STORAGE, USE AND PROTECTION OF PERSONAL DATA
This page sets out information on how and why we collect, keep and use information about you which is ‘personal data’ as defined in data protection law. It applies whether that information is provided via this website or by any other means.
Who are we?
‘We’ or ‘the Centre’ means Triratna Buddhist Community (West London), a charitable trust registered as a charity with no. 271591, known as the West London Buddhist Centre. Our contact details are shown at the bottom of most pages of this website.
We are linked to a wider movement called the Triratna Buddhist Community (formerly Friends of the Western Buddhist Order), and there are many other Triratna centres, businesses, retreat centres and other initiatives worldwide. However, like other Triratna enterprises, we are a separate charity, responsible for our own finances and operating entirely independently.
What information about you will we collect and keep?
If, and to the extent, provided by you, we will store and process your: name, email address(es), telephone number(s), street address and other contact details. Any photograph of you supplied by public social media may also be kept.
We may also store and process: details of Centre activities and events you book or attend; a description of your connection with the Centre, e.g. reasons for coming, interests expressed, enquiries made; and any connections you have with other people we know.
If you make donations to us we may store and process details of those donations and your bank account details (if supplied, e.g. in connection with a standing order).
How will we use your information?
We will use your personal data:
- to communicate with you (usually collectively with others) about the Centre’s activities, events, news and fundraising initiatives;
- to communicate with you (either individually or collectively with others) about your relationship with the Centre (including work or volunteering if applicable);
- if you have provided the data for a particular purpose, for that purpose;
- for internal record keeping, including accounting records; and/or
- as necessary to comply with laws relating to employees, tax, health & safety, etc;
- as necessary in the legitimate interests of the Centre in supporting people in their Buddhist practice, providing pastoral care and creating sangha (community).
Communication with you will usually be done by email, but we reserve the right to use post or telephone if that seems to us necessary or desirable.
We may also obtain and analyse information about recipients’ responses to campaigns we send out, such as openings of emails and clicks on links in them.
Who at the Centre has access to your information?
Your data may be accessed by Order members, teachers, employees, consultants and volunteer helpers of the Centre, for the purposes of the Centre’s activities.
What third parties may we share your information with?
- In relation to mindfulness: Breathworks CIC, a separate Community Interest Company;
- In relation to yoga and other bodywork or physical training activities: relevant yoga/bodywork teachers engaged by the Centre;
- In relation to PAYE, Gift Aid and other tax matters: HMRC, and any accountants or consultants we may appoint
- In relation to sending mass emails, any provider of mass email software or services used by us.
Except as may be involved in any of the above sharings, we will not sell your personal data to third parties.
Data transfers to other countries
We will not transfer your personal data to any other country, except to the extent that storing data online in ‘the cloud’ may involve that data technically being held on a server in another country by a program provider (e.g. Google).
We take the care of your data seriously and will endeavour to protect it by putting in place appropriate physical, electronic, and managerial procedures to safeguard and secure the data we collect generally. In today’s cyber environment, though, it is unfortunately not possible to completely guarantee against loss, misuse or alteration of data, for example in the event of a successful cyber-attack. However, should this scenario arise, we have a data breach notification procedure in place and will contact you as soon as possible giving full details of any data that has been compromised.
How long will we keep your information?
Because we will use your information for the purpose of communicating with you on an ongoing basis about various things that happen from time to time (see under ‘How will we use your information?’ above), we cannot give a finite period for which we will keep your data; it may be indefinite. However you have rights to withdraw your consent, get inaccuracies corrected, etc, as described under ‘Your rights’ below.
You have various rights under data protection law:
- You have the right to access your personal data and certain supplementary information. On receipt of your request we will provide you one copy of the information free of charge. Any further copies requested will be charged at £10 each. We may charge a reasonable fee when a request is manifestly unfounded or excessive, particularly if it is repetitive.
- You are entitled to have your personal data rectified if it is inaccurate or incomplete, if you contact us supplying the correct information.
- You have the right by notice to withdraw your consent to our holding and processing your data at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
- You have the right by notice to have your personal data erased and to prevent processing in specific circumstances laid down by law.
To exercise any of these rights you should contact the Centre in writing by email or letter, marked for the attention of the Data Protection Responsible Person. Our contact details are shown at the bottom of most pages of this website.
In addition you can stop receiving mass email newsletters by clicking on ‘Unsubscribe’ in one of those emails.
If you are still not satisfied, you have the right to lodge a complaint with The Information Commissioner’s Office (ICO), the supervisory authority.