MGRA Data Policy

The data Controller is Marley Grange Residents Association (MGRA). Only MGRA committee members are authorised to collect data on behalf of MRGA and will identify themselves when collecting the information. At the time of collection individuals will be made aware the uses of the personal information and must give consent for its processing and use. The information will be collected primarily in combination with the annual subscriptions and will be updated annually.

MGRA are only seeking and retaining the minimum amount of personal data required to achieve itspurpose. The data fields to be collected per household are:

 Names of main occupiers;

 House address;

 Contact details;

 Phone number(s);

 Email address; and

 Membership status and subscription paid.

Supply of personal information in whole or part is entirely voluntary.

All data collected will be used solely for the business of the residents association for the purpose ofmembership administration and communication, specifically:

 Maintaining an up to date list of Marley Grange Residents;

 Maintaining an up to date list of MGRA members;

 Status of MGRA membership (subs paid);

 Electronic distribution of newsletter via email;

 Distribution of hard copy format of newsletter;

 Neighbourhood watch (should this be implemented); and

 Contact of residents relating to MGRA matters.

MGRA will retain the data for up to five years. Data will not be disclosed to any third party for commercial, political or other reason. In particular MGRA will not seek to benefit financially from the existence of the data. Exceptionally, in the unlikely event of a court order or other legal requirement to make the data available to a nominated third party the committee will be empowered to meet such demand.

MGRA will take appropriate security measures against unauthorised access to, or alteration, disclosure or destruction of, the data and against their accidental loss or destruction. A nominated committee member (Membership Registrar) will have responsibility for securing and maintaining the register each year. The information will be stored on password protected computer and any paper copies of the information will be securely disposed of after use.

The Membership Register will only provide copies to other committee members by simple majority agreement of a quorate committee meeting. Exceptionally in the unlikely event of an urgent requirement for a member to have a copy of the register, the nominated officer can make it available by agreement of Chairman / Treasurer / Secretary but such an agreement will need to be explained and minuted at the next scheduled committee meeting.

All committee members must agree to abide by the policy, in particular acceptance of any data (in whole or in part) from the members register is an acceptance of the policy. MGRA will carry out periodic reviews of this policy and its implementation.

Individuals have the right to access to any personal data being held by MGRA and have the right to rectify their data if inaccurate or processed unfairly. On making an access request in writing, any individual about whom MGRA keep personal data is entitled to receive the following within 40 days:

 a copy of the data being kept about him or her;

 know the categories of their data and your purpose/s for processing it;

 know the identity of those to whom the data has been disclosed to;

 know the source of the data;

 data held in the form of opinions, except where such opinions were given in confidence and even in such cases where the person’s fundamental rights suggest that they should access the data in question it should be given.