Important Information About Your Privacy
Shared Interest Society Ltd needs to keep certain personal data, for example about its customers, members and staff, to fulfil its purpose and to meet its legal obligations. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully. Shared Interest must comply with the Data Protection Principles, which are set out in the Data Protection Act 1998.
Personal data shall:
- Be obtained and processed fairly and lawfully.
- Be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose.
- Be adequate, relevant and not excessive for those purposes.
- Be accurate and kept up to date.
- Not be kept for longer than is necessary for that purpose.
- Be processed in accordance with the data subject's rights.
- Be kept secure from un-authorised access, accidental loss or destruction.
- Not be transferred to another country without due security procedures to prevent unauthorised access of the data.
Shared Interest, all its staff, officers and representatives, who process or use personal information must ensure that they follow these principles at all times.
USE OF LOG FILES (COOKIES)
Shared Interest utilises visitor log files (cookies) with our website. Once a user enters our site, a cookie follows them through their click stream path. Examples of information being collected by these cookies include the number of times a user came to our site(s), and the paths they took to get there.
A "cookie" is a small line of text that is stored with your web browser for record-keeping purposes and helps us provide better service to you. Your browser has options to accept, reject, or provide you with notice when a cookie is sent.
Notification of Data Held and Processed
All customers, members, staff and other users are entitled, on request to:
- Know what information Shared Interest holds about them and why.
- Know how to have access to it.
- Be informed how to keep it up to date.
- Be informed what Shared Interest is doing to comply with its obligations under the 1998 Data Protection Act.
TRANSFER OF PERSONAL DATA OVERSEAS
Shared Interest is a global organisation operating in a number of countries worldwide. To fulfil its customer service obligations it is necessary for Shared Interest to transfer and process some personal data outside the country in which the personal data is collected. Prior to making any such transfer Shared Interest will put in place security procedures and firewalls designed to prevent unauthorised use of or access to personal data.
DISCLOSURE OF PERSONAL DATA
Shared Interest passes personal data within its internal departments in order to fulfil customer support obligations, carry out sales and promotional activities, as well as maintain its records of account. Shared Interest does not disclose personal data to unaffiliated third parties except where customer consent has been obtained, where Shared Interest is under an obligation by law to disclose personal data, or where Shared Interest has contracted with third parties to assist in providing services to Shared Interest members or customers such as for delivery of support services (for example use of a mailing house). In the latter instance an appropriate protocol is put in place for each instance of use of data files.
RIGHTS TO ACCESS INFORMATION
Customers, members, members of staff, and other associates of Shared Interest have the right to view any personal data that is being kept about them. Any person who wishes to exercise this right should make the request in writing to Shared Interest's Data Controller. Shared Interest may make a charge on each occasion that access is requested, to reflect administration costs (the minimum charge is £25). Release of information resulting from such a request is authorised by the Managing Director. Shared Interest aims to comply with requests for access to personal information as quickly as possible, but will ensure that it is provided within 40 days of receipt of a completed request. Where there is an unavoidable delay the reason will be explained in writing to the individual making the request.
SHARED INTEREST'S DESIGNATED DATA CONTROLLER
Shared Interest Society Ltd is the data controller under the Act and is therefore ultimately responsible for implementation. However, day to day matters will be dealt with by Shared Interest's Data Controller, Andy Jones:
Any questions or concerns about the interpretation or operation of this policy should be taken up in the first instance with the Data Controller.
Shared Interest Society Ltd is registered under the 1998 Act as a data user, details of the Shared Interest's current registration can be accessed on the Data Protection Registrar's web site at
Shared Interest's registration is reviewed and updated from time to time. If a new project involving personal data is being set up, or data already held are to be made available to different categories of people or used for a different purpose than the original, the person responsible must inform the Data Controller.
Any formal requests under the Act from data subjects regarding information held on them must be referred to the Managing Director, no matter which office or department is processing the information.
Further information and advice can be obtained from Shared Interest's Data Controller, Andy Jones. Email to: