General Data Protection Regulation – Privacy Statement

Y Ganolfan Pentrefelin understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all and any personal data. Any personal data We do collect will only be used as permitted by law and is collected for the specific purpose of arranging contracts for the hire of the hall, meeting room and other facilities.

1. Definitions and interpretation

In this Statement, the following terms shall have the following meanings:

“personal data” means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. The definition shall, where applicable, incorporate the definitions provided in the General Data Protection Regulation (“GDPR”).

“We/Us/Our” means Y Ganolfan Pentrefelin.

2. What does this Statement Cover?

We have a number of lawful reasons that mean We can use (or/and ‘process’) your personal information. Our primary lawful reason is “Legitimate interest” meaning the interest of our business to provide products or services to you:

to meet any applicable legal or regulatory obligations:
We need this to comply with law enforcement and to manage legal claims,

to carry out other activities that are in the public interest:
for example, we may need to use personal information to carry out anti-money laundering checks.

3. Your Rights

3.1 As a data subject, you have the following rights under the GDPR, which this Statement and Our use of personal data have been designed to uphold, however We may not be able to delete data if there is a legal or regulatory requirement to keep it (please also refer to Section 5):

3.1.1 The right to be informed about Our collection and use of personal data;

3.1.2 The right of access to the personal data We hold about you;

3.1.3 The right to rectification if any personal data We hold about you is inaccurate or incomplete (please contact Us using the details in Section 8);

3.1.4 The right to be forgotten – i.e. the right to ask Us to delete any personal data We hold about you (We only hold your personal data for a limited time, as explained in Section 6 but if you would like Us to delete it sooner, please contact Us using the details in Section 8);

3.1.5 The right to restrict (i.e. prevent) the processing of your personal data;

3.1.6 The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);

3.1.7 The right to object to Us using your personal data for particular purposes;

3.1.8 Rights with respect to automated decision making and profiling.

3.2 If you have any cause for complaint about Our use of your personal data, please contact Us using the details provided in Section 8 and We will do Our best to solve the problem for you. If We are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.

3.3 For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.

4. What Data Do We Collect

If you send Us an e-mail, or call Us by telephone, We may collect or amend your details, for example your email address or telephone number, and any other information you choose to give Us that We may require in respect of your contract.

5.  How Do We Use Your Data?

5.1 We will act as a data controller for the majority of personal data use (in particular, where We determine the manner and purpose of that use for the provision of hire of the hall, meeting room and other facilities or services).

5.2 To meet any applicable legal or regulatory obligations:
We need this to meet compliance requirements with Our regulators (e.g. The Charity Commission), to comply with law enforcement and to manage legal claims.

5.3 To carry out other activities that are in the public interest:
for example, We may need to use personal information to carry out anti-money laundering checks.

5.4 We may share your personal information with regulatory bodies and law enforcement bodies, including the police, e.g. if We are required to do so to comply with a relevant legal or regulatory obligation.

6. How and Where Do We Store Your Data?

6.1 We only keep your personal data for as long as We need to under law, in order to use it as described, however (in the event that you make a request to do so) We may not be able to delete data if there is a legal or regulatory requirement to keep it.

6.2 The data We hold is stored in the UK and the EU and is held in accordance with the GDPR.

6.3 Data security is very important to Us, and to protect your data We have taken suitable measures to safeguard and secure any data We hold about you (even if it is only your email address).

7. How Can You Access Your Data?

You have the right to ask for a copy of any of your personal data held by Us (where such data is held). Under the GDPR, We will provide any and all information in response to your request free of charge. Please contact Us for more details at pentrefelin@yganolfan.org (please put “GDPR Enquiry” in the subject line and be as specific as possible with your request including exact information and dates that may apply), or using the contact details found at yganolfan.org/contact-us.

8. Contacting Us

If you have any questions about this Privacy Statement, please contact Us by email at pentrefelin@yganolfan.org (please put “Privacy Statement Enquiry” in the subject line). Please ensure that your query is clear.

9. Cookies

We use cookies on this site purely for vital functional purposes, for example to store your language selection.