This statement confirms the commitment of PABCIS (BCRP) to protect your privacy and to process your personal information in a manner which meets the requirements of the Data Protection Act 1998 (The Act).
- This document explains what PABCIS (the BCRP) is, why it processes its Members’ personal data, and the lawful basis for that processing. It describes the kind of personal data about members that the BCRP is allowed to process, and that the BCRP can do with it.
- Who we are and what we do – the role of PABCIS is explained in our website www.pabcis.co.uk
The PABCIS HUB, Longton Police Station, Sutherland Road, Longton, ST3 1HH
Email address: firstname.lastname@example.org
Telephone 01785 233190
- The BCRP’s Data Controller is responsible for ensuring its compliance with current Data Protection Law and can be contacted at the above address, email address or telephone number. The BCRP is registered with the information Commissioners Office as a Business Crime Reduction Partnership.
- Purpose of processing personal data
The BCRP processes Members’ personal data for the following purposes:
(a) To enable the efficient management of the BCRP; to manage the membership of the BCRP including subscriptions where relevant; invitations to BCRP meetings and training opportunities where relevant etc.
(b) To defend and indemnify the BCRP in case of any Member’s non-compliance with the BCRP Rules and protocols;
(c) To enable the BCRP to communicate efficient to Members by sending news, alerts and documents and information about events which are relevant to them
- Lawful basis of processing
The BCRP’s existing contract/agreement between itself and its Members requires that Members provide their name, postal and email addresses, telephone etc. to the BCRP. This contract/agreement means that the BCRP’s lawful basis for processing Members’ personal data is “contract” and therefore the BCRP can process Members’ personal data without their further consent.
- Categories and types of personal data processes
Name of a contact person, name and place of employment, postal and email addresses, telephone and other contact details will be processed
- No sensitive or “special category” personal data (ethnicity, sexuality, religious beliefs etc.) is processed by the BCRP
- Sources of personal data
The BCRP obtains Members’ personal data from existing contracts/agreements with Members;
Members may themselves update their personal data.
- Recipients of Members’ personal data
The BCRPs Board of Management, Data Controller, authorised BCRP staff and formally contracted Data Processors may access Members’ personal data;
Members’ personal data will not be passed to any third party unless to the police under warrant or with the express permission of the Member;
The BCRP will not transfer Members’ personal data outside the UK
- Data retention period
The BCRP will retain Members’ personal data only for as long as each Member remains a Member of the BCRP; when a Member ceases to be a Member of the BCRP he/she must confirm this with the BCRP’s Board of Management as specified in the BCRP’s Rules & Protocols at which time all associated personal data will be irrevocably deleted.
In the case of submitted reports, the submitting Member’s email address only will continue to be associated with such reports for as long as the report is retained by the BCRP; this is required where a report may be used for evidential purposes in legal proceedings.
- Members’ rights
Members can obtain a copy of all their personal data held by the BCRP; Members may access this at any time on the BCRP’s online system (My Account) or may be obtained on application to the Data Controller (see Contact Details above).
Members can correct any erroneous data at any time on the Scheme’s online system (My Account) or may require the BCRP to correct any errors on their behalf.
At the conclusion of their Membership, Members’ personal data will be irrevocably deleted by the BCRP with the exception of email addresses associated with Incident reports (see Data Retention Period above) and may require the data Controller to confirm such deletion. Members have the right to complain about the BCRP to the Information Commissioners at https://ico.org.uk/concerns/handling/