The Northern Information Governance Forum [NIGF] is a not for profit organisation based in the North of England providing a community to allow the discussion of Information Governance and Cyber Security related issues.
As a not for profit organisation, NIGF is exempt from registering with the ICO, but is committed to ensuring the confidentiality of individuals data and will ensure that it adheres to the principles of the EU General Data Protection Regulations and UK Data Protection Act in handling all identifiable information as part of its ongoing activities.
We collect and use different types of information for different purposes. These include:
Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.
We collect personal information from a number of different sources, including:
We may use your information for a number of different purposes. For each purpose we must have a “legal ground” to use your personal information in such a way. When the information that we process is classed as sensitive personal information/ special categories of personal information, we must have a specific, additional “legal ground” to process such information e.g. any information about your health (for instance if providing dietary information for catering purposes at events).
We may use your personal information to:
We will not supply your personal information to any third party for the purpose of their or any other third party's direct marketing. The personal data we hold about you will only be used in line with the purposes detailed above and the legal basis for these will be:
At the current time, we do not use your information to actively profile you or to make decisions based on characteristics of our service users, neither do we carry out any automated processing of your personal information that would lead to significant decisions being made about you.
We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as is reasonably necessary for the purposes set out in this policy.
We may disclose your personal information:
Except as provided in this policy, we will not provide your personal information to third parties or share or process any of your personal information outside the UK.
Personal information that we process for any purpose shall not be kept for longer than is necessary for that purpose. Notwithstanding the other provisions of this section, we will retain your personal information:
If you would like further details of how personal information is retained by NIGF, please contact us directly.
You have a number of rights under Data Protection law including:
If you would like to access your own personal information or exercise any of the rights detailed above, please contact us by email firstname.lastname@example.org
In the majority of cases, we will respond to your request within one month of receiving the necessary information required to deal with your request.
We may ask you to supply appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport plus an original copy of a utility bill showing your current address) and any additional information to help us to deal with your request effectively.
There may be some exemptions to dealing with your rights as specified in Data Protection law, but we will ensure you are fully informed of this within a month of receiving your request.
Full information on your rights under the Data Protection Act can be found from the following link: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
If you have a concern that cannot be resolved through discussion with us, these can also be raised with the Information Commissioner’s Office. More information can be found from the following link https://ico.org.uk/concerns/