Depression Xpression is committed to safeguarding the privacy of its website visitors and service users. This document applies to both our general activities and the use of our website.
1. Definitions
2. Responsibility
3. General Policy Statement
4. Website
5. Cookies
6. Our Details
7. Amendments
1. Definitions
1.1. Personal data is information about a person which is identifiable as being about them. It can be stored electronically or on paper, and includes images and audio recordings as well as written information.
1.2. Data protection is about how we, as an organisation, ensure we protect the rights and privacy of individuals, and comply with the law, when collecting, storing, using, amending, sharing, destroying or deleting personal data.
2. Responsibility
2.1. Overall and final responsibility for data protection lies with the committee, who are responsible for overseeing activities and ensuring this policy is upheld.
2.2. All volunteers are responsible for observing this policy, and related procedures, in all areas of their work for the group.
3. General policy statement
3.1. Depression Xpression needs to keep personal data about its service users, volunteers and committee in order to carry out group activities.
3.2. We will collect, store, use, amend, share, destroy or delete personal data only in ways which protect people’s privacy and comply with the UK General Data Protection Regulation (GDPR) and other relevant legislation.
3.3. We will only collect, store and use the minimum amount of data that we need for clear purposes, and will not collect, store or use data we do not need.
3.4. We will only collect, store and use data for:
a) purposes for which the individual has given explicit consent, or are in our group’s legitimate interests. These include sending occasional newsletters, recording attendance at meetings, and sending feedback requests for meetings that individuals have attended.
b) compiling statistics for purposes such as applying for funding or reporting to the public on our activities.
c) to comply with legal obligations.
d) to protect someone’s life.
e) We will provide individuals with details of the data we have about them when requested by the relevant individual.
3.5. We will delete data if requested by the relevant individual, unless we need to keep it for legal reasons. Anyone wishing to have their details removed should request so by email to depressionxpression@gmail.com or through the contact form on our website.
3.6. We will not keep data for longer than is necessary for the purposes outlined in section 3.4 above.
3.7. We will endeavour to keep personal data up-to-date and accurate.
3.8. We will store personal data securely.
3.9. We will not share personal data with third parties without the explicit consent of the relevant individual, unless legally required to do so.
3.10. Data may collected and stored online through third party providers such as MailChimp or Eventbrite. We will only use companies that comply with GDPR regulations and that will not transfer the data outside the EU.
3.11. We will endeavour not to have data breaches. In the event of a data breach, we will endeavour to rectify the breach by getting any lost or shared data back. We will evaluate our processes and understand how to avoid it happening again. Serious data breaches which may risk someone’s personal rights or freedoms will be reported to the Information Commissioner’s Office within 72 hours, and to the individual concerned.
4. Website
4.1. We may process data about your use of our website. This may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data may be Google Analytics or statistical software on our server. This data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.
4.2. We may process information that you provide to us for the purpose of subscribing our mailing list. This may be processed for the purposes of sending you relevant notifications or newsletters. The legal basis for this processing is your consent to receive such information by signing up to our list via our website.
4.3. We may process information that you provide to us for the purpose of booking a place at one of our events. This may be processed for the purpose of administering the event and for sending you notifications and follow-up information about the event. The legal basis for this processing is your consent by providing your contact details when booking a place at our event, and our legitimate interests, namely the proper administration of our event.
4.4. We may process information contained in or relating to any communication that you send to us via our contact form. This may be used for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.
5. Cookies
5.1. We use cookies on our website, and we will ask you to consent to our use of cookies when you first visit our website.
5.2. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
5.3. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
5.4. We use cookies for the following purposes:
5.4.1. We use cookies to store your preferences in relation to the use of cookies. Cookies used for this purpose are:
• eucookielaw
5.5. Third party cookies
5.5.1. We use third party cookies to enable interactive functionality on our website and for analytics.
5.5.2. Third party providers using cookies on our website may include
• Jetpack
• WordPress
• Mailchimp
• Eventbrite
• Google
• Facebook
• AddtoAny
• YouTube
5.6. Managing cookies
5.6.1. You have the right to decide whether to accept or reject cookies. Most browsers will allow you to do this. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
a) Chrome
b) Firefox
c) Opera
d) Microsoft Edge
e) Safari
5.6.2. Blocking all cookies will have a negative impact upon the usability of many websites.
5.6.3. If you block cookies, you may not be able to use all the features on our website.
6. Our details
6.1. This website is owned and operated by Depression Xpression.
6.2. You can contact us:
a) By using our website contact form;
b) by email, using depressionxpression@gmail.com
7. Amendments
7.1. We may update this policy from time to time by publishing a new version on our website.
7.2. You should check this page from time to time to ensure you are happy with any changes to this policy.
Last updated: 10/07/2024