Introduction
We value your privacy and are committed to protecting your personal data. This policy explains how we collect and process your personal data.
About Lenzie Community Hall Limited
Lenzie Community Hall Limited (referred to as “we”, “us” or “our” in this privacy policy) is a Community Benefit Society (registration number 9632).
Data Controller
We are registered with the Information Commissioner’s Office (www.ico.org.uk) as a Data Controller.
What’s personal data?
Personal data means any information about an individual from which that individual can be identified. It can be stored electronically or on paper. It includes images and audio recordings as well as written information.
What’s data protection?
Data protection is about how we, as a society, make sure we protect the rights and privacy of individuals and comply with the law, when processing (e.g. collecting, storing, using, amending, sharing or deleting) personal data.
Who’s responsible for data processing and who can I contact?
Responsibility for data protection lies with our board (email: lenziecommunityhall@gmail.com). They are responsible for overseeing our activities and making sure that this policy is followed.
What personal data may we collect and process?
We may collect and process the following personal data:
- personal details (name, address, email address, telephone numbers) and/or work / business details (job title, work email address, organisation) e.g. those that you give us on becoming a member or supporter, via surveys, attending our events or tell us directly in some other way)
- any information about you that you choose to send to us via email, our website and our social media channels or tell us over the phone
- membership or mailing list details you give us
- financial details through donations or transactions with us (e.g. for goods, services, attending events)
- audio recordings (e.g. if you attend and speak at an online event and you give us permission to make the recording)
- visual images (e.g. if you attend an online / in-person event and give us permission to take photographs / video).
Whose personal data may we collect and process?
We may process personal information about:
- members, volunteers and subscribers
- donors
- event attendees
- our board
- anyone who may contact or supply their personal information to us (e.g. via email, our website, social media, surveys, competitions, phone)
- representatives of other organisations, including funders
- those from whom we obtain goods and services.
Why we may collect and process these individuals’ personal data and on what legal basis?
We may collect and process these individuals’ personal data in order to carry out our activities.
We process personal data only in ways which protect people’s privacy and comply with the UK General Data Protection Regulation (GDPR) and other relevant legislation.
We will only collect, store and use personal data:
- for purposes for which an individual has given consent
- for purposes that are in our legitimate interests
- for entering into and performing contracts
- to comply with legal obligations
- to protect someone’s life
- to perform public tasks.
Sharing your personal data
We will only disclose personal information to third parties or individuals when obliged to by law, to protect someone’s life or to perform public tasks and the following:
- if you have agreed that we may do so
- when we use any service providers, sub-contractors or agents to provide services on our behalf and in accordance with our instructions – including payment providers, event ticketing providers, email communication providers, IT service & online storage providers, accountants, auditors and lawyers
- if we run an event and your details need to be shared for the management of the event with any event partner, events company or venue. We will be very clear what will happen to your data when you register.
We will never sell or rent your personal information to other organisations.
How do we store your personal data?
We only collect, store and use the minimum amount of data that we need for clear purposes and will not collect, store or use data we do not need.
We aim to keep personal data up-to-date and accurate.
Our data is stored and processed by a range of software packages and data services including within our Google Drive and connected Google applications. It may also be processed via Mailchimp or Sendinblue, both industry-standard bulk email systems.
Some of these software packages, data services, and other service providers that we use may transfer personal data outside of the United Kingdom but we’ll only allow them to do so if we consider your data is adequately protected.
However, sending information over the internet is never completely secure and, as a result, while we strive to protect your personal information, we cannot guarantee the security of any information you give to us and you do so at your own risk.
How long we keep personal data
We won’t keep your personal data for any longer than is reasonably necessary and all data will be securely destroyed or otherwise disposed of once it’s no longer needed.
Your rights / contacting us
We must tell you how we use your data. This is the purpose of this Privacy Policy.
You can ask us, at any time, to change, delete, restrict the use of or send you a copy of your personal data as well as object to us using your personal data by emailing us at lenziecommunityhall@gmail.com. We will do so unless legally required to do otherwise. You can also email us at this address if you have any questions about your personal data or our privacy policy.
How to complain
If you are unhappy with how we have used your data, you have the right to complain to the Informational Commissioner’s Office:
Helpline number: 0303 123 1113
Website: https://www.ico.org.uk or https://ico.org.uk/make-a-complaint.
Changes to our Privacy Policy
We will keep this policy under review. This policy replaces all previous versions and was last updated December 2025.