Policies

Privacy Policy

Who we are

We are Ashburton Repair Cafe CIO (Charitable Incorporated Organisation number 1202475). Our website is at ashrc.uk.

Introduction

Ashburton Repair Cafe (the CIO) holds data on persons. It is appropriate and necessary to have a policy in place to govern the safe retention of that data. Ensuring that the personal data that the CIO holds about its trustees, volunteers, customers and other stakeholders is managed and processed appropriately is a legal responsibility.

Specifically, this policy sets out the CIO's commitment to handling personal data in accordance with the Data Protection Act 2018 (the Act) and the General Data Protection Regulations (GDPR).

The Information Commissioner's Office (ICO) is the UK's supervisory authority. Their website, https://ico.org.uk/, contains useful information about data protection and this policy has been drafted in accordance with that guidance.

Scope and Responsibility

The trustees collectively have responsibility for ensuring compliance with the Data Protection Act 2018 and the GDPR for the CIO. Anyone who is uncertain of their responsibilities should, in the first instance, consult the Data Protection Officer.

Data Protection Principles

The GDPR are underpinned by six principles which govern how the CIO must process personal data:

GDPR PrincipleWhat this means
Lawful, fair and transparentData collection must be fair, for a legal purpose and we must be open and transparent as to how the data will be used.
Purpose limitationData must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Data minimisationData must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
AccuracyData must be accurate and, where necessary, kept up to date.
Storage limitationData must be kept in a form which permits identification of data subjects for no longer than is necessary.
Integrity and confidentialityData must be processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing.

Cookies

This website uses cookies to manage your login session and preferences. Login cookies last for up to two days; if you select "Remember Me" your login will persist for two weeks. No advertising or third-party tracking cookies are used.

What data we collect

When you book a repair or register as a customer, we collect your name, email address, telephone number and town. We use this to manage your repair and to contact you about it. We do not share this data with third parties except where required by law.

If you complete a Gift Aid declaration, we also retain your address as required by HMRC.

Your rights

You have the right to request an export of the personal data we hold about you, and to request that we erase it. To do so, please contact us.

Contact

For data protection queries, please contact us at [email protected].