of East Kent. Our aim is to provide financial relief to support those in need and support the personal development young people living in Kent. The Charity relies on contributions from local Freemasons complimented by income from investments; monies raised are used to provide grants to local people or organisations whose needs meet the scope of our constitution.
Data Protection Governance.
The data processing we carry out meets the definition of a data controller as defined in the Data Protection Act 2018 and UK GDPR. We are therefore obliged and committed to comply with the legal obligations set out in the relevant legislation. However, following consultation with the Information Commissioner Office they agreed as a small charity we are exempt the need to register with them and the need to pay the annual registration fee.
Why it is necessary to process your data.
We process your personal information to enable us to function as a charity. Your personal data enables us to consider applications, to award grants, manage donations, to fund raise, communicate with supporters and maintain relationships with previous applicants. Also, to manage the governance, financial management and administration of the charity.
The type of personal data we process.
- Your name – title, forenames, surname, and post nominal titles.
- Your contact details – including your postal address, delivery address, and email address.
- Personal identifiers – including you date of birth, and IP address.
- Financial information – including bank account, credit or debit card information and details of your tax status regarding gift aid eligibility.
- Personal information – in some circumstances information about your health or gender.
- Images – images and videos of you.
- Website usage – we use cookies on our website, our cookies policy can be found on the site.
Our legal basis for processing.
With Your Consent. Article 6(1)(a)
We sometimes capture photographic images and videos promoting events and functions to use for publicity and promotional purposes. We will seek your consent before using an image or video in which you feature.
If You Enter Into a Financial Transaction with Us. Article 6(1)(b)
As a donor you may elect to set up an automated payment agreement with us or chose to donate using the gift aid scheme.
In Our Legitimate Interests Article 6(1)(f).
We rely on this lawful basis for most of the administrative, financial, and promotional activities we need to carry out to operate our charity. We always balance our own legitimate interests with those of your own ensuring your own rights, freedoms and privacy are not compromised by what we do.
How is your personal information shared.
We only share your personal information when it is necessary, we use sharing agreements with other organisations when required and will always exercise due diligence and care before sharing. We do not share or sell your personal information for marketing purposes.
We may share your information in the following circumstances:
Amongst our staff, trustees, accountants and sponsoring Masonic Lodges and Chapters.
Submissions to regulatory bodies for compliance and accreditation purposes.
To a court, government body or law enforcement authority if legally obligated to do so.
Using Our Website
We have published a separate cookie policy specifically setting out how we use your data when accessing our website.
How we keep your information safe
We fully understand our responsibility and the duty of care we must exercise to protect your privacy. We take appropriate organisational and technical steps to safeguard it whilst it’s in our care. This includes:
· Restricting access permissions so that only those who require to use it may have access.
· Proportionate technical preventative solutions are installed on our systems.
· Using encrypted computers.
· Ensuring our staff are trained and understand potential risks.
· By using adequate technical and physical security solutions.
· When transferring data to a third party, sending it securely with the appropriate measures in place, which could include using encryption or password protection, or using a reliable secure courier.
· Minimising the need to take files and records off site for business purposes.
· Ensuring security and accountability when deleting or destroying records or dispensing with IT equipment.
International transfers
The data that we collect from you is stored and hosted in the European Economic Area (“EEA”). Following Brexit in June 21, the UK has been deemed adequate in terms of EU data protection legislation, therefore many of the GDPR rules are applied in the UK,s Data Protection Act.
How long we keep your data?
If you are associated with a grant application either on behalf of a qualifying organisation or as a sponsor, we will retain your personal data for a minimum of 10 years. This enables us to comply with our constitutional rules as regards the eligibility of applications.
If you are providing financial support as a donor, we are legally obligated to retain your personal data for a minimum of 6 years.
If you work with us as a volunteer, we will retain your data for so long as is necessary to maintain a relationship with you.
Your rights
You have the right to access your personal data, and any such requests made to us shall be dealt within the legal time limits set.
Your rights include:
- The right to be informed about the collection and use of your personal data.
- The right to access information held about you.
- The right to have inaccurate personal data rectified or completed if incomplete.
- The right to have personal data erased.
- The right to request the restriction or suppression of the processing of your personal data.
- The right to data portability.
- The right to object to the processing of their personal data in certain circumstances.
- Rights in relation to automated decision making and profiling.
You also have the right to lodge a complaint with the Information Commissioner Office who can be contacted via their web site www.ico.org.uk
The Data Protection Act and UK GDPR does not insist for requests to be made in writing, however it will enable us to manage your request more quickly if you were to use either email or letter, accompanied by some form of identification, such as a copy of a passport or driving license. Your request should be directed to: sec@cornwallisekfc.org.uk
Changes to this privacy notice
Our privacy notice is reviewed every 12 months. This privacy notice was last updated on 03-Mar-2023.
How to contact us
Email: sec@cornwallisekfc.org.uk