We recognize the need to respect and protect the need to respect and protect information disclose to us that is called Personal Information (explained below.)
This notice is intended to tell you how we use your Personal Information and describes how we collect and use your Personal Information during your stay with us. We are committed to handling data fairly and lawfully taking the data protection obligations seriously. We ensure that we process the Personal Information in compliance with the General Data Protection 2018 ("GDPR").
1. WHAT IS PERSONAL DATA AND WHAT PERSONAL DATA INFORMATION DO WE COLLECT ABOUT YOU.
1.1 What is Personal Information
For the purposes of this Data Protection Policy "Personal Information" consists of any information that relates to you and/or information from which you can be identified, directly or indirectly. For example, information which identifies you may consist of your name, address, telephone number, photographs, location data, an online identifier (e.g. cookies identifiers and your IP address) or to one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity. When we combine other information (i.e. information that does not, on its own, identify you) with Personal Information, we treat the combined information as Personal Information.
2.TYPES OF PERSONAL INFORMATION WE COLLECT
We collect, use, store and transfer different kinds of Personal Information about our subscribers, volunteers and donors.
2.1 Subscribers to our mailing lists
We collect Name, Email and Location.
2.1.1 How is your Personal Information Collected
We collect information through our subscription forms found on our website and feedback forms distributed to the attendees at our events.
2.1.2 How we use your Information
We use name and email to inform you about your chosen updates and events. Location information is used to send you updates and events that are relevant to your location.
2.1.3 Data Retention
Subscribers will continue to receive email updates until they wish to unsubscribe. The option to unsubscribe will be provided on each email updates sent by us. We will keep information about unsubscribe for a year to avoid them from being by accident. If you would like complete erasure before one year period, feel free to contact us after you have unsubscribed.
2.1.4 Data processor used to process and store your Personal Information
We use MadMimi email marketing platform (https://madmimi.com/) to process the subscriptions. They use GDPR compliant security levels.
In order to see how people respond to our emails we have email views and clicks tracking enabled in Madmimi. We may send extra event information (such as event reminders) to people who show more interest. You are welcome to disable views and clicks tracking in the following manner. When you receive our mail:
• Click the “Preferences” button that’s automatically included with each email.
• Check the link in the automated email you will receive to access your Subscription Management page.
• Tick “Don’t collect data about my email views and clicks”
• To save the changes click “Update”.
In order to process all the applications fairly and according to our availability and to ensure that you have required skills and are well enough to volunteer with us we collect Name, Contact Details, Address, Skills, Work Experience, Immigration Status, Diet Requirements, Food Allergies, Interests in our programmes and the what you would
like to achieve by volunteering with us, including next to kin contact details in case of an emergency.
We are determined to ensure healthy, safe and peaceful environment to all our guests, our volunteers as
well as our residents at our permises therefore we are obliged to obtain Special Category
Personal Data (as defined in the GDPR) such as medical conditions and criminal records information.
2.2.1 How is your Personal Information Collected
We collect information through our secure online volunteering application form.
2.2.2 How we use your information
To process your application to volunteer with us, to asses relevance of your skills with our present needs and
ability to fulfil the tasks required and to schedule your volunteering period.
2.2.3 Data Retention
Volunteers Personal Information will be retained for a maximum period of 2 years in order to fastrack the
application process of returning volunteers. We will keep a separate record of blacklisted volunteers up to 20
years depending on seriousness of offense as this is our legitimate interest to keep our public environment safe
and peaceful for our volunteers, visitors and residents alike.
2.2.4 Data processor used to process and store your Personal Information
2.3 Donors and Patrons
a) We collect Name, Contact Details, The amount you wish to donate and if you wish to set up regular payments.
b) Bank Details are collected and securely processed by our data processor Total Giving platform ‘Donation
Manager”. For more details on it's policies please see clause 2.3.4 below.
2.3.1 How is your Personal Information Collected
We collect information through Total Giving donation manager platform.
2.3.2 How we use your Personal Information
a) To maintain and review order donations histories.
b) Address is used to serve you certain benefits that comes with your donation amount such as sending you our
bi-monthly magazine “Back to Godhead” for our patrons.
2.3.3 Data Retention
a) We retain the Personal Information of one off donations for a maximum period of 7 years as required by law.
b) We retain the Personal Information of regular Donors and Patrons until they cancel their donation. Then the record of donations will be stored for up to 7 years as required by law.
2.3.4 Data processor used to process and store your Personal Information
Total Giving manages all our Donors Personal Information securely according to GDPR requirements. For more
details on it's privacy policies please visit https://donationmanager.co.uk/info-pages/privacy
2.4. GOOGLE ANALYTICS
We use Google Analytics to analyse the use of our website by mean of cookies. The information gathered
2.5. Combining Personal Information
We may combine the Personal Information that we collect from you to the extent permitted by applicable law.
3.TO WHOM WE DISCLOSE YOUR INFORMATION
We will only use your Personal Information for internal purposes only. Only two people currently has an access to your personal data – the person who processes applications and IT admin. We do not share your information with third parties.
4. ACCESSING YOUR PERSONAL INFORMATION AND OTHER RIGHTS YOU HAVE
We will collect, store and process your Personal Information in accordance with your rights under any applicable General Data Protection Regulations. You have the following rights in relation to your Personal Information:
a) Subject Access - you have the right to request details of the Personal Information which we hold about you and copies of such Personal Information.
b) Right to Withdraw Consent – where our use of your Personal Information is based upon your consent, you have the right to withdraw such consent at any time. In the event you wish to withdraw your consent to processing, please contact us using the details provided in clause 8 below.
c) Data Portability – you may, in certain circumstances, request us to port (i.e. transmit) your Personal Information directly to another organisation.
d) Rectification – we want to ensure that the Personal Information about you that we hold is accurate and up to date. If you think that any information we have about you is incorrect or incomplete, please let us know. To the extent required by applicable laws, we will rectify or update any incorrect or inaccurate Personal Information about you.
e) Erasure ('right to be forgotten') - you have the right to have your Personal Information 'erased' in certain specified situations.
f) Restriction of processing – you have the right in certain specified situations to require us to stop processing your Personal Information and to only store such Personal Information.
g) Object to processing – You have the right to object to specific types of processing of your Personal
Information, such as, where we are processing your Personal Information for the purposes of direct marketing.
h) Prevent automated decision-taking – in certain circumstances, you have the right not to be subject to
decisions being taken solely on the basis of automated processing.
5. ENFORCING YOUR RIGHTS
If you wish to enforce any of your rights then please contact us on our details in clause 8 below.
We will respond to your request without undue delay and no later than 30 days from receipt of any such request,
unless a longer period is permitted by applicable General Data Protection Regulations.
If you are concerned that we have not complied with your legal rights under applicable General Data Protection
Regulations, you may contact the Information (Commissioner's Office https://ico.org.uk) which is the data
protection regulator in the UK where we are located. Alternatively, if you are based outside the UK, you
contact your local data protection supervisory authority.
7. CHANGES TO THIS DATA PROTECTION POLICY
of this page states when the Data Protection and Privacy Statement was last updated and any changes will
We will provide notice to you if these changes are material and, where required by applicable law, we will obtain
your consent. We will provide this notice by email or by posting a notice of the changes on our website.
8. CONTACT US / FURTHER INFORMATION
8.1 Our Details
This website is owned and operated by ISKCON Scotland Ltd
Resgistered Charity number SC001127.
If you have any queries at all in relation to your data and how we protect your data rights, please contact our
Data Protection Officer on
Other Ways of Contacting us
a) using our Website contact form.
b) by telephone on +447726688778
Last updated 28/06/2018