Data protection - practice & procedure
INTRODUCTION
1 The Raphael Pilgrimage collects and stores data for the purpose of running an annual pilgrimage for sick Pilgrims to Lourdes and for maintaining contact with former pilgrims who express an interest in supporting the pilgrimage. It is required to hold and use this information under the provisions of the Data Protection Act 1998.
2 The Pilgrimage is registered with the Information Commissioner and is listed on the Register of Data Controllers.
3 The Pilgrimage is committed to implementing the principles of the Data Protection Act 1998, namely that data should be:
i. Fairly and lawfully processed
ii. Processed for limited purposes
iii. Adequate, relevant and not excessive
iv. Accurate and up to date
v. Not kept for longer than is necessary
vi. Processed in line with your rights
vii. Secure
viii. Not transferred to other countries without adequate protection.
4 Information and data held comprises the following main components:
i. Names and addresses including telephone and E Mail addresses, personal preferences such as dietary needs.
ii. Medical information about pilgrims.
iii. Personal financial information in connection with pilgrims seeking financial support through the Gilbert Thompson Memorial Fund.
iv. Financial records
v. Photographs
5 It is important for all pilgrims to know that they have a right to see the information we hold on them and to require that any inaccuracies are rectified. To do so you should make a ‘Subject Access Request’, in the first instance through the pilgrimage Data Protection Officer, currently, Chris Woodward.
6 Each officer is required to sign a declaration annually that they have understood the procedures and will comply with them.
7 If you would like to know more about how we hold, use and share your information read the Appendices here.
1 The Raphael Pilgrimage collects and stores data for the purpose of running an annual pilgrimage for sick Pilgrims to Lourdes and for maintaining contact with former pilgrims who express an interest in supporting the pilgrimage. It is required to hold and use this information under the provisions of the Data Protection Act 1998.
2 The Pilgrimage is registered with the Information Commissioner and is listed on the Register of Data Controllers.
3 The Pilgrimage is committed to implementing the principles of the Data Protection Act 1998, namely that data should be:
i. Fairly and lawfully processed
ii. Processed for limited purposes
iii. Adequate, relevant and not excessive
iv. Accurate and up to date
v. Not kept for longer than is necessary
vi. Processed in line with your rights
vii. Secure
viii. Not transferred to other countries without adequate protection.
4 Information and data held comprises the following main components:
i. Names and addresses including telephone and E Mail addresses, personal preferences such as dietary needs.
ii. Medical information about pilgrims.
iii. Personal financial information in connection with pilgrims seeking financial support through the Gilbert Thompson Memorial Fund.
iv. Financial records
v. Photographs
5 It is important for all pilgrims to know that they have a right to see the information we hold on them and to require that any inaccuracies are rectified. To do so you should make a ‘Subject Access Request’, in the first instance through the pilgrimage Data Protection Officer, currently, Chris Woodward.
6 Each officer is required to sign a declaration annually that they have understood the procedures and will comply with them.
7 If you would like to know more about how we hold, use and share your information read the Appendices here.