◆ You are a Donor or Grantor who has given consent to have their donation or grant made public.
BAY Centre - Data Security Policy
(Where the words 'BAY Centre', 'us' or 'we' are used it will mean the registered charity known as the 'Burnham Area Youth Centre', registration number 304500.)

Summary

Data Collection

Data Storage

Data Access

Change Log
    

Summary


This Policy explains, in more detail, what security controls and methods are in place to protect your Personal Data held by the BAY Centre.


>>Back to Top
    

Data Collection

We collect your personal data through an online booking form.  Any bookings made by phone, emails or verbally will be entered into the online booking form.

Our website uses HTTPS (an online security protocol) that encrypts (scrambles) all data entered into the online booking form to keep it safe from hackers. (see note 1)

The collection of personal data for Employees, Vendors, Donors, Grantors and Volunteers is currently done through the use of paper forms (these will be migrated to online versions as soon as we can).

Note 1:
The online booking form data is scrambled as soon as the ‘Submit’ button on the form is clicked.This scrambled data will travel through the 3rd party computers of Cloudflare (our website caching host) and TSOhost (our website host), before being passed to Google who store the data in their G Suite online storage. (‘website host’ means the computer that stores all the code that makes up our website. ‘Website caching host’ means the computer that stores copies of our website to help speed up the website on your computer).


>>Back to Top
    

Data Storage

All digital personal data is held online in Google’s G Suite where it is encrypted and password protected. Click here to see further details about Google G Suite and the EU Data Protection Regulation.

Digital personal data is also held in backups on a seperate computer which is encrypted and password protected.

Any physical documents containing personal data are held in an alarmed, locked steel cabinet in a building which itself is alarmed and locked.


>>Back to Top
    

Data Access


The online personal data is only accessible by 4 BAY Centre volunteers, the Chairman, the Secretary, the Treasurer and the bookings clerk. Access is secured by the use of passwords.

Each of the 4 has a dedicated laptop for access. The laptop hard drives are encrypted by Microsoft’s ‘bitlocker’ software and the Windows logins are controlled by Microsoft’s Azure Directory service. This service allows the laptops to be blocked if they were to be lost or stolen. Access to G suite is controlled by Google’s mobile management service which controls the passwords and can also block access to G Suite should the laptops be lost or stolen.

Access to paper documents containing personal data is restricted to the chairman and the bookings clerk.


Access to the backups is currently restricted to one person, the bookings clerk (Backups will be switched to online storage as soon as we can).

>>Back to Top
    

Change Log

April 2018
Document initially published. The policy is one of a series of policy documents that replace all previous policy documents that existed in a variety of different formats, some electronic, some paper and some verbal.

June 2018
Details added.

>>Back to Top

BAY Centre,
Cassis Close,
BOS TA8 1NN

Registered charity number 304500

©  Burnham Area Youth Centre 2017


Bookings:
[email protected]
07835 143187

This website uses cookies.
Please see our Cookie Policy for details