To sign-up to our Newsletters click hereto see our Privacy page click here

 

How we use and collect your personal data

 

Image result for mailchimp logoThe Galleywood Heritage Centre uses an external service to manage and deliver our newsletters and other information to our subscribers. The service is called MailChimp.

 

 

The Data Protection Act 2018 (DPA) is a United Kingdom Act of Parliament which updates data protection laws in the UK. It is a national law which complements the European Union's General Data Protection Regulation (GDPR) and updates the Data Protection Act 1998.The The Data Protection Act 2018 forms the UK privacy law that affects organisations in the UK and around the world and it become enforceable on May 25, 2018. It regulates how any organization treats or uses the personal data of individuals. Personal data is any piece of data that, used alone or with other data, could identify a person. If we collect, change, transmit, erase, or otherwise use or store the personal data, we need to comply with the DPA 2018.

About Consent

We need to have a legal basis, like "consent", to process your personal data. Under the Data Protection Act 2018, we also use other legal basis for processing personal data if for wxample you make a booking with us or use our website, these rely on "Legitimate interests". Where we use your consent it must be specific and verifiable.

Verifiable consent requires a written record of when and how someone agreed to let us process their personal data. Consent must also be unambiguous and involve a clear affirmative action. This means clear language and no pre-checked consent boxes.

About Individual Rights

The DPA 2018 also outlines the rights of individuals around their personal data. Individuals have the right to ask for details about the way you use their personal data and you can ask us to do certain things with that data. GHC supports people's requests in a timely manner. Individuals have the right to request their personal data be corrected, that it be provided to them, prohibit certain uses, or to be removed completely.

We prepared for DPA 2018 and modifyed many of our internal practices and policies over the period prior to implementation, because we are committed to achieving compliance with the DPA.

Consent

Transparent data processing is mandatory for us, MailChimp DPA compliant signup forms help us to stay compliant with the latest laws.

The DPA says we must obtain specific consent from you and clearly explain how we plan to use your personal data. Our DPA/GDPR fields in the sign up forms include checkboxes for opt-in consent, and sections that allow us to explain how and why we are using your data.

MailChimp stores our Galleywood Heritage Centre forms and contact data in case we need it in the future. If someone signs up for our list through a MailChimp hosted form, we can export that list and view information related to the signup for additional evidence of consent.

We rely on consent to process your and other subscribers' personal data, you should also review the terms associated with MailChimp itself. MailChimp's Privacy Policy and About the EU/Swiss Privacy Shield. Your data is safe and securly held.

Understand Your Individual Rights

GHC as a MailChimp user can access our MailChimp lists to correct or update information upon the request of our subscribers. As one of our signed up contacts you can continue to update your own data, too, by contacting us or updating your preferences from any email that you receive from us.