Sidcupbanner

LARK IN THE PARK PRIVACY POLICY

1.0 OUR CORE BELIEFS REGARDING USER PRIVACY AND DATA PROTECTION

Lark in the Park is committed to safeguarding the privacy of our volunteers, guests and our website visitors; this policy sets out how we will treat your personal information.

  • Your privacy as a user and protection of your data are human rights
  • We have a duty of care to the people whose data we collect and process
  • Data is a liability, it should only be collected and processed when absolutely necessary
  • We will not send you spam
  • We will never sell or rent your data, and will only distribute your data with our third party partners with your specific consent
  • We collect data through two systems, the Lark in the Park volunteer portal (vp.larkinthepark.com) and the Lark in the Park guest registration system (registration.larkinthepark.com) and do not take data from any third party.

2.0 RELEVANT LEGISLATION

Our volunteer portal and guest registration system are designed to comply with the following national and international legislation with regards to data protection and user privacy:

These sites' compliance with the above legislation, all of which are stringent in nature, means that these sites are likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether these sites are compliant with your own country of residences' specific data protection and user privacy legislation you should contact our data protection officer (details of whom can be found in section 7.0) for clarification.

3.0 PERSONAL INFORMATION THAT LARK IN THE PARK COLLECTS AND WHY WE COLLECT IT

When you register online we will ask your consent to store the information in our database and to use it for the purposes described in this privacy policy.

Lark in the Park collects and uses the following personal information:

3.1 For Lark in the Park Volunteers

  • Personal information that you provide to us on the volunteer application form
  • Comments made by character references
  • DBS status and any related restrictions
  • Results of the new volunteer's interview
  • Whether or not the Team Leader has accepted the volunteer onto their team.

3.2 For Lark in the Park Guests

  • Personal information that you provide to us on the registration form
  • A record of other family links that we are informed about, so that we know which adults are associated with the children, as part of safeguarding
  • Details of the tickets that we issue during the two weeks of the project
  • A record of when you arrive (and in some cases, leave) those events
  • Whether children leave an event early, as part of safeguarding
  • If you ask to be contacted about something, we make a note of this
  • Whether someone has a gold card or staff card.

3.3 We collect your information for the following purposes:

  • Safeguarding - allowing us to take care of you and your family while they are attending events and to know how to respond in an emergency
  • Ticketing - allowing us to issue tickets for events
  • Keeping in touch (where we have your explicit permission to do so) - to enable Lark in the Park and the churches that run it to inform you about related events, news or policy updates once the project is closed
  • Volunteer's data is processed for the smooth running of the event.

3.4 Third parties

We do not pass your data onto any third parties, except when you have asked to be contacted about other related events run by the churches who run Lark in the Park and give permission for your details to be passed to these churches.

3.5 Email newsletter

If you choose to join our mailing list, you will receive a very low volume of emails from us and only when it is relevant to the project. You may unsubscribe at any time from the mailing list.

3.6 Data storage

  • The data collected is stored in computer databases.
  • We collect paper signed forms from Guests, which are kept in a locked box on the site and destroyed by burning within three months of the end of the project. Electronic copies of the forms are held on our secure server for reference and safeguarding.
  • Minimal paperwork is collected for Volunteers and all of this is kept in a locked cabinet and destroyed within three months of the end of the project, unless it is necessary to keep anything related to safeguarding issues.

3.7 Data retention

  • We keep personal data in our databases for three years, after which it is deleted.
  • Personal data on paper forms is destroyed within three months of the end of the project (unless required for safeguarding)

3.8 Who has access to your data?

  • Data that you provide as part of a volunteer application form is visible to the event organisers and the Team Leaders.
  • Data that you provide as part of the Guest registration process is shared with the administration team issuing tickets and the Team running events for admission and safeguarding.
  • Logins to access any data are extremely restricted and data is only shared on a need to know basis. We do not share data with third parties (see section 3.4).

4.0 WHAT LAWFUL BASES DO WE RELY ON TO USE YOUR PERSONAL DATA?

4.1 The lawful bases that we rely on for processing your personal data are:

  • You have provided your consent to us using your personal data for specific purposes:

      These are described in section 3.3

      For our guests: We will also ask for your consent to use your personal data to send you electronic communications such as newsletters and emails. You have the right to decline. We do not often send these communications to our guests and would typically only send them 2 or 3 times a year.

      For our volunteers: our ability to communicate with you is fundamental to your involvement in the project. You will receive a number of messages from us before, during and after the project.

  • You always have the right to withdraw your consent at any time.

  • It is necessary for compliance with a legal obligation to which we are subject:

      This would include where we have to retain certain records, for example. Or where we are required to disclose personal data to any regulators or law enforcement agencies.

  • It is within our legitimate interests.

      Applicable law allows personal data to be collected and used if it is reasonably necessary for our legitimate interests or a third party's legitimate interests (as long as the processing is fair, balanced and does not unduly impact individuals' rights). We will rely on this ground to process your personal data when it is not practical or appropriate to ask for your consent, and where we are confident that this will not impact your rights.

      Our legitimate interests are achieving our mission. Our volunteer portal and guest registration system facilitate this mission.

      We also have a legitimate interest in providing useful reports and feedbacks to Members and Trustees, in an anonymous form.

      We will also rely on our legitimate interests for the proper administration of Lark in the Park tickets and to manage our operations (for example, maintaining appropriate records and databases).

      When we process your personal data to achieve such legitimate interests, we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws.

      We will not use your personal data for activities where our interests are overridden by the impact on you, for example where use would be excessively intrusive (unless, for instance, we are otherwise required or permitted to by law).

4.2 Sensitive or special category data

We do not anticipate the collecting of sensitive data from you (i.e. data on health, race, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, sex life or sexual orientation) beyond the following:

  • We ask for the ethnicity of Guests on the registration form (and store it in our database) in order to assist us in our application for funding and grants from a variety of charities and local government bodies. Some of these organisations require us to prove that the ethnic mix of our visitors is in proportion to the ethnic mix of the borough. This shows that Lark in the Park is not biased towards one or more specific ethnic groups. We do not use this information for any other purpose. You do not have to answer the "ethnicity" question in order to access our events
  • We ask about any allergies or special needs, for purposes of safe guarding.

Where we do collect such sensitive data from you, we will ensure that we obtain your prior explicit consent. You always have the right to withdraw your consent.

4.3 Your rights

Right to restrict processing

In certain circumstances you have a right to require us to stop processing your personal data in a particular way.

Right to erasure

You have the right to request that your personal data is erased from our database in certain circumstances.

Right of access

You have a right to ask for a copy of the personal data we hold about you. If you want to access your personal data, please send a description of the personal data you want to see and proof of your identity to privacy@larkinthepark.com, data provision is free of charge.

Right to rectification

We also want to make sure that your personal data is accurate and up to date. Please let us know if your details change. You may also ask us to correct or remove personal data which is inaccurate.

Right to object

You can also opt-out of receiving all or some of emails or request that we stop processing personal data about you for certain purposes at any time by contacting us using the details below.

Right to data portability

In certain circumstances you have a right to data portability which means we will provide you (or a third party you nominate) with your personal data in a structured, commonly used and machine-readable format.

Please note that you may only use / benefit from some of these rights in limited circumstances. For more information, we suggest that you consult guidance from the Information Commissioner's Office (ICO) www.ico.org.uk or please contact us using the details below.

5.0 DATA BREACHES

We will report any unlawful data breach of these websites' database to any and all relevant persons and authorities within 72 hours of the breach being discovered if it is apparent that personal data stored in an identifiable manner has been stolen.

6.0 DATA CONTROLLER

The data controller of this website is: Lark in the Park, a registered charity (number 1115947) and UK Private Limited Company (number 5906292).

Whose registered office is:
Lark in the Park, New Generation Centre, Birkbeck Road, Sidcup, DA14 4DJ

Lark in the Park welcomes your comments regarding this Statement of Privacy. If you believe that Lark in the Park has not adhered to this policy, please contact Lark in the Park. We will use commercially reasonable efforts to promptly determine and remedy the problem.

7.0 POINT OF CONTACT FOR DATA PROTECTION

John Arundel
Management Team
Email: johnarundel@ausrowe.com

8.0 CHANGES TO OUR PRIVACY POLICY

This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.

8.1 Version Date

Policy developed 22nd May 2018