Privacy

East Sussex, Brighton & Hove Registered Care Association (RCA Ltd) is committed to protecting the privacy of members and users of this website. This statement sets out the policy regarding the collection, storage and use of personally identifiable information, such as name, e- mail and postal address, or other personal details, via the website and by other means. Please read this policy to understand how your personal information is collected and used. We will process any personal data you provide in accordance with the General Data Protection Regulations (2016). This statement sets out the current policy which may be subject to change.

Information collected
General visitor information such as Internet Protocol addresses and statistics (such as which pages are accessed and when) which are not linked to personally identifiable information is provided to us via our Internet Service Provider. Personal information such as name, e-mail, phone number and postal address is collected when you contact us using any of the e-mail links to contacts provided on the site and when you renew your annual membership. The nature of information requests and any survey information volunteered may also be collected via this (or other forms) in the future. 

Information stored
Information on members such as name, e-mail, phone number and postal address, is held on a secure encrypted cloud based database, accessed only by authorised members of the RCA Executive committee and our webmaster. Physical paperwork such as invoices/remittances is stored only for the minimum period required by regulation, in a locked file in a locked office. Paperwork is securely destroyed at the end of this period.

Reason for holding information
Names, addresses and other contact details are held solely for the purpose of contacting members. Information regarding IP addresses is held to assist with management of the carefinder website.

Designated responsibility
RCA Ltd has a designated data protection officer responsible for ensuring data is collected, stored and managed in line with General Data Protection Regulations.
Designated officer – RCA Ltd – Michael Derrick

Consent
Your consent is required in order for us to hold your data for the purposes detailed above. We will request your consent annually when you renew your membership. You may withdraw your consent at any time by writing to the data controller.

Right to access & accuracy
You have the right to access the information we hold about you. You can request access to this information by writing to the data controller. We will review and update the information we hold about you annually when you renew your membership. If your contact details or any other information changes during the year then please inform the data controller immediately. We will always try and ensure your information remains up to date at all times.

Right to erasure
You have the right to request that we erase any data that we hold about you. Please contact the data controller in writing if you want to request< that we erase your data. Data is destroyed automatically as soon as is allowed under standard financial record keeping rules.

Disclosure of information to third parties
East Sussex, Brighton &amp; Hove Registered Care Association (RCA Ltd) will not disclose any of your personally identifiable information to any party outside the company, except when we have your permission to do so, or when it is required by law. RCA Ltd may forward appropriate information to members that it has approved.

Disclaimer 
We cannot guarantee that data transmission over the Internet is 100% secure. East Sussex, Brighton &amp; Hove Registered Care Association (RCA Ltd) is committed to protecting the privacy of your information, but we cannot guarantee the security of any information you transmit to us, therefore you do so at your own risk. General Data Protection Regulations (2016).

Complaints
You have the right to complain about any aspects of our data protection policy. All complaints should be addressed to the Chair of the RCA Ltd. If after exhausting this process your complaint remains unresolved, you should complain directly to the Information Commissioners Office.