Data Protection Policy

Shannon Trust is committed to protecting the privacy of all the personal information provided to our supporters, volunteers and staff members. This policy explains how we collect, use and store the personal information provided to us.

1 Introduction

Shannon Trust commits to abide by the Data Protection Act 1998 in all areas of it’s operation. All members of staff and volunteers are expected to work within this legislation, and this policy sets our in detail the procedures in place to ensure that personal data relating to supporters, donors, volunteers, Toe by Toe facilitators, Prisoners & Ex-offenders is treated in an appropriate way.

Employees, Volunteers and Trustees will be informed about data protection issues during their induction period. Compliance with this policy is a condition of employment and volunteering with Shannon Trust.

The policy applies to all employees, volunteers and members of the Board of Trustees.

2 Definition of Terms

Listed below are the definitions of key terms as they are used in this policy

2.1 The Act

The Data Protection Act 1998

2.2 Data Controller

A person, who either alone or jointly or in common with other persons, determines the purposes for which personal data is to be processed and the manner of in which it is processed. The Data Controller for Shannon Trust is the CEO.

2.3 Data Processor

Any person (other than an employee of the data controller), who processes the data on behalf of the data controller. This includes for example consultants and fundraising agencies.

2.4 Data Protection Officer

The day to day contact who deals with data protection queries. The Data Protection Officer for Shannon Trust is the Office Manager.

2.5 Data Subject

The identifiable living person to whom personal data relates

2.6 Personal Data

Data, whether facts or opinions, which relate to a living individual who can be identified either from data or from the data in combination with other information in the possession of, likely to come into the possession of, the Data Controller.

2.7 Processing

Any operation or set of operations carried out on personal data. This includes obtaining, recording, holding, organising, adapting, altering, retrieving, consulting, disclosing (by transmission, dissemination, or otherwise making available), and analysing, aligning, combining, blocking, erasing or destroying the data.

2.8 Relevant Filing System

The Data Protection Act 1998 covers all data held within a relevant filing system. This includes any set of information relating to individuals that is structured, either by reference to individuals or by reference to criteria relating to individuals, in such a way that specific information relating to a particular individual is readily accessible. This includes application forms and other papers stored in a manager’s desk.

2.9 Sensitive Personal Data

Data relating to racial or ethnic origin, political opinions, religious or other beliefs, trade union membership, health, sex life, criminal proceedings or convictions.

2.10 Employees

Individuals in paid employment with Shannon Trust working under a short term or permanent contract with Shannon Trust or under contract with a consulting or staffing agency.

2.11 Supporter

Any person other than a volunteer who, individually or in conjunction with others, provides monetary or non-monetary support to Shannon Trust and the Toe by Toe Reading Plan

2.12 Volunteer

Any individual working on behalf of Shannon Trust who is not receiving direct remuneration and whose role within the organisation may enable them to access or process personal data held by Shannon Trust.

2.13 Facilitator

Any individual based within the Secure Estate providing support to the Toe by Toe Reading plan and whose role may enable them to access or process personal data held by Shannon Trust

2.14 Prisoner or Ex-offender

Any individual currently serving or having served a custodial sentence and who may have provided Shannon Trust employees and volunteers with personal information or sensitive personal information

3 The conditions for Processing Personal Data (Excluding Sensitive Personal Data)

Personal data must be processed fairly and lawfully by staff and volunteers. Particularly, it must not be processed unless at least one of the following conditions has been met:

3.1 The data subject has given his or her consent to the processing.

Data subjects should therefore be made aware of the purposes for which their data will be used and should be advised who to contact if they wish to discuss the processing of their data. This should be done at the earliest opportunity after personal data that is not generally in the public domain is obtained about the data subject. The following procedures apply:

3.1.1 Supporters and individual donors:

A copy of the Data Protection Notice for Supporter and Individual Donors should be provided (Appendix A). Where it is not practical to send the complete statement – for example on receipt of a one-off donation – the supporter or donor should be advised that we will not pass on their details to third parties. They should be advised that we will retain their details to allow Shannon Trust to meets it’s legal obligations and that we may contact them in future to update them about the work of Shannon Trust and progress of the Toe by Toe Reading plan unless they request otherwise.

3.1.2 Potential volunteers

Individuals who express an interest in volunteering with Shannon Trust will be provided with a copy of the Data Protection Notice for Potential Volunteers (Appendix B). This will be provided as part of our Volunteers Application Pack.

3.1.3 Prospective employees

Individuals who express an interest in employment with Shannon Trust will be provided with a copy of the Data Protection Notice for Prospective Employees (Appendix C). This will be provided as part of our recruitment packs.

3.1.4 Employees

Current members of staff will be provided with a copy of the Data Protection Notice for Staff (Appendix D) and a copy of the Data Security Policy for Staff.

All new staff will be provided with copies of the Data Protection Notice for Staff and the Data Security Policy for Staff.

3.1.5 Volunteers

All current volunteers will be provided with a copy of the Data Protection Notice for Volunteers (Appendix E) and a copy of the Data Security Policy for Volunteers and Trustees (Appendix H).

All new volunteers will be provided with copies of the Data Protection Notice for Volunteers and the Data Security Policy. Our Volunteer Agreement makes specific reference to these documents and by signing the agreement, volunteers are agreeing to the terms of these documents. The Volunteers’ Agreement also requests consent from the volunteer for Shannon Trust to share personal information with relevant staff, volunteers, prison staff and Trustees.

3.1.6 Facilitators and Prison Staff

All current facilitators and prison staff involved in support the Toe by Toe Reading plan will be provided with a copy of the Data Protection Notice for Facilitators and Prison Staff (Appendix F). As part of this distribution they will be asked to consent to their personal information being shared with relevant staff, volunteers and Trustees.

All new facilitators will be provided with copies of the Data Protection Notice for Facilitators and Prison Staff and will be asked to provide consent to for Shannon Trust to share personal information with relevant staff, volunteers and Trustees.

3.1.7 People in Prison and Ex-offenders

Prisoners and ex-offenders who contact Shannon Trust for advice and guidance should be provided with a copy of the Data Protection Notice for People in Prison and Ex-offenders. Where it is not practical to provide a full copy of the statement, the prisoner or ex-offender should be advised that we will not share their personal information.

3.2 The processing is necessary for a performance of a contract

This covers the processing of employee data and covers the processing of supporter data that is required for the fulfilment of financial transactions associated with their support of Shannon Trust.

3.3 The processing is necessary to comply with a legal obligation other than an obligation imposed by a contract.

This covers statutory obligations in respect of employee information that must be shared with HMRC and other government bodies.

3.4 The processing is necessary for the data controller’s legitimate interests.

Personal information will only be used by Shannon Trust to deliver the trust’s aims. For example, email contact addresses will only be used to communicate information relating to the development and progress of the Reading Plan for example newsletters, eUpdates and resource orders.

4. Processing of Sensitive Personal Data

4.1

In accordance with the Act, sensitive personal data must only be processed if one of the conditions listed in section 3 has been met and one of the following conditions has also been met:

4.1.1 The data subject has given his or her explicit consent to the processing

This means that wherever possible, when sensitive personal data is obtained the data subjects agreement to the processing of this data must be obtained and a record made of his consent.

4.1.2 The processing is necessary for the purposes of exercising statutory functions

This covers processing related, for example, to the administration of maternity pay. Wherever possible condition 4.1.1 should also be met.

4.1.3 The processing is performed under a legal obligation in connection with employment. Wherever possible condition 4.1.1 should also be met.

4.2

Ethnic Origin information is requested from prospective employees and volunteers. All such information will be treated as confidential and will be recorded anonymously for monitoring purposes only. On receipt of an application, the Equal Opportunity Monitoring form will be separated from the application form and stored separately to all other application information. This information will be used to assess the diversity of staff and volunteers and to inform decisions required to support the trust’s Equal Opportunity Policy.

4.3

Monitoring and evaluation data, including monthly statistical returns and reports must preserve the identity of prisoners and ex-offenders. Data which can identify individuals must not be taken away from prisons. Personal data provided by prisoners and ex-offenders for evaluation reports will be subject to separate conditions governing the specific evaluation process and will be used in a way which preserves anonymity.

4.4

Correspondence from and to prisoners will be stored securely. Information provided to Shannon Trust regarding offences will not be recorded or used in any way other than that outlined in section 5.5.

4.5

Testimonials, feedback and quotes provided by prisoners and ex-offenders to Shannon Trust are used in a way that does not identify individuals unless Shannon Trust has specific permission from an individual to do so. If a prisoner or ex-offenders wishes to withdraw permission for use of a testimonial that identifies them, they should contact the Data Controller.

5 The Purposes for which Personal Data Will Be Used

Personal data should be processed only in a manner compatible with one or more specified and lawful purposes. The purposes for which personal data held by Shannon Trust are listed below. No employee, volunteer or Trustee should process personal data for any other purpose.

5.1 Supporters

  • 5.1.1 To correspond with the supporter about ways in which they support Shannon Trust.
  • 5.1.2 To contact the support by post, telephone or email with feedback and information about Shannon Trust’s activities and campaigns.
  • 5.1.3 To help administer the ways they support Shannon Trust.
  • 5.1.4 For research to enable us to review, develop and improve our activities and services we offer to supporters.
  • 5.1.5 To enable us to meet our legal obligations relating to recording contributions and administering Gift Aid Declarations and Deeds of Covenant.

5.2 Employees

  • 5.2.1 Monitoring of the recruitment process from enquiry to appointment
  • 5.2.2 Administration and payment of expenses and salaries
  • 5.2.3 Training and development
  • 5.2.4 Consulting or communication
  • 5.2.5 Compliance with Shannon Trust’s policies
  • 5.2.6 Compliance with legislation in relation to health & safety
  • 5.2.7 Analysis for management purposes
  • 5.2.8 Statutory returns

5.3 Volunteers

  • 5.3.1 Monitoring of the recruitment process from enquiry to appointment
  • 5.3.2 Administration and payment of expenses
  • 5.3.3 Training and development
  • 5.3.4 Consulting or communication
  • 5.3.5 Compliance with Shannon Trust’s policies
  • 5.3.6 Compliance with legislation in relation to health & safety
  • 5.3.7 Analysis for management purposes
  • 5.3.8 Statutory returns

5.4 Facilitators & Prison Staff

  • 5.4.1 Consulting or communication
  • 5.4.2 Facilitator training and development
  • 5.4.3 Analysis for management purposes
  • 5.4.4 Administration and payment of expenses
  • 5.4.5 Compliance with Shannon Trust’s policies

5.5 Prisoners & Ex-offenders

  • 5.5.1 Responding to letters
  • 5.5.2 Putting prisoners in touch with Toe by Toe Facilitators
  • 5.5.3 Advising Toe by Toe Facilitators of prisoner transfers to their prisons
  • 5.5.4 Publicising the Toe by Toe Reading Plan

6 Personal data held

Shannon Trust will collect the following personal:

6.1 Supporters

  • 6.1.2 Address
  • 6.1.3 Email address
  • 6.1.4 Telephone number
  • 6.1.5 Gift Aid Declarations
  • 6.1.6 Deed of Covent Information

6.2 Employees

  • 6.2.1 Personal Identifiers e.g. payroll number
  • 6.2.2 Personal details (name, address, telephone number, email address)
  • 6.2.3 Immigration status
  • 6.2.4 Information provided on job application forms e.g. academic record; qualification & skills, membership of professional bodies
  • 6.2.5 References obtained as part of the recruitment process
  • 6.2.6 Current employment (e.g. positions held with Shannon Trust)
  • 6.2.7 Information relating to salary, benefits and deductions
  • 6.2.8 Annual leave and sickness records e.g. how much and when
  • 6.2.9 Medical information
  • 6.3.0 End of employment details
  • 6.3.1 Career history / work record
  • 6.3.2 Health & Safety record
  • 6.3.3 Performance appraisal information, probation and other performance documentation
  • 6.3.4 Training Records
  • 6.3.5 Disabilities
  • 6.3.6 Ethnic origin, age range & gender (held anonymously and separately from your volunteer file)
  • 6.3.7 CRB checks and / or Vetting & Barring Scheme checks
  • 6.3.8 Next of kin records
  • 6.3.9 Home-worker audits
  • 6.4.0 Bank account details
  • 6.4.1 Expenses claims

6.5 Volunteers

  • 6.5.1 Personal details (name, address, telephone number, email address)
  • 6.5.2 Information provided on the volunteer application forms e.g. academic record; qualification & skills, membership of professional bodies
  • 6.5.3 References obtained as part of the recruitment process
  • 6.5.4 Shannon Trust training records
  • 6.5.5 CRB and / or Vetting & Barring Scheme Checks
  • 6.5.6 Individual prison security clearances
  • 6.5.7 Bank account details (for payment of expenses)
  • 6.5.8 Expenses claim forms
  • 6.5.9 Ethnic origin, age range & gender (held anonymously and separately from your volunteer file)

6.6 Facilitators & Prison Staff

  • 6.6.1 Name
  • 6.6.2 Job Role
  • 6.6.3 Workplace telephone number
  • 6.6.4 Workplace address
  • 6.6.5 Email address
  • 6.6.6 Shannon Trust training records
  • 6.6.6 Bank account details (for payment of expenses)
  • 6.6.7 Expenses claims

6.7 Prisoners & Ex-offenders

  • 6.7.1 Name
  • 6.7.2 Address
  • 6.7.3 Prison Number (if provided)
  • 6.7.4 Testimonials and feedback

7 Accuracy of Personal Data

The following procedures should be followed to ensure that all personal data kept is accurate and up–to-date:

7.1

Any inaccuracy in personal data brought to the attention of an employee or volunteer should be notified as soon as possible to an appropriate member of staff or volunteer who will correct the data. Corrections will be made to the contacts Database, MS Outlook distribution lists and contact lists held in the relevant area of the Shannon Trust website.

7.2

Employees must notify their line manager or the CEO as soon as possible of any change in their personal details; this is to allow Shannon Trust to be able to contact the employee or in the case of an emergency another designated persons.

7.3

The data controller will conduct a yearly audit of all personal data held in manual records or on our computerised record system to ensure the data held is accurate.

7 Retention of Personal Data

Personal data should not be kept for longer than is necessary for the purposes outlined in section 5.

7.1 Duration of data retention

7.1.1 Supporters

Personal data will be retained for as long as it is relevant for the purposes listed under section 5.1. Personal data held for Friends of Shannon Trust will be held for as long as the individual remains a Friend of Shannon Trust. Information relating to donations, Gift Aid Declarations and Deeds of Covenant will be retained for as long as required Shannon Trust is legally required to do so. At present, this requirement is seven years.

7.1.2 Volunteers

Personal data will be kept for as long as an individual remains a Shannon Trust volunteer and for such reasonable time afterwards that it is necessary for us to meet our legal obligation. Contact details will be retained for one year from the date Shannon Trust is notified of a volunteer’s resignation to allow Shannon Trust to make contact with the volunteer should there be a need to clarify or confirm issues relating to the volunteering activities of the individual. In the case of financial records relating to payment of expenses data will be kept for seven years.

Application forms for prospective volunteers will be kept for a maximum of 14 months and will be used solely for monitoring purposes.

7.1.3 Employees

Personal data will be held for the duration of employment and for one year following termination of employment unless there is a legal requirement to retain the data for longer for example payroll data or data relating to accidents or injury at work. A summary employment record will be kept for 10 years from the end of employment.

Application forms for unsuccessful candidates will be held for one year.

7.1.4 Facilitators & Prison Staff

Personal data will be kept for as long as an individual remains a Toe by Toe Facilitator or for as long as their job role involves support to the Toe by Toe Reading Plan and for such reasonable time afterwards that it is necessary for us to meet our legal obligation. Contact details will be retained for one year from the date Shannon Trust is notified of an individual ceasing to be a facilitator or a change in job role to allow Shannon Trust to make contact should there be a need to clarify or confirm issues. In the case of financial records relating to payment of expenses data will be kept for seven years.

7.1.5 Prisoners & Ex-offenders

Personal data will be kept for a year. Information provided as part of testimonials will be subject to specific permission and retention agreements.

8 Access to Personal Data (Subject Access Requests)

Supporters, employees, volunteers, trustees, facilitators, prison staff, prisoners and ex-offenders have the right to access personal data held about them by Shannon Trust. This right to access covers both manual records and data held on computerised systems.

8.1

All requests should be forwarded to the Data Protection officer.

8.2

Only written requests will be complied with.

8.3

Information will be gathered from all relevant filing systems and computerised record and supplied in hard copy to the individual. The information supplied should also include an explanation of any codes or terms used.

9. Protecting Personal Data from Unauthorised or Unlawful Processing, Accidental Loss, Destruction Damage

Guidance on the security of personal data which has been disclosed to Shannon Trust employees, volunteers or Trustees is provided in the Data Security Policy for Employees (Appendix I) and Data Protection Security Policy for Volunteers and Trustees (Appendix H).

10. Disclosure of Personal Data

Personal data may only be disclosed outside of Shannon Trust employees, volunteers, supporters and Trustees with the individual’s written consent or where disclosure is required by law.

11 Transfer of Data

Personal data is not shared, rented or sold by Shannon Trust to any third party.

12 Date of Review

This policy will be reviewed annually. The date of the next review is June 2012.

Appendix E — Data Protection Notice for Volunteers

We value the crucial role our volunteers play in Shannon Trust’s work. We value the trust you place in us by giving us your contact details and any other personal information we need to carry out our work. It’s our wish, as well as a legal requirement, to explain how we process information about our volunteers.

All personal data is treated with the appropriate levels of security and this page explains how we will and will not use any personal information you give us.

The main purpose in collecting personal information is to enable Shannon Trust to deliver and support The Toe by Toe Reading Plan. The purpose of this notice is to inform Volunteers of the type of information we hold, where this information is obtained, its purpose and how you may access such information. This covers general information as well as sensitive personal data which is held manually and in our computer systems.

Information collected

We hold a variety of information. This ranges from the paperwork you completed during the volunteer recruitment process, a copy of your volunteer agreement, CRB clearance (where requested) and other forms you may have signed during your induction with us. We will update this information throughout the time you volunteer with us.

A full list is

included below:

  • Personal details (e.g. name, address, telephone number(s) and email address(es)
  • Information provided on or with volunteer application forms e.g. academic record; qualifications & skills; membership of professional bodies
  • Training records
  • CRB and / or Vetting and Barring Scheme checks
  • Individual prison security checks (if made available)
  • Bank account details (for payment expenses)
  • Expenses claims
  • Ethnic origin, age range & gender (held anonymously and separately to your volunteer file)

How we will use your personal information

We will use the information we collect from you for the following purposes:

  • Monitoring of the volunteer recruitment process (from enquiry to appointment) Administration and payment of expenses
  • Volunteer training & development
  • Consulting or communicating
  • Audits and reviews
  • Compliance with legislation in relation to health, safety and other employment matters
  • Analysis for management purposes

Sharing your personal information

Shannon Trust only keeps information about you which is required for business or legal reasons. Information about you is not released to people outside the organisation unless you have given your written consent except where there is a legal requirement to do so. As part of our Volunteers Agreement we ask you to consent to your name, telephone number and email address being shared with other Shannon Trust volunteers, Trustees and Toe by Toe facilitators.

Exempt from the provision of the Data Protection Act 1998 is the provision of confidential references except where the consent of the person giving the reference has been given. References Shannon Trust request on you as part of the volunteer recruitment process are confidential and will not be shared with you.

We will not share your information with any third party.

Retention of your personal information

Your personal information will be kept for as long as you are a Shannon Trust volunteer and for such reasonable time afterwards that is necessary to meet our legal obligations. If you cease to be a volunteer, your contact details will be retained for one year from the date you notify us of your resignation. This is to allow us to contact you should we need to clarify or confirm any issues relating to the prison you were allocated to.

Accessing personal information

You have a right to review your volunteer file and request copies of information contained in it and of any information about you which is kept on computer. If you want to see your file, please contact David Ahern, CEO.

A full copy of our Data Protection policy is available online at www.shannontrust.org.uk or from:

The Data Controller Shannon Trust
2nd Floor
Royal London House
22-25 Finsbury Square London
EC2A 1DX 

Appendix F — Data Protection Notice for Facilitators & Prison Staff

We value the crucial role Toe by Toe facilitators and prison staff play in Shannon Trust’s work. We value the trust you place in us by giving us your contact details which we need to carry out our work. It’s our wish, as well as a legal requirement, to explain how we process information provided to us by Facilitators and Prison Staff.

All personal data is treated with the appropriate levels of security and this page explains how we will and will not use any personal information you give us.

The main purpose in collecting personal information is to enable Shannon Trust to deliver and support The Toe by Toe Reading Plan. The purpose of this notice is to inform Facilitators and Prison Staff of the type of information we hold, where this information is obtained, its purpose and how you may access such information. This covers general information which is held manually and in our computer systems.

Information collected

We hold the following information about Facilitators and Prison Staff:

  • Name
  • Job role
  • Telephone number
  • Email address
  • Training records
  • Bank account details (for on-line payment expenses)
  • Expenses claims

How we will use your personal information

We will use the information we collect from you for the following purposes:

  • Consulting or communicating
  • Facilitator training & development Analysis for management purposes Administration and payment of expenses Compliance with Shannon Trust policies

Sharing your personal information

Shannon Trust only keeps information about you which is required for business or legal reasons. Information about you is not released to people outside the organisation unless you have given your written consent except where there is a legal requirement to do so. As a facilitator or member of prison staff involved in the Toe by Toe Reading Plan, we ask you to consent to your name, telephone number and email address being shared with other Shannon Trust volunteers, Trustees and Toe by Toe facilitators.

We will not share your information with any third party.

Retention of your personal information

Your personal information will be kept for as long as you are a Toe by Toe Facilitator or your job role involves support of the Toe by Toe Reading Plan. If you cease to be a facilitator, your contact details will be retained for one year from the date you notify us of this change. This is to allow us to contact you should we need to clarify or confirm any issues relating to the Toe by Toe Reading Plan.

Accessing personal information

You have a right to review and request copies of information contained in it and of any information about you which is kept on computer. If you would like to access your information, please contact David Ahern, CEO.

A full copy of our Data Protection policy is available online at www.shannontrust.org.uk or from:

The Data Controller Shannon Trust
2nd Floor
Royal London House
22-25 Finsbury Square London
EC2A 1DX

Appendix H — Data Security Policy for Volunteers and Trustees

Shannon Trust has certain responsibilities as controllers of the personal data of volunteers, facilitators, supporters, prison staff, people in prison, ex-offenders and Shannon Trust staff members. Whilst this data is in our care, whether on registered premises or at outside locations, Shannon Trust must comply with the eight principles of the Data Protection Act 1998 and the Privacy & Electronic Communications (EC Directive) Regulations 2003.

As individuals we have concerns over the security of the personal data that other individuals and organisations have in their possession. Personal data is at risk of disclosure if the proper procedures are not in place. Unauthorised disclosure of personal information could have serious consequences for individuals whose data is disclosed and could lead to a loss of confidence in our people or our organisation. It may also lead to enforcement action by the Information Commissioners Office against Shannon Trust or individuals.

When supplying you with the data of volunteers, facilitators, supporters, prison staff, people in prison, ex-offenders and Shannon Trust staff members, Shannon Trust will provide you with guidelines on the uses to which this data may be put. We ask you to agree to these guidelines and to the security policy detailed in this document as part of our Volunteer Agreement.

Background

Personal data is described in the Data Protection Act 1998 as:

Data that relate to a living individual who can be identified

  • a) From those data, or
  • b) From those data and other information which is in the possession of, or is likely to come into the possession of the Data Controller

This includes data held on a compute or removable device and data held in manual form such as card indexes or printed lists of individual’s contact details. It also includes business data if there is a named contact.

Principle 7 of the Data Protection Act 1998 says that:

Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

Security of personal data in your care

The following policy gives guidance on the security of the personal data which has been disclosed to you by Shannon Trust whilst it remains in your possession.

Information you store on your computer

  1. If you store personal data on a computer at home or at your office, the files must be password protected to prevent unauthorised access, as must any removable media such as laptops, memory sticks, CDs or other portable devices.

  2. Personal data must not be displayed on computer screens where the information may be overlooked in your absence.

  3. Laptops, memory sticks, CDs or other portable hardware which may contain Shannon Trust data must not be left unattended in public places or in motor vehicles even if locked in the boot and even if the hardware belongs to you personally.

  4. Removable media should be stored separately from computers when not in use.

  5. Computers that contain Shannon Trust data are to be disposed of, personal data must be deleted before disposal.

Personal data held manually

  1. Unauthorised access to manual files such as cards indexes, or printed lists containing personal contact details, must be prevented by locking away such materials rather than leaving files on desks or tables.

  2. If paper on which Shannon Trust data are recorded needs to be disposed of, the papers must be disposed of manually, the best way is to shred it.

Sharing of personal data

  1. The data must not be released to any other party without the permission of The Data Protection Officer.

  2. Personal details should not be given out to anyone who enquires about another’s contact details. Rather, you should ask that person if they are willing contacted by the enquirer.

  3. Lists of attendees at events may include an individual’s name, job title, if relevant, and company name but should not include postal addresses, email addresses or telephone / mobile numbers.

  4. Personal data that could lead to the identification of a prisoner should never be taken away from a prison or shared outside a prison. Information about movements from one prison to another must be recorded by the Toe by Toe facilitator on the CNOMIS system. Any evaluation, monitoring or reporting compiled or shared by you must preserve prisoners’ anonymity and must not contain prisoner names or numbers. Where you wish to refer to a specific prisoner e.g. in monthly meeting minutes, it is acceptable to use the prisoners first name and or initials.

  5. Our aim is to obtain consent from all facilitators for their email contact addresses to be stored with other facilitators and prison representatives and for these to be made available in the secure area of the Shannon Trust website. Currently not all facilitators have signed consent for this therefore any group emails should be sent using the ‘BCC’ function.

When volunteering with Shannon Trust finishes

When you stop representing Shannon Trust you will be asked to confirm that all personal data disclosed to you as part of your role, has been disposed of securely.