Our Approach To GDPR
Our Approach To GDPR
The law is changing on how we can contact you. If we can’t communicate with you we won’t be able to tell you about our latest news and share the impact of our vital work.
What is GDPR?
The Data Protection Act 1998, which controls how your personal data is used by organisations, businesses and government, is being superseded by new EU legislation called the General Data Protection Regulation (GDPR). GDPR came into force on 24 May 2016 and businesses and organisations have until 25 May 2018 until the law actually applies to them.
This legislation governs how personal data can be lawfully processed. This means that for us to continue to campaign and fundraise as a Charity and provide a business and certification service through Certification, we must do it fairly, lawfully, transparently and respecting the privacy rights of the individual.
What does this mean to you?
Any organisation with which you share information about yourself must be transparent about how they collect your information, what they do with it and how they process it. Where you are asked for your consent to processing of your personal information, you will be asked in a clear and specific way. The organisation must ensure you have enough information to understand what is being asked of you in a way which is clear and transparent and you will be asked to provide this with a clear affirmative action or statement by which you signify your agreement.
What does this mean for the Soil Association?
We are working hard to make sure you know what we do with your personal information, and how we are going to communicate with you. We are updating our policies so that you understand what we do with personal information. For individuals, we are creating ways for you to easily change your mind and change the way we are in touch with you. For the businesses that we certify, we are making sure that you can receive the information we have to send you contractually in the right way for you.
Will this change the way the Soil Association communicates with people?
We have taken legal advice to make sure that we are following the legislation which aims to give you control over your personal information. We are updating our policies so that we continue to be rigorous in how we collect personal information, where we store it, how long we keep it for, and what we should and shouldn’t be sending you.
We have assumed that people who are close to us – for example those who certify with us, who work with us, support us financially, who are committed to our work and who we believe expect to hear from us and want to help us – will want to be kept in touch. We will continue to communicate with these people, always following the legislation by being fair and transparent.
We believe the new legislation suggests that we should not stay in contact with people less close to us, unless they have specifically told us to carry on contacting them. We are getting in touch to ask them this question and if they ‘opt in’ to continuing to hear from us we will carry on communicating with them.
Our commitment to you
- We will always provide easy ways for you to opt-out, should you change your mind about hearing from us.
- For businesses that certify with us there is contractual information that we need to send to you and we will ensure you can receive this in the most appropriate way for you.
- And, your personal data will be safe with us
- We will never sell your personal data or share it with third parties for marketing purposes
If we used to be in touch with you, but seem to have stopped, and you want to hear from us again, please do get in touch with the Membership team: firstname.lastname@example.org 0300 330 0100.
For more information about data protection legislation and guidance take a look here https://ico.org.uk/for-the-public/