THE DEAN GARDENS EDINBURGH
Who we are
This notice explains how the Committee of Management of the Gardens (the "Committee") uses and protects the personal information that is held about Members to the Gardens.
The Committee is a "controller" for the purposes of the data protection laws. New data protection legislation came into effect on 25 May 2018. We refer to the new data protection laws as the "Data Protection Laws" in this privacy notice.
What is personal information?
Personal information broadly means information that identifies (or which could, with other information that we hold or are likely to hold, identify) a living individual.
This includes any information provided to us by or on behalf of you as a member to the Gardens.
Where do we collect information from and what types of personal information might we hold about you?
We will collect and process the information about you that you provide by filling in forms and by corresponding with us or The Gardens Administration by telephone, email or otherwise.
We will typically hold names and addresses. We may also hold bank account details, marital status, email addresses, phone numbers, details of any correspondence with us and financial information (e.g. bank details).
Why do we hold this information?
We will use your personal information to manage the Gardens. For example, we may use it to:
- provide you with information such as newsletters or details of specific events;
- collect annual rates and communicate you regarding this; and
- to communicate with you regarding your use of the Gardens.
ln some cases, we are also obliged to retain your personal data to comply with legal or statutory obligations (for example, to keep records of contractual or financial matters).
For the avoidance of doubt the Committee does not use personal information for automated decision-making which produces legal effects or similarly significantly affects individuals.
Using your information in accordance with Data Protection Laws
Data Protection Laws require us to meet certain conditions before we are allowed to use your personal information in the way described in this privacy notice.
We rely on a condition known as "legitimate interests" in order to use this information in the way described in this privacy notice. We have a legitimate interest in collecting and processing your personal information as we need this to manage the Gardens.
We will only process "sensitive" or "special categories" of personal information under the Data Protection Laws (e.g. information about your health, for example wheel chair use) where you have explicitly consented to this or where there is an alternative legal basis for processing this information under the Data Protection Laws. This may mean that you will be asked to sign consent forms in the future. Once you have given your consent, you can withdraw it at any time by writing to us using the contact details below.
Whom do we share your personal information with?
We share information with Gardens Administration through WebCollect and GoCardless for transactional purposes of becoming a member to the gardens.
We may also share personal information with professional advisors under particular circumstances.
In the event that we do share personal information with external third parties, we will only share such personal information strictly required for the specific purposes and take reasonable steps to ensure that recipients shall only process the disclosed personal information in accordance with those purposes.
For how long do we retain your personal information?
We will only keep your personal information for as long as necessary to comply with our obligations and to safeguard the Committee and our service providers in the event of any claims, complaints, litigation, enquiries and investigations during our management of the Gardens.
How do we keep your personal information safe and who has access to it?
We are committed to ensuring that there are appropriate technical controls in place to protect your personal information, including protection from misuse and unauthorised access.
Your information is only accessible by the Committee of Management and Gardens Administration.
You can exercise any of the following rights by writing to The chair, Pam Barnes, at email@example.com, Tel: 0131 332 4765 or Gardens Administration, The Dean Gardens, P.O. Box No. 28508, Edinburgh EH4 1ZS.
Your rights in relation to your personal information are:
- to request access to the personal information that we hold about you;
- to rectify your data if it is inaccurate or incomplete;
- in certain circumstances, to restrict the processing of your data;
- in certain circumstances, to have your data deleted or removed;
- to obtain and reuse your data for your own purposes across different services; and
- to claim compensation for damages caused by a breach of the Data Protection Laws.
We will aim to respond to any request received from you within one calendar month.
If you are not happy with the way in which your personal information is held or processed, please contact us using the details above. You also have the right to complain about data protection matters to the lnformation Commissioner’s Office (lCO).
The ICO is the UK's independent body set up to uphold information rights. You can find out more about the ICO on its website (https://ico.org.uk/). The ICO can be contacted by calling 0303 123 1113.
Changes to our privacy statement
We keep this privacy statement under regular review and will place any updates on this website. Paper copies of the privacy statement may also be obtained by request from The Chair, Pam Barnes, at firstname.lastname@example.org, Tel: 0131 332 4765 or Gardens Administration, The Dean Gardens, P.O. Box No. 28508 Edinburgh, EH4 1ZS.