Privacy Policy
Bristol Estate Certificate of Employers’ Liability Insurance
​
Bristol Estate Pets in the Community Centre Policy
​
Bristol Estate - HRMC - Statement of Financial Position
​
Hiring the Bristol Estate Community Centre Terms and Conditions
​
Definitions
​
-
Personal data is information about a person, which is identifiable as being about them. It can be stored electronically or on paper, and includes images and audio recordings as well as written information. 

-
Data protection is about how we, as an organisation, ensure we protect the rights and privacy of individuals, and comply with the law, when collecting, storing, using, amending, sharing, destroying or deleting personal data. 

2 Responsibility
-
Overall and final responsibility for data protection lies with the management committee, who are responsible for overseeing activities and ensuring this policy is upheld. 

-
All volunteers are responsible for observing this policy, and related procedures, in all areas of their work for the group. 

3 Overall policy statement
-
BELTA needs to keep personal data about its committee, members, volunteers and supporters in order to carry out-group activities. 

-
We will collect, store, use, amend, share, destroy or delete personal data only in ways which protect people’s privacy and comply with the General Data Protection Regulation (GDPR) and other relevant legislation. 

-
We will only collect, store and use the minimum amount of data that we need for clear purposes, and will not collect, store or use data we do not need. 

We will only collect, store and use data for: 

-
purposes for which the individual has given explicit consent, or
-
purposes that are in our our group’s legitimate interests, or 

-
contracts with the individual whose data it is, or 

-
to comply with legal obligations, or 

-
to protect someone’s life, or 

-
to perform public tasks. 

-
We will provide individuals with details of the data we have about them when 
requested by the relevant individual. 

-
We will delete data if requested by the relevant individual, unless we need to keep it for legal reasons. 

-
We will endeavor to keep personal data up-to-date and accurate. 

-
We will store personal data securely. 

-
We will keep clear records of the purposes of collecting and holding specific data, to ensure it is only used for these purposes. 

-
We will not share personal data with third parties without the explicit consent of the relevant individual, unless legally required to do so. 

-
We will endeavour not to have data breaches. In the event of a data breach, we will endeavour to rectify the breach by getting any lost or shared data back. We will evaluate our processes and understand how to avoid it happening again. Serious data breaches which may risk someone’s personal rights or freedoms will be reported to the Information Commissioner’s Office within 72 hours, and to the individual concerned. 

-
To uphold this policy, we will maintain a set of data protection procedures for our committee and volunteers to follow. 

4 Review
This policy will be reviewed every two years
Safety and Security
BELTA uses a Wix platform. Here's what WIX do to protect your information:
-
Wix contracts security consultants to ensure the security of our user information. They perform regular security audits and infiltration testing to maintain our ISO/PCI security certifications. Any issues that are reported to our security team or raised during security audits these are resolved as soon as possible.
-
Wix encrypts databases containing sensitive information, according to PCI standards, to add additional protection of personally identifiable information. Our encryption methods renders this information unreadable without a cryptographic key.
-
Wix has a multiple layer security architecture to help protect against 0-day security issues.
-
Wix's signup and login services are completed through a secure server. The information provided to Wix in the signup process is secured via HTTPS/ SSL communication.
-
Wix uses cryptography hash functions to protect your information. Your password is stored as a hash digest and, in the event of a security breach, your original password cannot be recovered from our servers.