Data Privacy statement (GDPR)
Sir Walter St. John’s Educational Charity (The Charity) is a registered grant making charity. Data provided to us will be used by the Manager of the Charity and the Trustees to process requests for grants in line with the Charity’s grant criteria so that it can meet its charitable objectives. The Charity may give copies of all or some of this information to individuals and organisations it consults with when assessing applications, administering the programme, monitoring grants and evaluating funding processes and impacts. These individuals and organisations may include accountants, external evaluators and other organisations or groups involved in delivering the programme.
By means of the grant application form we request individuals to positively give consent for us to hold their data; we explain why we need the data and what we will do with it.
Individuals can withdraw consent at any time and do so by notifying the Manager (we make this clear via our website and application forms). Individuals may also request that the Charity deletes information held about them by informing the Manager of their request.
The Charity will keep a record of when and how consent has been provided from an individual through their application form.
If an individual requests access to their personal data held by The Charity, they should make their request to the Manager of the Charity. Their request will be processed within one month of receipt (which may be extended by a further 2 months where requests are complex or numerous). If a request is manifestly unfounded or excessive The Charity may charge a reasonable fee taking into account the administrative costs of providing information, or The Charity may refuse the request but will explain why to the individual, informing them of their right to complain to the supervisory authority and to a judicial remedy without undue delay and at the latest within one month.
Individuals may challenge the accuracy of the information held about them and The Charity will correct this information as necessary.
SWSJ Charity will adhere to the Charity’s records management policies with regards to the length of time it holds files. The Charity will regularly review information to establish when it needs to identify and correct inaccurate records (removing irrelevant ones and updating out of date ones). The Chair of Trustees will be responsible for monitoring compliance of data policies and the results of this monitoring will be reported at Trustee meetings. The Charity mitigates identified information risks by ensuring that IT controls are in place and that physical information held is kept in a locked, secure place.
The Charity has a nominated Trustee who will implement periodic checks to ensure that appropriate technical and organisational measures ensure a level of security appropriate to risk. Staff are trained to recognise and report personal data breaches and will ensure that these are reported to the Chair of Trustees. The Charity monitors the type, volume and cost of incidents to identify trends and help prevent recurrences.
This privacy notice will be reviewed regularly (at least annually) to make sure that it remains accurate and up to date.
Registered Charity No. 312690