The Worshipful Company of Water Conservators

The Worshipful Company of Water Conservators



The Worshipful Company of Water Conservators

Privacy Statement

The Worshipful Company of Water Conservators (the Company) has developed a Policy that protects data according to the requirements of the General Data Protection Regulations (GDPR).  The purpose of this Notice is to summarise the Policy and to describe a means of access.
The Company keeps personal data on members of the Company. The Policy sets out to ensure the confidentiality of personal data supplied to it and to protect the Company from reputational damage if that information were to be accessed without proper authorisation.

The principles of the Policy are in accordance with the GDPR and ensure that the data:

            a. be processed fairly and lawfully;
            b. only be used for specified and lawful purposes and shall not be used in any manner incompatible
                with those purposes;
            c. be adequate, relevant and not excessive;

            d. be accurate and, where necessary, kept up to date;
            e. not be kept any longer than is necessary;
            f. be used in accordance with the rights of the individuals to whom it relates;
            g. be protected against unauthorised use, theft, accidental loss, destruction or damage by the use of
                appropriate technical and organisational measures;

            h. not be transferred to a country or territory which does not have an adequate level of legal protection
               for the rights of individuals in relation to the processing of their personal data.

The Company fully endorses the Individuals’ Rights as detailed in the General Data Protection Legislation.  Specifically, this grants individuals the following rights:   

            a. the right to be informed (fair processing of information, privacy notices, transparency);
            b. the right of access (confirmation/access to personal data);
            c. the right to rectification (must respond within 30 days);
            d. the right to erasure (can request deletion (certain circumstances));
            e. the right to restrict processing (may store data but not process it);
            f. the right to data portability (individuals may obtain/reuse their data across different services);
            g. the right to object (profiling; direct marketing; scientific/historical research and statistics);
            h. rights in relation to automated decision making and profiling (significant effect without human

Access to Personal data:

Individuals wishing to access their personal data for any of the aforementioned purposes should contact the Clerk who is the Company’s Data Controller.