Skip to main content

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the GDPR).

Who are ‘we’?

The Life Project Administrator is the ‘data controller’ (contact details below). This means they, in consultation with the Operations Director, decide how your personal data is processed and for what purposes.

How do we process your personal data?

The Life Project (Bath) complies with its obligations under the GDPR by keeping personal data up to date, by storing and destroying it securely, by not collecting or retaining excessive amounts of data, by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We use your personal data for the following purposes: –

  • To enable us to provide appropriate activities for the benefit of our service users as specified in the Life Project’s charitable objectives
  • To fundraise and promote the interests of the Life project
  • To manage our employees and volunteers
  • To pay our employees and contractors
  • To maintain our own accounts and records
  • To administer membership and supporter records
  • To operate the Life Project’s web site and social media accounts
  • To inform individuals of news, events, activities or services run by the Life Project
  • To process donations and gift aid applications made to the charity
  • To contact individuals via surveys to conduct research about their opinions of current services

What is the legal basis for processing your personal data?

The processing of personal data is governed by the General Data Protection Regulation 2016/679. The following reasons are why the life project may process your data:

  • Processing is by explicit consent of the data subject (so we can tell you about events, news and services). On-line or paper consent will be sought as required
  • Processing is necessary for carrying out obligations under employment, social security or social protection law
  • Processing is necessary to protect the vital interests of a data subject or another individual where the data subject is physically or legally incapable of giving consent
  • Processing with regard to religious belief is carried out by the Life Project in relation to employees (and prospective employees) where it is a ‘general occupational requirement’ of the specific post
  • Processing relates to personal data manifestly made public by the data subject
  • Processing is necessary for the establishment, exercise or defence of legal claims or where courts are acting in their judicial capacity
  • Processing is necessary for reasons of preventative or occupational medicine, the provision of health or social care or treatment or management of health or social care systems and services on the basis of EU or Member State law or a contract with a health professional
  • Sharing your personal data

Your personal data will be treated as strictly confidential and will be shared only with staff of the Life Project who manage the function you are engaged with, i.e. managers and project coordinators (for users of LP services and activities), administrative staff (for communications about news and events), and the Treasurer or Payroll Administrator (for donors and/or employees).

We will only share your data with third parties outside of the Life Project with your consent.

How long do we keep your personal data?

We keep your personal data for no longer than reasonably necessary. This may be in line with statutory requirements (e.g. for tax purposes), in case of any legal claims/complaints or for safeguarding purposes.

Your rights and your personal data

Unless subject to an exemption (under the GDPR), you have the following rights with respect to your personal data:

  • To be informed about the collection and use of your personal data
  • To request a copy of your personal data which the data controller holds about you
  • To request that any personal data is corrected if it is found to be inaccurate or out of date
  • To request your personal data is erased where it is no longer necessary for the data to be retained
  • To withdraw your consent to the processing at any time (i.e. where explicit consent has been relied upon as a processing condition)
  • To request that you be provided with your personal data and where possible, to transmit that data directly to another data controller (known as the right to data portability)
  • Where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing
  • To object to the processing of personal data (where applicable)
  • To lodge a complaint with the Information Commissioners Office

About cookies

  • A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
  • Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
  • Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

Cookies that we use

  • We use cookies for the following purposes:
    • (a)    security – we use cookies as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally;
    • (b)    analysis – we use cookies to help us to analyse the use and performance of our website and services; and
    • (c)    cookie consent – we use cookies to store your preferences in relation to the use of cookies more generally.

Cookies used by our service providers

  • Our service providers use cookies and those cookies may be stored on your computer when you visit our website.
  • We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at: https://www.google.com/policies/privacy/.

Managing cookies

  • Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
    • (a)    https://support.google.com/chrome/answer/95647?hl=en (Chrome);
    • (b)    https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
    • (c)    http://www.opera.com/help/tutorials/security/cookies/ (Opera);
    • (d)    https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
    • (e)    https://support.apple.com/kb/PH21411 (Safari); and
    • (f)    https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).
  • Blocking all cookies will have a negative impact upon the usability of many websites.
  • If you block cookies, you will not be able to use all the features on our website.

Data Controller:

Rich Blake-Lobb, CEO, Life Project (Bath), Email: ceo@lifeprojectbath.org.uk.