The Game Change Project

Home About us What We Offer Case Studies Gallery News Frequently Asked Questions Compliments, Complaints and Concerns Contact Directions Policies

Data Protection Policy

Policy statement

The Game Change Project is committed to a policy of protecting the rights and privacy of individuals, volunteers, staff and service users in accordance with The Data Protection Act 2018. The policy applies to all participants, sponsors, volunteers, board members and staff.

As a matter of good practice, other organisations and individuals working with the project, and who have access to personal information, will be expected to have read and comply with this policy.

Legal Requirements

Data are protected by the Data Protection Act 2018. Its purpose is to protect the rights and privacy of individuals and to ensure that personal data are not processed without their knowledge, and, wherever possible, is processed with their consent.

The Act requires us to register the fact that we hold personal data and to acknowledge the right of ‘subject access’ – service users, volunteers and staff must have the right to copies of their own data.

Managing Data Protection

The Game Change Project is a not for profit organisation and as such is exempt from registration as a data controller with the Information Commissioner (ICO). We will comply with General Data Protection Regulations (GDPR) as set out below.

Purpose of data held by The Game Change Project

Data may be held by us for the following purposes:

  1. Staff administration
  2. Fundraising
  3. Realising the Objectives of a community interest company
  4. Accounts & Records
  5. Advertising, Marketing & Public Relations
  6. Journalism and Media
  7. Welfare and safeguarding of service users
  8. Research and evaluation 9. Volunteers

Data Protection Principles

In compliance with GDPR 2018, we determine the purpose for which, and the manner in which, any personal data are, or are to be, processed. We must ensure that we have:

1. Fairly and lawfully processed personal date

We will always put our logo on all paperwork, stating their intentions on processing the data and state if, and to whom, we intend to give the personal data. Also provide an indication of the duration the data will be kept.

2. Processed for limited purpose

We will not use data for a purpose other than those agreed by data subjects (service users, staff and others). If the data held by us are requested by external organisations for any reason, this will only be passed if data subjects agree. Also external organisations must state the purpose of processing, agree not to copy the data for further use.

3. Adequate, relevant and not excessive

The company will monitor the data held for our purposes, ensuring we hold neither too much nor too little data in respect of the individuals about whom the data are held. If data given or obtained are excessive for such purpose, they will be immediately deleted or destroyed.

4. Accurate and up-to-date

It is the responsibility of individuals and organisations to ensure the data held by us are accurate and up-to-date. Completion of an appropriate form( provided by us) will be taken as an indication that the data contained are accurate. Individuals should notify us of any changes, to enable personnel records to be updated accordingly.

5. Not kept longer than necessary

We discourage the retention of data for longer than it is required. All personal data will be deleted or destroyed by us after five years has elapsed.

6. Processed in accordance with the individual’s rights

All individuals that we hold data on have the right to:

  • Be informed upon the request of all the information held about them within 40 days.
  • Prevent the processing of their data for the purpose of direct marketing.
  • The removal and correction of any inaccurate data about them.

7. Secure

Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of data. Paper-based records and portable electronic devices, such as laptops and hard drives that contain personal data are kept under lock and key when not in use; Papers containing confidential personal data must not be left on desks, tables, pinned to notice/display boards, or left anywhere else where there is general access.

To be reviewed annually. Last review date 24th July 2023




Policies:

The Game Change Project Whistleblowing Policy

The purpose of this policy is to prevent malpractice by the organisation, its employees, agents and partners by advising staff how to raise concerns with the organisation’s management or, if necessary, with its auditors or sponsoring department.

Read More...

Safeguarding Policy

The Game Change Project CIC Safeguarding Policy

Read More...

Data Protection Policy

The Game Change Project is committed to a policy of protecting the rights and privacy of individuals, volunteers, staff and service users in accordance with The Data Protection Act 2018. The policy applies to all participants, sponsors, volunteers, board members and staff.

Read More...

Volunteer Policy

Volunteer Policy - This volunteer policy sets out the principles and practice by which we involve volunteers and is relevant to staff, volunteers and trustees within the organisation...

Read More...



The Game Change Project
The Game Change Project