skip to Main Content

The Quiet Garden Trust Compliance with General Data Protection Regulations

A PDF of this policy can be viewed and downloaded here

Policy last updated – 13 March 2018

Background:

From May 2018 all organisations which use personal data of service users, customers, staff or any other individuals need to be compliant with a new set of data protection regulations, these regulations are referred to as GDPR.

GDPR overlaps with, and sit in relationship to the Privacy and Electronic Communications Regulations (PECR) which governs the use of electronic communications such as email and SMS messages.

This policy document, alongside with its related policies (see links below) outlines, in practical terms, how The Quiet Garden Trust and Movement (QGT) will comply with GDPR and PECR.

 

Six Lawful Basis for Processing Data

There are six lawful bases for processing the data of an individual. In this instance ‘processing’ qualifies as both using their data to send information and using their data to achieve operational objectives. The six lawful basis are;

  1. Where we have the consent of the data subject
  2. Where processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract
  3. Where processing is necessary for compliance with a legal obligation
  4. Where processing is  necessary to protect the vital interests of a data subject or another person
  5. Where processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  6. Where necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject

While all six basis are of interest to QGT, within this policy paper we are primarily concerned with points one and six, consent of the data subject (individual) and purposes of legitimate interest.

 

Other Related Policies:

In addition to this policy, QGT has two additional policy papers which relate to GDPR, these are our Data Privacy Policy and our Data Retention Policy, which can be found at: www.quietgarden.org/about/policies

 

Consent and Legitimate Interest

These two points cover what we can legitimately send to individuals, and representatives of organisations, and the basis upon which we do this. In the terms of GDPR the ‘use of data’ applies to using someone’s data to send them fundraising requests and other information which may (or may not) be of interest to them.

 

Consent or Opting In:

If an individual is new to QGT (in their own right or as the representative of an organisation), we will be explicit how we will use their data, which includes what we will send them, at the point of sign-up. All communication will signpost the Privacy Statement and a Public Version of this paper. We cannot send any publications or correspondence which has not been made explicit at the point of sign-up, unless it meets a ‘legitimate interest’, of which the criteria is set out below.

 

Opting Out:

Above both consent and legitimate interest is the individual’s right, at any time, to make any changes to the ways in which QGT contacts them; through the mail, telephone, email, or messaging service. Any individual, either in their own right or as a representative of an organisation (which includes churches) can request changes to what we send them and by which medium. This includes opting out of all communications.

In the case of representatives of organisations/churches, we can request the details of another individual who can receive the materials on behalf of the organisation/church.

 

Legitimate Interest:

Hosts communications – As Hosts are members of the Quiet Garden Movement and specifically give details on joining for the website and for contacting them with news of the Movement it is a legitimate interest for them to receive copies of the newsletter (in whichever format is requested), our latest advice and information for Hosts, news of events, and news of the wider Movement, including fundraising information and reminders and thanks for donations. We believe Hosts expect the Trust to use their data to contact them in these ways until they inform us that they no longer wish to be a QG host, and opt out of receiving further communications.

Friends communications – When people become Friends they respond to an invitation to connect with the Movement through financial giving, prayer and perhaps volunteering.  It is a legitimate interest for these members to be kept in touch with the activities of the Movement through receiving news of the Movement including fundraising information, and notifications of events.  We believe Friends expect the Trust to use their data to contact them with news, notification of events, reminders and thanks for donations. It is fair to assume that Friends will notify us when they no longer wish to be a Friend or if we have not received communications or gifts from them for 2 consecutive years we will not use their data for this legitimate interest.

General Mailing list – If we’ve received communications or gifts or electronic tracking shows emails opened within the past two years, it is fair to assume that these individuals wish to continue to receive news, notification of events and occasional fundraising communications from us.

 

Administrative Communication

In addition to these specific publications we will also send correspondence which relates to the administration of peoples relationship with QGT; for example a Thank You letter or email to acknowledge receipt of gifts, information regarding Gift Aid administration, or information regarding membership of the Quiet Garden Movement. These are contained within points 2 to 5 of the Six Lawful Basis above.

 

Retaining Consent:

If anyone, receiving any frequent publication, falls outside of this ‘legitimate interest’ rationale, we will give them one opportunity to ‘opt-in’ before assuming their non-response represents an opt out.

 

For more information regarding information and fundraising regulation;

For GDPR: https://ico.org.uk/for-organisations/data-protection-reform/

For PECR: https://ico.org.uk/for-organisations/guide-to-pecr/what-are-pecr/

For the Code of Fundraising Practice: https://www.fundraisingregulator.org.uk/

 

Making changes to contact preferences

In all cases our QGT office staff are able to change people’s contact preferences. Where appropriate the following contact details can be included on forms, or a visible place within any materials or publications.

 

To make changes to your contact preferences

please email or telephone 01494 578909

 

Changes to the way the Quiet Garden Trust complies with GDPR

This policy may be updated from time to time so you may wish to check it each time you submit personal information to the Quiet Garden Trust. The date of the most recent revisions will appear on this page. If you do not agree to these changes, please contact us to change your contact preferences. If material changes are made to the policy we will notify you through one of the mediums we currently use to communicate with you.

Privacy and Cookies

This site uses cookies:

Read our Privacy & Cookies Policies

Okay, thanks

Join the Quiet Garden email list and stay up to date with our news and events.

Back To Top
×Close search
Search