DATA PROTECTION POLICY
This policy describes the strategy of the Exeter Literary Festival with regards to the General Data Protection Regulation (GDPR) that is due to come into force on 25th May 2018.
Exeter Literary Festival collects some personal information from members of the public for specific reasons, primarily to inform people of events and activities in the local area according to their interests.
1. LAWFUL BASIS FOR DATA PROCESSING
The six lawful bases for data processing are set out in Article 6 of the GDPR. These are:
(c) Legal obligation
(d) Vital interests
(e) Public task
(f) Legitimate interests
The lawful basis under which Exeter Literary Festival processes personal data is
(a) Consent: the individual has given clear consent for EXETER LITERARY FESTIVAL to process their personal data for a specific purpose.
2. INDIVIDUAL RIGHTS
The GDPR provides the following rights for individuals:
1. The right to be informed
2. The right of access
3. The right to rectification
4. The right to erasure
5. The right to restrict processing
6. The right to data portability
7. The right to object
8. Rights in relation to automated decision making and profiling.
2.1 The right to be informed
The EXETER LITERARY FESTIVAL has an obligation to advise individuals how their personal data will be used. This will be via a privacy statement at the time of signing up to the mailing list.
The Exeter Literary Festival takes your privacy seriously and will only use your name and email address to send you emails at your request. Your information will not be used for any other purpose, will not be shared with any other party and you can request to unsubscribe at any time. You also have the right to object if you believe emails from us contain inappropriate material for this mailing list.
Purpose of data processing and the lawful basis:
The purpose for holding the names and email addresses of subscribers is in order to send subscribers emails about the activities of the EXETER LITERARY FESTIVAL and information about the local area according to the interests specified by the subscriber at the time of subscribing.
The lawful basis is consent.
The legitimate interests of the controller:
The EXETER LITERARY FESTIVAL would like to keep subscribers informed of volunteering opportunities relating to current and future literary events.
Categories of personal data:
The EXETER LITERARY FESTIVAL will only hold the name and email address of the subscriber for the purposes of the EXETER LITERARY FESTIVAL emailing list. The EXETER LITERARY FESTIVAL may request further information for the processing of applications for involvement in specific events, and feedback and evaluation of events. The same controls will apply to all data supplied.
Any recipient of the personal data:
The personal data will be stored in a secure database and will only be accessible by mailing list administrators.
Details of transfer to third party and safe guards:
Personal data will not be transferred to any other location or to any other third party.
Personal data will be held from the time of subscribing to the mailing list until such time that the subscriber removes themselves from the list by unsubscribing.
The right to withdraw consent at any time:
Every subscriber has the right to remove themselves from the mailing list at any time by unsubscribing.
2.2 The right of access
Individuals have the right to confirmation that their data is being held by EXETER LITERARY FESTIVAL and to receive a copy of the information stored. This can be provided free of charge by emailing firstname.lastname@example.org
2.3 The right of rectification
Individuals are entitled to have personal data rectified if it is inaccurate or incomplete. This can be achieved free of charge by emailing email@example.com
and must be actioned by EXETER LITERARY FESTIVAL within one month of the request.
2.4 The right to erasure
An individual can request the deletion of their information by unsubscribing from the mailing list using the link that can be found in every email sent out, or by emailing firstname.lastname@example.org
2.5 The right to restrict processing
An individual can request that we cease sending emails to them. Due to the limited data held, this will be treated in the same way as 2.4. Should an individual wish to begin receiving emails again, they should subscribe to the mailing list again as a new user.
2.6 The right to data portability
Due to the limited data held (name and email address), this can be covered by 2.2 whereby a full copy of information held by EXETER LITERARY FESTIVAL will be provided to the individual via email.
2.7 The right to object
An individual has the right to object should they consider the emails to contain inappropriate material for the mailing list by emailing email@example.com
2.8 Rights related to automatic decision making and profiling
No automatic decision making or profiling is currently carried out on the personal data held by EXETER LITERARY FESTIVAL.
3. ACCOUNTABILITY AND GOVERNANCE
The elected Exeter Literary Festival Communications Officer acts as the Data Protection Officer and in the event that this role is vacant, the Chairperson will assume responsibility.
The GDPR requires personal data to be processed in a manner that ensures its security. This includes protection against unauthorised or unlawful processing and against accidental loss, destruction or damage. It requires that appropriate technical or organisational measures are used.
The data will be held in a secure database, and will only be accessible by mailing list administrators, each with individual login usernames and passwords.
1. Name: The name of the Festival shall be Exeter Literary Festival.
2. Object: The object of the Exeter Literary Festival shall be to promote appreciation of words in all their forms, and of writing and literature within Exeter and surrounding area through a professionally organised and widely accessible Festival event.
• To nurture and support reading , writing and language activities in Exeter and surrounding area through an event that is accessible to all.
• To create a positive and creative learning environment for those wishing to improve their writing skills, and those wishing to present their written material.
•To present a range of literary genres, including use of novel approaches to encourage participation by those who may not normally be attracted to traditional literary events.
The Exeter Literary Festival shall operate as a not for profit organisation.
Organisation of the Festival will be in the hands of a Steering Group appointed with the sole aims of developing and promoting the Exeter Literary Festival in line with the Constitution. The Steering Group may work in partnership with other relevant organisations in order to promote and deliver the Festival.
A Steering Group meeting will be quorate when at least one named position holder and two ordinary members are present.
Steering Group members:
A Steering Group will be appointed to work with a Chair, Director, Creative Director, Secretary, Fundraiser, Print Design/ Production and Treasurer in taking forward the aims of, and actively promoting, the Festival. The number of Steering Group members will remain flexible in order to ensure a full range of skills and experience is maintained, with some members taking a more limited advisory role.
It is expected that individual members of the Steering Group will accept responsibility for taking forward specific aspects of the Festival. Those individuals will be expected to lead on their particular area, liaising closely as appropriate other Steering Group members and updating Steering Group meetings on progress, or raising issues for wider discussion.
Steering Group Meetings:
Formal Steering Group meetings will be held at regular intervals. Meetings will be formally minuted. Where time is of the essence in decision making, communication may be conducted by email as appropriate.
Attendance and active participation in Festival meetings and activities is expected of Steering Group members. Apologies should be sent to the Chair. Failure to attend three successive meetings will lead to the Chair asking the member to clarify their position and, subject to the reason, the Steering Group may be required to vote on that person remaining on the Steering Group.
• An online account will be set up and maintained in the name of Exeter Literary Festival at a Bank agreed by the Steering Group.
• The Director and Treasurer, and one other member of the Steering Group, will be named as signatories on the account
• Internet banking transactions require approval by any two of the three nominated signatories.
• All monies raised on behalf of the Exeter Literary Festival are only to be used to further the aims of the Exeter Literary Festival, as specified in this Constitution.
• There will be no payment to Steering Group members, except for legitimate reimbursement of expenses incurred and agreed beforehand by the Committee, and on production of appropriate receipts.
• The Treasurer will maintain appropriate financial records, with full documentation of any income and expenditure. Regular updates on income and expenditure will be provided to the Steering Group.
• Decisions on expenditure will be agreed within the Steering Group, ensuring that the Festival does not over commit in terms of expenses in any year.
• A surplus of income over expenditure in any year will be held over to support the following year’s Festival.
• The accounts will be subject to annual independent review.
• Suitably distinguished persons with relevant experience, expertise or reputation may be invited to become Patrons of the Exeter Literary Festival.
• There is no upper limit on the number of individuals who may be invited to become Patrons.
• The role of Patron is a voluntary one.
7. Data Protection:
• A secure database of contact details for those attending the Festival will be maintained in order to keep them informed of future events.
• An individual may ask for their name to be removed from the list, and this will be done.
8. Friends of the Exeter Literary Festival
• The Steering Group reserves the option to establish a formal category of Friends of the Exeter Literary Festival.
• On payment of a fee – to be determined by the Steering Group – individuals would be invited to join the Friends.
• A database of Friends of the Exeter Festival would be maintained, keeping them informed about appropriate Festival business and events. Other benefits may be awarded to those registering as Friends.
• Any individual will be removed from the database in response to a specific request from that individual.
9. Amendments to the Constitution: Any amendments to the Constitution must be agreed by a majority of Steering Group members, with changes and reasons for the changes, fully documented in minutes of the relevant Steering Group meeting.
10. Dissolution: A decision may be taken by the Steering Group that the Exeter Literary Festival should be dissolved. After settling all debts, and paying any outstanding expenses, any remaining funds will be donated to a similar enterprise, with the proviso that they be spent on promotion of literary events.
Constitution originally adopted at the Steering Group meeting of Sept 5th 2018.