Data Protection
Introduction.
The EU General Data Protection Regulation (“GDPR”) came into force across the European Union on 25th May 2018 and brought with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the requirements of the digital age.
The 21st Century brings with it broader use of technology, new definitions of what constitutes personal data, and a vast increase in cross-border processing. The new Regulation aims to standardise data protection laws across the EU, affording individuals stronger, more consistent rights to access and control their personal information.
Our Commitment.
The staff at Victoria Hall are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection.
Victoria Hall is owned by the Salt Foundation which has a detailed Data Protection Policy mirroring that of its managing agency, Shipley College. This is regularly reviewed and includes a detailed retention and disposal schedule. This covers the “Right to Erasure” obligation and procedures should there be a data breach or subject access request.
We have a legal basis for processing all data and a privacy notice ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information.
Where we use any third party to process personal information on our behalf (i.e. managing agency, software hosts), we have compliant Processor Agreements and due diligence procedures to ensure that they (as well as we), meet and understand their/our GDPR obligations.
Salt Foundation Data Protection Policy
Privacy Statement
Our Commitment to your Privacy
As a client, user, or supplier of Victoria Hall your trust is important to us. We want you to know how we collect, store and handle personal data. Victoria Hall is owned by the Salt Foundation which uses a ‘privacy by design’ approach and we treat your data with respect.
Why we collect your data
We want you to have the best possible experience as a client, user or supplier of Victoria Hall. For example, we collect data in order to be able to send invoices to the correct recipient, ensure payments are made to the correct bank account and so that booking information is emailed to the correct email address.
How we collect your data
We do this in a number of ways, including when you share your information with us for a transaction or event. To reduce the risk of fraud, any change in bank details sent to us will be independently verified. This increased vigilance is to protect you as a valued client or supplier.
When we’ll share your data
We will share information with a small team within Shipley College who act as our managing agents. Occasionally we will share your data with a third party. An example might be giving your contact details to one of our recommended suppliers in whom you have shown interest.
Retention and Disposal of data
Our managing agency will anonymise any supplier data after a two year period of inactivity. This is the way we identify suppliers no longer in use by Victoria Hall and includes the deletion of any bank details we currently hold.
If you wish to be anonymised on our client database and removed as a Victoria Hall contact, please notify us by emailing hello@victoriahallsaltaire.co.uk.