About Us‎ > ‎

Data Protection and Privacy Policy

This is our data protection and privacy policy for Sustainable Didcot as an organisation. This website specifically does not collect your personal data.

About us

We are Sustainable Didcot, a charity and community action group for Didcot residents

How you can contact us

Email – sustainabledidcot@gmail.com

What data we collect and how we use it.

We collect the names and emails of people interested in finding out more about Sustainable Didcot, for use in mailing lists.

We may collect further personal data when needed operationally for a project. For example, home addresses for our thermal imaging project.

We often take photos and videos for publicity purposes, including social media.

We do not keep sensitive personal data.

Where we store the data and who can access it

We keep project specific information in a shared dropbox account and shared email account accessible by the current committee members and project leads only. This is approximately 7 people depending on the number of project leads and the overlap of roles. Passwords for both are changed when committee and project lead roles change, following our AGM in June.

Photos and videos may be kept on personal devices pending their publication to social media.

Transfers to third countries

Dropbox and Gmail are American companies and the data is held on servers in the USA. We are satisfied that this does not constitute a data protection risk as they both comply with the EU-US Privacy Shield Framework. We will continue to monitor the practices of these companies and will take steps to make sure your data is kept safe if needed.

Retention schedules

We keep mailing list contact details until:

  1. The owner of the personal data (email address) asks for the email to be removed from the mailing list

  2. Sustainable Didcot ceases to operate as a functioning charity – determined by provisions in our constitution

We delete project specific information at the end of the project or when the data is no longer useful for its intended purpose.

We delete photos and videos from personal devices once they have been used. Unused photos and video footage is deleted. We do not attach the names of people or any other identifying information about the person to the photos whether published or not without their explicit consent.

Technical security measures

Each year, one of our co-chairs is nominated responsible for overseeing data protection issues and reporting data breaches.

We send out our mailing list BCC, which means that you won’t be able to see the email addresses of other people to whom it has been sent, and they won’t be able to see yours.

Your rights

We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights, which (for individuals) are as follows:
• the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of it (this is known as a subject access request);
• the right to have inaccurate data rectified; and
• the right to object to your data being used for marketing or profiling.

Our website may contain links to other websites. We do not control those other sites and we cannot be responsible for the content of those sites or for the protection of any information you provide to other sites (which are not governed by this privacy policy). We accept no responsibility or liability for such other websites. You should exercise caution when entering personal information online and look at the privacy statement applicable to the website in question.

Coming soon...