1. INTRODUCTION

This policy relates to the keeping and processing of an individual’s personal data. Data will be personal where an individual can be identified from that data.

The processing of data is governed by the General Data Protection Regulation [GDPR].

The Abbey Gardens Friends is the data controller and decides how your personal data is controlled, processed and who has access to it. It is committed to protecting your privacy and personal information and will aim to use the most appropriate procedures to fulfil that commitment.

Your data will be kept within the European Economic Area.

The Abbey Gardens Friends aims to fulfil its obligations and duties under GDPR by:
• securely storing and maintaining the data that it holds
• keeping it up to date
• having appropriate security measures to protect it from unauthorised access, misuse, theft and loss

2. DATA SHARING

Your personal data will be treated as strictly confidential. We will never sell your data to a third party.

We will only share your data with other organisations if we have your consent to do so or where it is required by law or regulation.

3. DATA RETENTION

Your data will be kept for no longer than reasonably necessary to secure our compliance obligations with our relevant regulatory bodies. This would normally be for a maximum period of six years.