Data Protection Policy

       SHERBURN IN ELMET COMMUNITY TRUST 

       DATA PROTECTION POLICY

General Data Protection Regulations 

The Regulations protect any individual on whom data is held from unlawful processing of data, and gives right of access to that data. The definition of data is not restricted to automatically processed information but also includes manual records and paper documents.

Sherburn in Elmet Community Trust is concerned with the protection of personal and/or confidential information in three areas:-

  • Data about our employees and volunteers, both at the library and the Old Girls’ School. 
  • Data about our library/hub users held on North Yorkshire County Council (NYCC) systems for which we act as Data Processors.
  • Data we receive from users of our services both at the Library and at the Old Girls’ School for which we are the Data Controller 

As Data Controller we have determined that there is no requirement for the Trust to be registered with the Information Commissioners Office. 

 Employee and Volunteer Information

  • The only personal information about our Employees and Volunteers that is collected and kept is that which has been voluntarily given by themselves in completing an application form.
  • This data is kept securely and never divulged to any third party.

Library/Hub Data

  • Library volunteers processing personal information to provide library services on behalf of North Yorkshire County Council (NYCC) do so using Library Management Systems provided by NYCC.
  • NYCC retain ownership of the data and of data subsequently produced by the systems. NYCC are the data controller and as such are responsible for deciding the reasons for sharing any personal data and for deciding how that data can be processed.
  • Library Volunteers are required to sign the Acceptable Use Agreement which details their responsibilities.

The Trust delegates to the Library Management Group the responsibility to:

  • Ensure that Volunteers understand their responsibilities for Data Protection and undertake any mandatory training which NYCC specify and make available.
  • Prevent unauthorised access to buildings or equipment and to keep computers and documents secure at all times.
  • Ensure that nothing is connected to the IT equipment provided by NYCC without approval by NYCC ICT services.
  • The Library Management Group has appointed one of its members to monitor conformance and liaise with NYCC.

Service User Data

  • Data collected and recorded about service users (eg. hirers of rooms) is limited to that needed to contact them if necessary. 
  • This data will not be used for marketing purposes unless this is agreed with the users. 
  • Any data collected from Service Users of the Old Girls’ School is to  be stored and maintained by the Community Centre Manager with appropriate safeguards for confidentiality and security.

Monitoring and Review

This policy will be reviewed on an annual basis.

Adopted by SIECT at the Trustees meeting held on 6th August 2018.