Trustee Lead: Secretary
LHG complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy explains how LHG collects, uses, stores, shares, and protects personal data.
- Personal Data
LHG collects the following information: Identity, Membership, Volunteer, Safeguarding, Archive donor, Photographs and digital media, Financial, Website/social media interactions. - Lawful Bases for Processing:
Consent; Contract; Legal obligation; Legitimate interests; Public task. - How LHG Uses Personal Data:
Used for membership administration, communication, events, safeguarding, archive management, publications, enquiries, and legal compliance. - Data Sharing:
LHG will not share data unless required by law, necessary for administration, or with explicit consent. - Data Storage, Security & Retention
Data is stored securely with restricted access. Retention periods: Membership: 3 years after leaving; Safeguarding: statutory periods; Archive donor forms: permanent; Accident reports: 3 years; Emails: reviewed annually. - Rights of Individuals:
Individuals may request access, rectification, erasure, restriction, objection, portability, or withdraw consent. - Data Breaches:
Breaches must be reported to the Secretary, who will assess, contain, and notify the ICO if required. - Review:
Reviewed annually or sooner if legislation changes.
