Sussex and Surrey Celebrant is fully committed to full compliance with the requirements of the General Data Protection Regulations. Sussex and Surrey Celebrant will, therefore, follow procedures which aim to ensure that all team members who have access to any personal data held by Sussex and Surrey Celebrant are fully aware of and abide by their duties under the General Data Protection Regulation. Sussex and Surrey Celebrant will not share any information with any third party. Please note – some information may need to be shared with Funeral directors and venues, consent will be requested before any details are shared.
Statement of policy
Sussex and Surrey Celebrant needs to collect and use information about people with whom it carries out business in order to operate and carry out its business. This personal information must be handled and dealt with properly; however it is collected, recorded and used and whether it is on paper, in computer records or recorded by other means.
Sussex and Surrey Celebrant regards the lawful and appropriate treatment of personal information as very important to its successful operations and essential to maintaining confidence between Sussex and Surrey Celebrant and those with whom it carries out business. Sussex and Surrey Celebrant therefore fully endorses and adheres to the Principles of the General Data Protection Regulation.
Handling personal/special category data
Sussex and Surrey Celebrant will, through management and use of appropriate controls, monitoring and review:
- Use personal data in the most efficient and effective way to deliver better services.
- Strive to collect and process only the data or information which is needed
- Use personal data for such purposes as are described at the point of collection, or for purposes which are legally permitted.
- Strive to ensure information is accurate
- Not keep information for longer than is necessary.
- Securely destroy data which is no longer needed.
- Take appropriate technical and organisational security measures to safeguard information (including unauthorised or unlawful processing and accidental loss or damage of data)
- Ensure that information is not transferred abroad without suitable safeguards.
- Ensure that there is general information made available to the public of their rights to access information.
- Ensure that the rights of people about whom information is held can be fully exercised under the General Data Protection Regulation.
These rights include:
- The right to be informed.
- The right of access to personal information.
- The right to request rectification.
- The right to request erasure.
- The right to restrict processing in certain circumstances
- The right to data portability
- The right to object to processing
We will retain your information for the periods stated below unless or until you request us to do otherwise.
We collect and process your personal information for the following purposes:
- To process your order.
- To provide you with the best possible service.
We will hold your name, address, email address, phone number, date of birth and any other relevant details/information you provide to us. We use this information to maintain contact with you to provide your requested services, manage their delivery and bill you for them. We retain this information in our electronic database for five years after the most recent event we host for you, and for seven years in our financial records (due to statutory requirements). Where we have not hosted a course/event for you, we will retain the details relating to your initial enquiries of services for no more than two years.
While we retain your contact information, we will contact you about our services. You may unsubscribe from such communications at any time.
Please note that all telephone calls are recorded for training and quality purposes.
We do not share personal information with any third parties except if requested by law. If you have concerns or queries about any of these purposes, or how we communicate with you, please contact us at the address given below.
Programs used where your information is used/stored.
- WooCommerce – Website
- Really Simple Systems – Database
- Zoom – Conference calling / Assessment
- We use Apple equipment including iCloud
- Nameco – Secure Email hosting
Computer system and Connections
All Computers used by Sussex and Surrey Celebrant are connected to a VPN.
Sussex and Surrey Celebrant occasional works in South Africa, using the same systems listed above. Sussex and Surrey Celebrant follows the same principal as if I was working within the UK.
The right to access personal data:
General Data Protection Regulation 2018 gives individuals who are subject of personal data (known in the General Data Protection Regulation as ‘data subjects’) a general right of access to personal data that relates directly to you.
To request information, a written request and proof of identity must be received before any such information will be released by Sussex and Surrey Celebrant . We aim to supply all requests within a calendar month as prescribed in the General Data Protection Regulation this will be calculated from the day on which the Sussex and Surrey Celebrant receives the written request.
All data subject access requests must be in writing (email not accepted).
All requests should be addressed to:
Mr J Matson-Higgins
Sussex and Surrey Celebrant.
206 Warren Road,
The United Kingdom.
Sussex and Surrey Celebrant Data Protection policy was updated on January 1st, 2018 in line with the new GDPR legislation for May 25, 2018. Sussex and Surrey Celebrant is fully registered with the Information Commissioner’s Office (ICO).