top of page

Privacy Policy

​

Contents

1       Statement

2       Contents

3       Abbreviations

4       Principles of GDPR

5       Types of Data Processed

6       What we do with your Data

​

1   Statement

Lyndon Media (LM) needs to keep certain information on its employees, partners, contributors, volunteers and service users to carry out its day-to-day operations, to meet its objectives and to comply with legal obligations.

LM is committed to ensuring any personal data will be dealt with in line with obligations set out in the General Data Protection Regulation (GDPR) 2018.

To comply with the law, personal information will be collected and used fairly, stored safely and not disclosed to any other person unlawfully.

This Privacy Policy sets out how LM uses and protects any information that you give us when you use our website and any other means of communication such as our social media pages.

LM is committed to ensuring that privacy is protected. This policy covers all employed staff, partners, contributors, volunteers and users of LM’s services.

​

2 Abbreviations

DPA                       Data Protection Act 1998

GDPR                    General Data Protection Regulation 2018

ICO                         Information Commissioner’s Office

LM                          Lyndon Media CLG

 

3 Principles of GDPR

In line with the General Data Protection Regulation (GDPR) principles, anyone processing the personal data you supply to Lyndon Media (LM) will ensure all data is:

​

  • Processed lawfully, fairly and in a transparent manner in relation to individuals.

  • Collected for specified, explicit and legitimate purposes and not further processed in any manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.

  • Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

  • Accurate and where necessary, kept up to date; every reasonable step must be taken to ensure that personal data deemed to be inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.

  • Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals.

  • Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures in accordance with the rights of data subjects under the GDPR.

The definition of ‘Processing’ is obtaining, using, holding, amending, disclosing, destroying and deleting personal data. This includes paper based personal data as well as that kept on computer.

 

4 Types of Data Processed

LM processes the following personal information:

  • Name & Date of Birth

  • Addresses – both personal & professional

  • Email and Phone Numbers

  • Job Title (where relevant)

 

Users can be uniquely identified by this data and as such, it is treated as personal data as per the Information Commissioner’s Office (ICO) guidelines. This data is encrypted and stored securely, accessible only to the LM team.

We also collect the following data from our mailing list: 

  • First and Last Name 

  • Email 

  • Phone Number (optional)

Users can be uniquely identified by this data and as such, it is treated as personal data as per the ICO guidelines. This data is encrypted and stored securely, accessible only to the LM team. Individuals provide this data to us willingly although most data fields are mandatory. We provide a Privacy Statement which states that we handle their data in accordance with the General Data Protection Regulation, and that it will not be shared without their consent.

 

5 What we do with your Data

We collect and retain personal data from our employed staff, partners, contributors, volunteers and users of our services in order to better tailor our activities. 

As an organisation that seeks to engage the public in community-based activity, we use personal data to target geographical regions and specific demographic groups. This data will be kept for varying periods. 

We may also periodically send promotional emails about our activities and events, or other information which we think you may find interesting using the email address which you have provided if you have requested these  We may also use your information to contact you for market research purposes. We may contact you by email, phone or post. We may use the information to customise the website according to your interests.

 

6 Retention of your Data

We retain personal data supplied by LM employees indefinitely so long as they remain employees of LM. The GDPR sets no specific periods for retention of employees' personal data, but one of the key principles of the GDPR is that personal data should not be kept longer than is necessary for the purpose or purposes for which it is being processed. We therefore have the right to set our own retention periods, based on business needs, professional guidelines and statutory requirements.

Where the data is kept after the termination of employment for the purposes of defending possible tribunal and court claims, the time limits for bringing claims will inform the retention period. This data is encrypted and stored securely, accessible only to the LM team.

We retain the personal data supplied by partners, contributors, volunteers and service users for the duration of the specific activity or project for which the data was initially collected. Thereafter, all data will be destroyed in compliance with legal obligations, unless a need for the retention of the data is justifiable under the terms set out in the GDPR. This data is encrypted and stored securely, accessible only to the LM team.

​

We retain the data supplied by our mailing list indefinitely, although allow recipients the option to unsubscribe on each mailing. This data is encrypted and stored securely, accessible only to the LM team.

​

7 ICO Exemption

LM is a limited company and is registered with the ICO.

LM is committed to full compliance with the GDPR and understands best practice for managing information and for dealing with breaches.

​

8 Security of Your Personal Data

The General Data Protection Regulation requires us to process and store personal data securely. Our security measures ensure three things:

  • That data can only be accessed, altered and seen by the appropriate persons within the LM team.

  • That data is accurate and complete in relation to why we are processing it.

  • That data remains accessible, usable and recoverable if lost and altered.

Any personal data your supply to us is encrypted and stored securely, accessible only to the LM team. (Any payment transactions will be encrypted.)

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.

We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.

You may request details of personal information which we hold about you under the Data Protection Act 1998 (DPA) and the GDPR. If you would like a copy of the information held on you please email the address shown in section 10 of this document.

If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible, at the address specified in section 10 of this document. We will promptly correct any information found to be incorrect.

 

9 Links to other websites

Our website may contain links to other websites. However, you should note that we do not have control over these websites. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Privacy Policy.

We advise all visitors to exercise caution when using these websites and to look at the Privacy Policy applicable to each website in question.

 

10 Training

To ensure LM staff, contributors and volunteers are aware of their responsibilities in relation to those set out by the GDPR, awareness training will take the following forms:

 

  • On induction, all staff, contributors and volunteers will receive a copy of this policy and other relevant guidelines relating to the GDPR. Where appropriate, persons will be provided with security information (passwords, keys etc) and be required to acknowledge the importance of retaining privacy and security for files, documents, computer systems etc.

  • General training/ awareness raising - all staff, contributors and volunteers will where appropriate, receive bi-annual reminders and/or updates relating to the GDPR.

 

11 Right of Access

LM is committed to full compliance with the requirements of the GDPR. It is also committed to its staff, partners, contributors, volunteers and service users and their rights with regards to their personal data.

As per the GDPR, the subjects of our data (hereby, ‘data subjects’) have the following rights:

 

  • The right to be informed. All data subjects will be provided with a copy of our Privacy Policy and our Record of Processing Activity before agreeing to share their personal data when joining, either as a member or on our mailing list. Both of these resources will be available on our website. 

  • The right of access to personal information. All data subjects will be provided with an explanation of how we intend to process their data on joining. We will give all data subjects the right to access their personal data free-of-charge and will comply with any request within one month of receipt. 

  • The right to request rectification. We give all data subjects the right to rectify their own data. They may also request the LM team to do this on their behalf. We will comply with any request within one month of receipt. 

  • The right to be forgotten. All data subjects have the right to be forgotten, if they cease to be employed and/or engaged by LM, if they rescind their partner, contributor or volunteer status, or if they choose to unsubscribe from our mailing list.

  • The right to restrict processing in certain circumstances. In some cases, we will share the following personal data with partners who will use the data for collaboration on projects, or for direct marketing: 

    • First and Last Name 

    • Email 

    • Phone Number 

In the case of direct marketing, data subjects choose to give their consent for this when they formally agree to engage with LM. We will always seek consent of the data subject via email when sharing information not for active marketing. Data subjects are allowed to restrict this processing of data where they feel it is inaccurate, or if they object to the basis on which we are processing it. 

 

  • The right to data portability. Data will be saved in a structured, commonly used and machine-readable format. We are able to send this to the individual, or to any organisation that they require. We use secure file transfer software to ensure the security of this data when transferring outside of the LM team. We will comply with any request to transfer data free-of-charge and within one month. 

  • The right to object to processing. All data subjects have the right to object to their data being used for direct marketing or being shared amongst partners. This right to object is provided to data subjects when they first engage formally with LM or as subscribers to our mailing list. Data subjects are able to object to this direct marketing from partners when they engage formally with LM, and subscribers are able to unsubscribe from our mailing list any time.

 

12 Review

This policy will be reviewed annually to ensure it remains up to date and compliant with the law. It will be reviewed next in October 2023.

 

13 Contact

Any questions with regards to this policy or your personal data in relation to it, please email LM at: info@lyndonmedia.co.uk

bottom of page