BANA Data Processing Statement for General Membership
As a charity that has a membership and provides services to people, BANA requires certain information to fulfil that provision. All of that information, or data, is governed by the laws of the Data Protection Act 1998 in how we may use and keep it, and it is our responsibility to explain this to you. By taking up a membership, you agree to our processes:
When you join BANA, we will ask for information to be able to contact you and to provide the main services that are open to everyone. You may refuse to provide certain information at any time, but this may affect the provision of some services.
If you would like to participate in other services that require more information, we will ask you for it as part of that service provision. This may include medical specific information, and we must ask for your permission to hold and use it, for that specific purpose.
Your information will only be used and shared on a ‘need to know’ basis, with governance in place for how it must be used and disposed of by those using it.
Your details will only be held on the BANA network of computers, and in hard copy at the main office.
We will apply security to our electronic systems, and use locked cabinets where applicable. The office is in a locked, secure building.
If you leave the membership, we will retain your contact details on a record of ex-members for six years, to assist with accountability enquiries. If you have email, we will add this to an ex-members mailing list to inform of our continuing work. All medical specific information will be deleted. All financial data involving your membership or service provision will be stored for six years plus the current financial year, as required by HM Revenue & Customs, and will then be securely deleted or destroyed. We reserve the right to hold onto any correspondence or document where there may be a future issue, legal or otherwise, in the protection of BANA or a person.
With all of the information we hold about you, we will only ask for what we need to fulfil a service, and will not use any information for any other purpose, or without your permission, or pass it on to a third party. It is your responsibility to advise us if your contact details, name or status change.
BANA has and abides by a Confidentiality and Information Management Policy, which is reviewed annually if not updated during the year. There is provision under this policy for members to make Subject Access requests with regards the data we hold about them.
If you do not wish to be contacted by a certain means, or wish to remove yourself from any services, please let us know. You may unsubscribe from an email list at any time.
We will try very hard to always ensure we are managing our services and your information appropriately. However, we are only human and would be grateful if you have any issues or concerns to contact the BANA office as soon as able to notify us. We will take all actions necessary to rectify problems.
We comply with (PCI DSS) Payment Card Industry Data Security Standards in the handling of credit and debit card transactions and undertake an annual audit of our processes to remain compliant.
We hope our website helps you to find the information & support that you are seeking. If you have any other questions please feel free to contact us