- Consent Privacy Notice
- Data Privacy Notice
- GDPR Lawful Basis
- Short Form Privacy Notice
- Fees & Subscriptions
- Safeguarding Outline
- BRF Outline
THE TRURO DIOCESAN GUILD OF RINGERS
The purpose of collecting your name, your role in the Guild, email address and telephone number is to display them on the Guild web site in order to enable contact to be made by anyone wishing to do so having visited the web site.
The legal basis for doing this rests upon you consenting to this.
Your data will be available to any who cares to access the web site however, beyond this TDGR does not share your information with any other person or party.
TDGR intends to build a new web site. Once that has “gone live” your data will be obscured behind a contact form. This should happen in the next three months.
You have the right to withdraw your consent at any time. Please advise the Guild Secretary.
You are not under any obligation to provide the data therefore there are no consequences should you chose not to do so.
Please retain a copy of this notice.
Please respond to the email to which this notice is attached with a sentence indicating your consent or otherwise to the use of your data on the web site as set out above.
DATA PRIVACY NOTICE
We are providing this notice as required by the General Data Protection Rules.
- Your personal data – this is information which you give us which identifies you.
- The TDGR data controllers are – the trustees of the Guild at any time and they are
President, Secretary and Treasurer. They may be contacted by emailing
Annie Holland 01872552407
Robert Perry 01872277117
to be advised
Our data processors those persons who have access to your information because
they collect it, store it electronically and/or can use it. Those persons are the web
master, Phil Tremain, email@example.com, Annie Holland who has
moderator access to the TDGR list; the Guild secretary who has the paper returns
from the districts and the District secretaries who hold the paper returns from the
- What information do we collect? – We collect as little information as possible from
you by way of the annual “tower returns” which your tower secretary completes. We
collect your name under the tower(s) at which you ring. If you are a tower captain or
tower contact/secretary we also collect your address and contact details. The same
information is collected for those under 18. We ask for your email address and
where given, add it to the TDGR-List as indicated on the “tower returns”.
- What we do with your information (how we process it) – Even though we collect
very little of your personal information we comply with data protection regulations by
keeping it up to date (annual basis as above), by restricting the number of persons
who have access to it; by not sharing it with anyone except for the purposes for
which it was provided and by protecting it from loss, misuse or accidental disclosure
by using passwords and secure environments.
- What we use it for – tower captains and tower contacts/secretaries have provided
their names and contact details to be available on the TDGR website. All other
names are available in printed form in the annual Guild Report and Year Book. We
also use this information to manage membership records and to maintain our
account and records including the processing of gift aid monies.
- The TDGR-List – this is a mass email list to which you subscribe and may
unsubscribe at will. It is not shared outside of the Guild. It is used by Guild Officers
and List subscribers to advise you of activities or events within the Guild.
- The legal basis for processing your personal data is – that it is necessary for
TDGR to pursue its legitimate interests and those interests are not overridden by
your interests in having your data protected.
We have conducted the “Legitimate Interests Assessment” in which TDGR interests
are considered in the wider context of the benefit to both TDGR and society. Of
course each of us are members therefore we have also considered the collective
We have considered whether the small amount of identifying information we collect
is necessary for us to pursue the legitimate interests of the Guild and conclude that
We have balanced the two, considered whether we need consent for the purpose to
which we put your data and have concluded that we do not principally because you
know the purposes to which we put your data (see 5 above). We conclude the
proper legal basis is that of “legitimate interest”.
- Sharing your personal data – we do not at and will not do that save as set out
- We keep records for the purposes in 5 above which include membership
administration. Where your name appears in other records, eg. ringing
performances you will have provided it for that purpose.
- Your rights and your personal data – unless an exemption applies under the law
you have the following rights with respect to your personal data –
- you may request a copy of your personal data which TDGR holds
- if you find the information we hold is inaccurate or out of date you may ask us to
- correct it and/or not to use it until it is agreed to be accurate
- when TDGR no longer needs to keep your data we will erase it although you may
- also ask us to do this
- where you have provided your name and contact details as a tower contact you
- may change your mind about this and tell us
- you may object to the way we process your information
- you may complain to the Information Commissioner’s Office
- Changes – we will tell you before we change the ways in which we use your data
and ask for permission first if necessary.
- Contacts – you should contact the Secretary, Robert Perry in the first instance.
Email and telephone contacts are set out above.
Annie Holland, President TDGR
1st January 2018.
General Data Protection Regulations – An opinion
These regulations abbreviated to GDPR are in force now and have to be applied from 28.5.2018 when the 2 year implementation period ends. They will replace all previous data protection law. Their introduction was heavily championed in Europe by one of our MEPs. Very simply, they are designed to protect the individual’s interests in the legitimate use of any information collected by an organisation which is likely to identify that individual. Images are data.
At the “lowest” level of collection ie. data processing, are organisations such as TDGR because what we collect is extremely limited and it is shared in few and limited ways and in ways which I believe our members expect. An example of a more significant level are insurance companies who collect sensitive information and want to share it with those companies with whom they have commercial interests. We are all aware of the significant data breaches which have taken place in the recent past eg. Yahoo mail, Nat West bank
It’s not new and TDGR should have been complying with the law well before now. The Guild now has to play catch up very quickly. That TDGR is very unlikely to fall foul of data protection law is not a reason for not complying with the law. An awful lot of laptops and data “sticks” get left on trains or lost.
Without discussing the criteria, paragraph 14 of the ICO’s guidance on fines is clear that fines may be imposed on any data controller for any “serious contravention”. In this instance the trustees of the Guild are the data controllers and the web master and/or report editor are the processors assisted by district and tower secretaries. Needless to say, the controllers are responsible for the processors. Whether the Guild should underwrite incompetence and ignorance by its trustees is not a debate that should ever happen.
In my opinion, we have to get a grip of our responsibilities immediately and
- identify all places where data is kept and by whom
- require it to be kept under encryption
- consider when it should be deleted ie. once we have the new web site do we delete the “old” database spreadsheet and the digital material kept by the former report editor?
- decide upon what legal basis we collect data
- draw up a “privacy notice” and circulate it to all members
- decide how to proceed (1,4 & 5 are in hand)
THE LEGAL BASIS FOR PROCESSING DATA
Article 6 GDPR provides 6 bases of equal value. A6(1)(a) and A6(1)(f) may be applied to TDGR viz. consent to data collection the uses of which must be clearly and individually consented to and “legitimate interest”. I have read A6 and many of the others; the ICO’s guidance on A6(1)(f) and A29 Data Protection Working Party Opinion 06/2014 on the notion of the legitimate interests of the data controller under Article 7 of Directive 95/46EC (adopted 9.4.2014).
I am of the opinion that TDGR may properly use A6(1)(f) as its lawful basis for collecting data. As required, and prior to drafting the “privacy notice” I will set out the process which led me to this opinion. If accepted by my fellow trustees (and perhaps adopted by standing committee – a matter for discussion by the trustees as data controllers) it demonstrates our accountability for our decision under the GDPR.
The Process – The Legitimate Interest Assessment (LIA)
A6(1)(f) “processing is necessary for the purposes of the legitimate interests pursued by the controller or third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where that subject is a child.”
Are we pursuing a legitimate interest, is the processing necessary for that purpose and do the individual’s interests override the legitimate interest?
TDGR is a church bell ringing guild composed of individuals members organised by tower allegiance. They ring church tower bells as a hobby and one which goes back some 400 years. There are no membership qualifications under the rules of the Guild however, in practice, members will be bell ringers who live nearest to the church under which they are listed as members.
TDGR is “managed” by 3 trustees, various officers with areas of individual responsibility or expertise and a standing committee.
Each year TDGR collects the names, addresses, telephone numbers and email addresses of those persons listed above together with the officers of each of the 4 districts and the tower captain and secretary of every affiliated tower in the Guild. The names of every member, child and adults are also collected. It may be the intention to collect email addresses in future. The treasurer holds banking details of those who pay by standing order/direct debits or who gift aid their subscription.
Those who provide their contact details do so knowing that they will be available to any who access the TDGR website and will be reproduced each year until now in a paper Report and Year Book. All names are then listed in that paper report under the tower at which they ring and as far as I am aware, all names are given knowing that they will appear in the Report and Year book a copy of which is available to each tower. Names may be repeated in the report under different sections and that also applies to those who provide contact details.
Legitimate Interest – this must mean not so much the specific purpose for which we collect data but more, what benefit does TDGR gain or more widely, society.
The benefit(s) to the Guild as a whole and to the individual is that each knows how many ringers there are; what their names are; where they are based ie. the tower at which they ring; where else they may ring; where officers are based; where ringers are “thin on the ground”; where young people are likely to be found and therefore welcome other young ringers; what ringing compositions they have been involved in and where; what towers are most used or active and many other very ringing specific information.
The Guild gains subscriptions which it uses to further the collective interest and to manage membership.
The wider public as well as the individual Guild member benefits because they can contact each other primarily to facilitate ringing or ringing interests. The wider public here are other ringers from all over the world but also the wider public who might search for any number of reasons. A lack of collection would result in ringers communicating the same information in an uncontrolled and haphazard way to the detriment of ringing and ringers.
Were this data not collected the benefits would be lost to the membership and the wider world of ringing which is a niche hobby of decreasing interest to the extent that the government has chosen to support it over the coming year. That indicates a level of importance assigned by government in recognising the value ringing offers to the country as a whole.
As regards the additional data processed by the treasurer, gift aid is a national benefit which is designed to help charities and the electronic payments by some provide for certainty of payment and receipt not only for TDGR but are utilised by everyone with a bank account.
As described above, data use is neither unethical or unlawful.
The necessity test – as described above, the collection or processing makes only the very minimum of personal information available and that of all the information collected only a few supply more than their name. As ringers enjoy and gain experience from ringing bells other than those upon which they have learnt to ring their interest amounts primarily to ease of communication with other ringers, towers and Guild officers. In my opinion there is no other way to go about it and only the barest detail is readily available to the wider ringing community which makes it unobtrusive. Additionally, this data is not actively shared other than by existing on the web site. It is certainly not shared for any marketing or commercial interest. Banking details are not shared and no one other than the treasurer has access to them.
The balancing test – At the risk of repetition, TDGR is a group of individuals, living in the same geographical area, sharing the same ancient hobby and interest in furthering their experience. The data collected is minimal and the individual knows what is collected and the use to which it is put and is available. To my knowledge, no one has ever objected. The reason why data processing is not based on “consent” is because of the logistics of gaining written consent from each ringer. Not every ringer rings each week, it cannot be acquired over the telephone or realistically by email and knowing our ringers, there are ` number of them who will object to signing consent whereas they have happily given it verbally every year often for many years. In this instance individuals would be alienated from a group which may have been an important part of their life for years. The adverse impact is not in my opinion in the collection but in not collecting and processing the minimal data.
Data available to the wider world including ringers could be further restricted in the event that all tower members are listed behind a member only tab on the web site which would be password protected.
We do process childrens’ data but only their names. In future we can ensure that we record a parents’ permission although I would be surprised were verbal permission not secured now. They are only identifiable as children if one knows that the reason why their names have an asterisk. This will not happen in future and then they will not be identified anymore than any vulnerable adult. In the latter instance, as we do not require data about vulnerabilities we cannot look at impact. The same opt out as now will continue hereafter viz. an individual can tell the person doing the initial processing that their name should not be included.
The ICO requires this LIA to be done; kept as part of our data controller responsibilities, to be reviewed and to form part of our privacy notice.
Annie Holland, TDGR President
December 20th. 2017
FEES AND SUBSCRIPTIONS
Annual Subscription: Adult £5.00
Annual Subscription: Minor FREE
Non Resident Life Member £5.00
Lapel Badges (see “Available from Guild Secretary”) £2.00
Guild Report (free to resident members) £2.00
Quarter Peal Fees per Rope – subject to review 2018
Peal Fees per Rope – Subject to review 2018
In 2016 there were significant changes in respect of Child Protection and Vulnerable Adults. Some towers may still not be compliant. It is the responsibility of the Incumbent and the PCC to ensure safeguarding in their church activities. Ringers will obviously wish to be helpful in this regard, if only for their own protection.
Tower Captains will need to familiarise themselves with the Guidance & Procedures of both the Central Council and the Church. Please note, these procedures are a requirement of the Church, supported by both the Diocese and Central Council so they must be followed.
Perhaps the most significant change was that anyone involved in directly caring for and/or teaching a child (a child is anyone under the age of 18) will be required to be DBS checked, whether they are supervised or not. This applies also for transporting children as part of a formal arrangement, irrespective of frequency. The same rules apply with vulnerable adults. Visiting tutors are required to show their DBS but visiting groups are responsible for their own checks. Although it is nowhere clearly stated, the implication of this is that other than in a one-off situation the presence of a parent is not sufficient and all tutors (but not helpers) need to be DBS checked. This procedure is now supposed to be fairly quick online and is free for volunteers.
It is a requirement of the Church that responsible posts, such as Tower Captain, have a proper job description, are recruited via a Confidential Declaration of suitability, that references and DBS checks are requested as appropriate and that Safeguarding training (only half a day) be undertaken and updated every 3 years.
Safeguarding Guidance should be available in all towers (ie printed off and on the notice board or similar) and, where children are expected, a signed attendance register kept.
This may all sound rather onerous but I don’t think it needs to be. The most important issue that needs addressing now is for anyone involved (or potentially involved) in the direct teaching or care of young people should be DBS checked and undergo some basic training. Even where there are no young ringers at present it is still recommended that TCs and their Deputies be DBS checked now in order to cover any eventuality, including the fact that adult vulnerability is not always obvious.
For local arrangements and the training program go to: http://www.trurodiocese.org.uk/about-us/safeguarding-children-and-vulnerable-adults/
Print off the Guidance from the CCCBR website and display it in the tower. Ask your Parish Safeguarding Officer to arrange any outstanding DBS checks, given the changes outlined above.
Where there are young ringers (or the potential for young ringers) the TC should book themselves in for Foundation & Leadership Training (now called C1 and C2) if required.
Any ringer doing hands on teaching needs to be DBS checked, C1 trained and supervised by the TC.
Initiate a signed register (this may need a tactful introduction).
Liaise with PCC over job description and recruitment procedures.
Ensure Risk Assessment is displayed in tower and reviewed annually.
Any queries to Parish Safeguarding Officers or the Guild via Mary Jones 01736 794750 and firstname.lastname@example.org NB this is the only email address that works. Please ignore any others in the Guild Handbook.
TDGR BELL RESTORATION FUND
One of the charitable aims of the Guild is promoting the installation, care, and restoration of rings of bells and their fittings. Since 1975 money has been raised to help any Parish within the Diocese with three or more bells hung for full circle ringing. The grant, along with practical support, aims to encourage Parishes with the restoration of bells so that they can be rung safely and easily. The trustees and members of the Standing Committee who administer the funds are aware that they are dealing with charitable money and have an obligation to see that it is spent wisely. They have therefore issued the following information:
GUIDELINES FOR APPLICANTS
Grants are awarded for work to bells, frames and fittings. Work to towers (except when linked to a bell project) is excluded.
Restoration work costing less than £1000 is not eligible for a grant.
The cost of professional fees (eg architect) is not grant eligible.
Other major grants, legacies and donations will be taken into account.
The Guild Bell Restoration Officer must be satisfied that the proposed work is necessary and will be the best solution.
The proposed work must be supported by the PCC.
A faculty, if necessary, for the proposed work should have been, or will be, obtained.
All work must be undertaken by a recognized bell hanging contractor.
Provision should be made for future regular maintenance.
Grant awards remain valid for two years and are subject to a satisfactory final inspection.
Initial enquiries should be made to the Bell Restoration Officer. Applications are considered by the Standing Committee which usually meets in January, June and November. Grants are paid directly to the PCC on satisfactory completion of the project.