BwD Hive CiC Privacy Notice
BwD Hive CiC is committed to ensuring that we are transparent about the ways in which we use your personal information and that we have the right controls in place to ensure it is used responsibly and is kept safe from inappropriate access, theft or misuse.
We are a membership organisation, but also hold information on some non-members who have signed up to our mailing list. We communicate with our mailing list on business information and activity of Hive which we feel is relevant.
This notice explains how we use your personal information and tells you about your privacy rights and how the law protects you.
Data Protection law is to change on 25 May 2018
We have included most of your rights under the new laws in this notice and may update it again as and when regulations are amended.
What is personal information?
Personal information can be anything that identifies and relates to a living person. This can include information that when linked with other information, allows a person to be uniquely identified. For example, this could be your name and contact details.
The law treats some types of personal information as ‘special’ because the information requires more protection due to its sensitivity. This information consists of:
- Racial or ethnic origin
- Sexuality and sexual life
- Religious or philosophical beliefs
- Trade union membership
- Political opinions
- Genetic and bio-metric data
- Physical or mental health
- Criminal convictions and offences
Your personal information may be collected and used for one or more of Hive’s services or activities, depending on your relationship with Hive and nature of your contact with us.
Generally, we may need to use some information about you:
- in delivering Hive services and ensuring other partners with whom Hive is working, are able to deliver ‘joined up’ services to you
- in planning future services;
- for managing and checking the quality of our services;
- keeping track of spending on services;
- to help investigate any concerns or complaints you have about our services and for answering enquiries under access legislation;
- to improve the general experience of our customers and of visitors to our website;
- for archiving, research, or statistical purposes
Generally we collect personal information where:
- you, or your legal representative, have given consent;
- you have entered into a contract with us;
- you have become a member of Hive;
- you have signed up to the Hive mailing list
Your personal information may also be shared with other organisations, such as those who assist us in providing services and those who perform technical operations such as administration, data storage and hosting on our behalf.
Data Transfers beyond EEA
We will only send your data outside the European Economic Area (‘EEA’):
- with your consent, or
- to comply with a lawful and legitimate request, or
- if we use service providers or contractors in non EEA countries.
If we do transfer your information beyond the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. We will use one of these safeguards:
- Transfer it to a non EEA country with privacy laws that give the same protection as the EEA. Learn more on the European Commission Justice website.
- Put in place a contract with the recipient that means they must protect it to the same standards as the EEA. More information is available on the European Commission Justice website.
- Transfer it to organisations that are part of the Privacy Shield. This is a framework that sets privacy standards for data sent between the US and EU countries. It makes sure those standards are similar to what is used within the EEA. You can find out more about the Privacy Shield on the European Commission Justice website.
If we propose to make a transfer in response to a lawful and legitimate request we will normally tell you in advance unless there are compelling reasons, such as law enforcement or, reasons of safety which justify not doing so.
We will only keep your personal information for as long as the law specifies or where the law does not specify this, for the length of time determined by our business requirements.
We may refresh this list from time to time by contacting you and asking if you wish to remain on our mailing lists, but you have the right to request we delete your personal information at any point in time.
How we keep your information safe
We are committed to ensuring your personal information is safe and protected from accidental loss or alteration, inappropriate access, misuse or theft.
As well as technical, physical and organisational controls, we recognise that a well-trained, informed and security alert workforce minimises privacy risks from human error and/or threats from malicious actors.
We require our service providers to implement appropriate industry standard security measures and only permit them to process your personal information for specified purposes in accordance with our contractual instructions.
Rights of individuals
You may exercise the rights listed below in relation to Hive’s use of your personal information.
Some rights are absolute and others are not.
To find out more about how these rights apply in particular circumstances, please refer to the Information Commissioner’s website.
To exercise these rights, please contact the Hive’s Data Protection Officer (DPO). Contact details for the DPO appear below.
You may request a copy of the personal information we hold about you.
Rectification & Erasure:
You may request that we rectify or delete any of your personal information if you consider it is incomplete, factually incorrect, processed unlawfully or, is unnecessary or no longer needed.
You may object, at any time, to your personal information being processed.
This applies to processing:
- carried out in performance of our day to day functions, including ‘profiling’ [whether or not profiling is partly or fully automated];
- for direct marketing purposes
Restriction of Processing:
You may request restriction of processing (quarantining) of your personal information for certain reasons, such as, for example:
- if you have objected to the processing or asked us for erasure and we need time to consider your request and let you know our decision;
- you require us to retain your information for the establishment, exercise or defence of your own legal rights
In defined circumstances [either where the processing relies on your consent or arises out of a legal contract], you may request we supply a copy of personal information that you have provided to us in a portable and machine readable format
Right to Withdraw Consent:
Where the legal reason for processing your personal information is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of our processing prior to the withdrawal of your consent.
If you wish to exercise your rights (as outlined above) or to raise a concern about the handling of your personal information by Hive, please contact our Data Protection Officer (DPO):
The DPO, BwD Hive CiC, c/o Blackburn with Darwen Borough Council, Town Hall, King William Street, Blackburn, BB1 7DY.
Telephone: 01254 666490
Data Protection Officer (DPO) contact information (rights/complaints)
Whether you are exercising your rights or raising a concern, you will usually need to include documents that prove your identity as well as a clear and precise description of your request/concern.
We will process requests in accordance within the legislative framework and the statutory time scales and inform you should an extension of time be necessary.
If you are not satisfied with the way we have answered a request from you or handled your personal information, you have the right to make a complaint to the Information Commissioner who may be contacted at: The Information Commissioners Office
This right is not dependant on you raising a complaint with us first but we would encourage you to contact our DPO so we can consider your concerns as quickly as possible.
BwD Hive CiC use something called cookies. ‘Cookies’ are pieces of information that are created when you visit any website, and they are stored on your computer. Cookies enhance your experience of our website and enable you to personalise the service you receive.
You have the ability to accept or decline cookies, however, most web browsers automatically accept cookies. You can modify your browser to decline cookies if you prefer, though this may mean that your browsing experience is reduced, as it may stop certain parts of our site from functioning.
Cookies do not contain any personal information about you, and they cannot be used to identify an individual user.
Links to external sites
We may update or revise this Privacy Notice at any time so please refer to the version published on our website for the most up to date details.