GENERAL DATA PROTECTION POLICY
Introduction
Dial a Trip is committed to protecting privacy, and take their responsibilities regarding the privacy of personal information very seriously. They will not disclose information to third parties unless legally required to.
It is essential that all Trustee’s and volunteer’s maintain the strictest confidentiality of all information provided, either directly or indirectly through its partnership working, voluntary organisations, trainers, clients, and trustees.
As required by various legislation including, the UK Data Protection Acts of 1984 and 1998 and the new General Data Protection Regulation (Known as GDPR) 25th May 2018, we follow strict security procedures in the management, storage, deletion, disposal and disclosure of information.
CONFIDENTIALITY
Any information about Dial a Trip, its volunteers and users that are not public information should be treated as confidential. Information that is public knowledge is: the Annual Report; signed minutes of all Committee meetings not deemed confidential; and any literature published by the organisation. All volunteers of Dial a Trip are representatives of the organisation. When dealing with the public, attending meetings, talking to the media, etc the organisations needs should be the primary concern. Personal viewpoint, which conflicts with the needs, aims, work or public position of Dial a Trip, should be discussed in advance with the designated Data Protection Controller or Chair person. Conflicts of interest should be declared and will be recorded on a register kept in the office.
INFORMATION HELD ON OUR SERVICE USERS
All our users complete an annual registration form with their name and address and other details we need in order to give the service to the client. The client information is strictly confidential to the organisation, as are the details of any enquiry made by a user or any advice or assistance given. The client completes a registration form annually which has a disclosure notice for them to sign. If they do not return the registration form within 3 months of them being distributed they are deemed no longer wanting to use the service and any data on them is destroyed or deleted. This information will not be disclosed without the users’ expressed permission. Only current volunteers DBS checked and sanctioned by the Administrator have some access to user’s details, to supply the service. Ex- employees and other volunteers not sanctioned by the administrator do not have right of access to users’ details.
Where a user wishes to remain anonymous they should not feel under pressure to give their personal details. Where refusal to give personal details restricts the help that we can give a user should be explained to them so they can make a personal choice about what they wish to do.
STORAGE AND ACCESS
Data information is kept securely in a lockable container with access strictly limited to those who are entitled to see it as part of their duties. Digital data is password protected on the Administrators computer. All data when needing to be destroyed will either be shredded or burnt and in the case of digital information deleted.
In accordance with Section 124 of the Police Act 1997 the disclosure of information is only passed to those who are authorised to receive it. A record of all those to whom a disclosure of information has been revealed is maintained. Dial a Trip recognises that is a criminal offence to pass this information to anyone who is not entitled to receive it.
