top of page
This site was designed with the
.com
website builder. Create your website today.Start Now

BUGLE DANCE FESTIVAL

 

DATA PROTECTION POLICY

 

 

 

 

 

 

 

The Data Protection Act (1998) establishes a framework of rights and duties which are designed to safeguard personal data. The Act applies to living individuals only, not organisations, hence personal data.  The Act also applies to an activity – processing personal data – rather than to particular people or organisations.  Thus, anyone who processes personal data must comply with the Act and must handle that data in accordance with the principles set out in the Act.

 

Bugle Dance Festival is a charitable organisation, run by voluntary personnel, which promotes the performing arts. The Festival recognises its responsibilities under the Data Protection Act and will achieve these as follows:

 

1.

Data will only be collected on behalf of the Festival by specified personnel. Data will be collected by consent where appropriate, or by other criteria as specified in Article 6 of the General Data Protection Regulation.

 

2.

Only such data will be collected as is necessary for the efficient administration of the Festival.  All reasonable efforts will be made to ensure that the data held is accurate.  An individual can obtain, without charge, details of any data held by the Festival about that person by application to the Secretary.  Any data which is deemed by an individual to be incorrect will be amended or deleted as requested.

 

3.

Data will be held for such length of time as is deemed necessary for the efficient administration of the Festival, or as may be required by law.  This period will be reviewed periodically, but at present these are:

Data concerning entries to the Festival – no more than 3 years

Data concerning Committee and Stewards - ongoing, so long as the individual is associated with the Festival

Financial data - as required by legislation (usually 7 years)

 

4.

All reasonable steps will be taken to ensure the security of any data held on behalf of the Festival, whether in written or electronic form. Laptops and home PCs will be password protected, written copies will be stored in a secure environment.

 

5.

All reasonable steps will be taken to ensure that data is disposed of in a secure manner, to be determined by the Committee.

 

6.

 

 

7.

 

 

The Festival will not pass collected data to any third party unless required to do so for legal reasons.

 

Transfer of data outside the EEA: the Festival will strive to use service providers with servers inside the EEA. Otherwise, it will only use service providers that can show compliance with EEA security protocols.

 

8.

 

 

 

9.

Possible data breaches should be reported as soon as possible and will be thoroughly investigated and, where necessary, reported to the Information Commissioner’s Office (ico.gov.uk).

 

Any complaints regarding the collection and use of personal data should be made to the Secretary in the first instance, or ultimately to the ico as above.

 

This policy statement and accompanying documentation will be reviewed (and where necessary) updated from time to time, but at least annually.

 

Signed: Karen Walker

Name:  Karen Walker

Title:  Chair and Secretary

Date: June 2018

On behalf of the Committee

bottom of page