Manchester Digital Laboratory (MadLab) is committed to a policy of protecting the rights and privacy of individuals, voluntary and community group members, volunteers staff and others in accordance with The Data Protection Act 2018 and the General Data Protection Regulation.
Madlab collects and uses information about people with whom it communicates. This personal information must be dealt with properly and securely however it is collected, recorded and used - whether on paper, in a computer, or recorded on other material. To this end MadLab fully endorses and adheres to the Principles of Data Protection.
This policy can be read in conjunction with our privacy policy here.
The Data Protection Act 2018 General Data Protection Regulation
Personal data means data (whether stored electronically or paper based) relating to a living individual who can be identified directly or indirectly from that data (or from that data and other information in our possession). MadLab processes this data in accordance with the The Data Protection Act 2018 and the General Data Protection Regulation. Processing can include gathering data with consent, securely storing this information, analysing data, correcting inaccuracies, disclosing information held upon request, destroying data and transferring data to third parties. Sensitive personal data includes an individual’s race, ethnicity, political opinions, religion, personal, philosophies, trade union membership, physical or mental health, sexual orientation, and criminal history
Data used in analytical/output reports is anonymised. We only process sensitive personal data with the consent of the individual.
The purpose of this policy is to ensure that the staff, volunteers and trustees of MadLab are clear about the purpose and principles of Data Protection and to ensure that it has guidelines and procedures in place which are consistently followed. As a matter of good practice, other organisations and individuals working with MadLab, and who have access to personal information, will be expected to have read and comply with this policy. Staff who deal with external organisations will take responsibility for ensuring that such organisations sign a contract agreeing to abide by this policy.
Failure to adhere to the Data Protection Act 2018 is unlawful and could result in legal action being taken against MadLab or its staff or volunteers. The Act requires us to register the fact that we hold personal data and to acknowledge the right of ‘subject access’ – voluntary and community group members and staff must have the right to copies of their own data.
MadLab obtains personal data from staff, volunteers and participants of MadLab activities. This data is obtained, stored and processed solely to assist staff and volunteers in the efficient running of services. Personal details supplied are only used to send material that is potentially useful. Most of this information is stored on MadLab’s database and processed for the following purposes:
MadLab obtains personal data and information from clients and members in order to provide services. This data is stored and processed only for the purposes outlined in the agreement and service specification signed by the client/ member.
Data may be held by us for the following purposes: