Privacy Policy

Third Sector Interface Moray (tsiMORAY) which is a company limited by guarantee (No. SC416994) and a Scottish registered charity (No. SC042954).

tsiMORAY is committed to protecting the rights and freedoms of data subjects, and safely and securely processing their data in accordance with all of our legal obligations. We hold personal data about our employees, members, volunteers and stakeholders, and other individuals and groups for a variety of business purposes. This notice sets out how we seek to protect personal data.

This privacy notice tells you about the information we may collect from you when you work with, or receive services from us. In collecting this information, we are acting as a data controller and, by law, we are required to provide you with information about us, about why and how we use your data, and about the rights you have over your data.

You can contact us by:

  • Email: data@tsimoray.org.uk

  • Post: tsiMORAY, Office 8, Caledonian House, Elgin, Moray, Scotland IV30 1BD.

  • Telephone: 01343 541713

Any enquiries about our use of your personal data should be addressed to the contact details above.

What personal data do we collect?

We will only ask you for personal information that is appropriate and necessary for us to work with you and/or to effectively provide services we have agreed with you. The information may include your name, address, telephone number and email address.

Why do we collect this information?

We will use your information to make contact with you about the work we are doing with you. We require this information to provide you with an efficient and effective service and to get in touch with you if we have information that could help either you individually or your group or organisation. There are also legal obligations that require us to retain certain information for specified periods.

The purposes therefore, for which personal data may be used by us include: Financial, regulatory, organisational and wider sector development purposes.

This may include the following:

  • Compliance with our legal, regulatory and charity governance obligations and good

    practice

  • Ensuring organisational policies are adhered to

  • Operational reasons, such as to support capacity building in the sector, recording interactions of all activities with our stakeholders, volunteering and training, quality control; ensuring the confidentiality of sensitive information

  • Communications and networking

  • Investigating complaints

  • Improving services

What do we do with your information?

tsiMORAY shall comply with the principles of data protection (the Principles) enumerated in the EU General Data Protection Regulation. We will make every effort possible in everything we do to comply with these principles. The Principles are:

1. Lawful, fair and transparent

Data collection must be fair, for a legal purpose and we must be open and transparent as to how the data will be used.

2. Limited for its purpose

Data can only be collected for a specific purpose.

3. Data minimisation

Any data collected must be necessary and not excessive for its purpose.

4. Accurate

The data we hold must be accurate and kept up to date.

5. Retention

We cannot store data longer than necessary.

6. Integrity and confidentiality

The data we hold must be kept safe and secure.

We may store your information in a variety of ways. These may include: paper files, on data servers, and in cloud-based client-management solutions as well as being stored in our Management Information System which is operated on the Salesforce platform and is currently managed for us by Scottish Council for Voluntary Organisations (SCVO), acting as a data processor. You can find out more about SCVO at their website: www.scvo.org.uk We may also share the information with the Scottish Government where this is necessary and appropriate to provide services we agree to undertake on your behalf. All forms of storage will be legally compliant in terms of security. Your personal data will not be shared with third parties, except where you give us permission to do so.

How long do we keep your information for?

We will keep your information for no longer than necessary and this may vary depending on the type of information we hold and will depend on the circumstances of each case however this will be determined in a manner consistent with our data retention guidelines. Your personal information will then be deleted from our system.

Your rights over your information

By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate.

You can also ask us to give you a copy of the information and to stop using your information for a period of time if you believe we are not doing so lawfully.

And you have the right to ask us to delete permanently all the information we hold about you.

To submit a request by email, post or telephone, please use the contact information provided above.

Your right to complain

If you have a complaint about our use of your information, you can contact the Information Commissioner’s Office via their website at www.ico.org.uk/concerns