Data Protection Policy

Data Protection Policy

This page details the BOVF Data Protection Policy

British Overseas Voters Forum (BOVF) GDPR Data Protection Policy

1. Introduction

The British Overseas Voters Forum (BOVF) is committed to ensuring the privacy and protection of personal data in compliance with the UK General Data Protection Regulation (GDPR). This policy outlines how we collect, use, store, and protect personal data from members, supporters, and stakeholders.

2. Scope

This policy applies to all personal data processed by BOVF, whether through online platforms, email communication, or any other means of data collection.

3. Data Controller

BOVF is the data controller and is responsible for determining the purposes and means of processing personal data collected in the course of our activities.

4. Personal Data We Collect

BOVF may collect the following types of personal data:

  • Identification Data: Name, contact details (email, phone number, mailing address).
  • Voting Information: Voting registration status and country of residence.
  • Communications Data: Records of correspondence, newsletters, and engagement history.
  • Usage Data: Data regarding interactions with our website and other digital platforms.

5. Legal Basis for Processing

BOVF processes personal data based on:

  • Consent: Obtained prior to sending newsletters or marketing communications.
  • Legitimate Interests: Where processing is necessary to support our mission, engage with stakeholders, and provide relevant information to members.

6. How We Use Personal Data

BOVF uses personal data for the following purposes:

  • To provide members with relevant updates and communications about voting rights and advocacy activities.
  • To manage membership, organize events, and facilitate discussions on our key topics of interest.
  • To conduct research and advocacy on issues affecting British overseas voters.
  • To ensure compliance with legal obligations.

7. Data Retention

BOVF retains personal data only as long as necessary for the purposes for which it was collected. Data is securely deleted or anonymized once it is no longer required.

8. Data Protection Principles

BOVF adheres to the following data protection principles:

  • Lawfulness, fairness, and transparency in all data collection and processing activities.
  • Purpose limitation by collecting data solely for specified, explicit, and legitimate purposes.
  • Data minimization by limiting data collection to only what is necessary.
  • Accuracy by ensuring personal data is kept up to date.
  • Storage limitation by retaining data only as long as necessary.
  • Integrity and confidentiality by implementing security measures to protect personal data.

9. Data Subject Rights

BOVF respects the rights of individuals under GDPR, including:

  • The right to access personal data.
  • The right to rectification of inaccurate or incomplete data.
  • The right to erasure (right to be forgotten).
  • The right to restrict processing.
  • The right to data portability.
  • The right to object to data processing.
  • The right to withdraw consent at any time.

Requests to exercise any of these rights can be directed to the BOVF data protection officer.

10. Data Security

BOVF implements technical and organizational measures to protect personal data from unauthorized access, alteration, disclosure, or destruction. Security measures include:

  • Encryption of sensitive data.
  • Access controls based on user roles.
  • Data protection training for staff and volunteers if they have access to member/supporter data.

11. Third-Party Data Sharing

BOVF does not share personal data with third parties except where required by law or with explicit consent from the individual. Data processors engaged by BOVF will be bound by confidentiality agreements and comply with GDPR requirements.

12. Data Breaches

In the event of a data breach, BOVF will act promptly to mitigate risks, notify affected individuals where appropriate, and report to the Information Commissioner’s Office (ICO) as required by law.

13. Policy Review

This data protection policy is reviewed annually or whenever necessary to ensure compliance with changes in the law or BOVF activities.

14. Contact Information

For any questions regarding this policy or data protection concerns, please contact:Data Protection Officer
British Overseas Voters Forum (BOVF)
dataprotection@bovf.org.uk