Terms, Cookies & Privacy

 

Terms of Use
Gawcott Fields Community Solar Project CIC has been set up with the support of Communities for Renewables CIC (CfR), a specialist community energy advisory company. CfR will provide ongoing administration and governance support.

Communities for Renewables CIC (no. 7934268) with registered office at Redruth House, Cornwall Business Park West, Scorrier, Cornwall, TR16 5EZ (“we” or “us”) is committed to preserving your privacy. Please read the following privacy policy to understand how we use and protect the information that you provide to us.

By using or registering on this website (“the Site”) you consent to the collection, storage, use and transfer of your information under the terms of this policy.

Cookies
We use cookies to improve your experience. By your continued use of this site you accept such use. You can change your preferences or disable cookies from your web browser’s settings.

Gawcott Fields Community Solar (“GFCS”) and Data Protection
As a non-profit making organisation and as we maintain personal information for the purpose of carrying out our business. We process information where;

–  an individual has given consent to the processing for a specific purpose (such as signing up to our newsletter)
–  for entering into or performing a contract
–  when required to comply with the organisation’s legal obligations
–  when processing is necessary to protect the vital interests of the individual or when carrying out a task in public interest or in the exercise of official authority
–  and when processing is necessary for legitimate interests pursued by GFCS (except where those interests are overridden by the rights and freedoms of the individual).

GFCS is not required to register with the Information Commissioner’s Office, although in the interests of best practice, GFCS has implemented a Data Protection Policy for the collection, storage and processing of personal data held manually or electronically.

GFCS Data Protection Policy

Definitions:

Personal data means data (whether stored electronically or paper based) relating to a living individual who can be identified directly or indirectly from that data (or from that data and other information in our possession).

Processing is any activity that involves use of personal data. It includes obtaining, recording or holding the data, organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring personal data to third parties.

Sensitive personal data includes personal data about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic, biometric, physical or mental health condition, sexual orientation or sexual life. It can also include data about criminal offences or convictions. Sensitive personal data can only be processed under strict conditions, including with the consent of the individual. We store no sensitive data.

Personal data will be:

–  processed lawfully, fairly and in a transparent manner;
–  collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with these purposes;
–  adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
–  accurate and, where necessary, kept up to date; every reasonable step will be taken to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is erased or rectified without delay;
–  kept in a form which permits identification of individuals for no longer than it is necessary for the purposes for which the personal data is processed; and
–  processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised and unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

If another organisation processes data on our behalf, e.g. a market research or conference organisation, we should to ensure that they have adequate security in place for the management of personal data.  This testimony should be provided to GFCS at contract stage.

In principle, personal data controlled by GFCS will not be released to third parties. Occasionally, partner or stakeholder organisations may ask to share personal data held by GFCS.  This will only be allowed if they have at least an equivalent data protection policy in place or they agree to be bound by GFCS’s policy.

Security:

–  All passwords to computer systems will be kept secret.
–  Screen to be locked when leaving computer and office unattended.
–  All electronic or manual files containing personal data to be kept in a secure place at all times.

Rights of Individuals

Individuals are usually entitled to the following rights:

–  The right to be informed
–  The right of access
–  The right to rectification
–  The right to erasure
–  The right to restrict processing
–  The right to data portability
–  The right to object; and
–  The right not to be subjected to automated decision-making including profiling.

Subject Access Requests

Individuals should contact GFCS directly for subject access requests and must provide proof of identity when making an access request. GFCS will endeavour to comply with the request within one month and will only refuse requests which are manifestly unfounded or excessive. If GFCS refuse a subject access request they will give reason, in addition to informing the subject of their rights to complain to the supervisory authority and to a judicial remedy.

To submit a subject access request, please contact hello@gawcottsolar.co.uk with the subject set at “subject access request”.

Data Protection by Design and Data Breaches

GFCS recognises the crucial importance of data protection by design, and its policies and processes are developed around ensuring the safety of personal information stored and handled by the organisation. GFCS harbours a no-blame policy among its staff, to ensure that all data breaches are reported quickly and efficiently. Should a data breach which is likely to result in a high risk to the rights and freedoms of individuals occur, those concerned directly will be notified of the breach within 72 hours.

We also use cookies on our website, gawcottsolar.co.uk – for more information on this, please see our cookies policy (above).

We reserve the right to change this policy at any time. Where appropriate, we will notify you of changes by mail or email, or with a website article/update.

Third party websites
Because we want your experience of our Site to be as informative and useful as possible, we provide a number of links to websites operated by third parties (“Third Party Websites”). Please be aware that we do not control such Third Party Websites and that such Third Party Websites may send their own cookies to users, or otherwise collect data or solicit personal information. We assume no responsibility for the information gathering practices of Third Party Websites that you are able to access through our Site, and we encourage you to review each Third Party Website’s privacy policy before disclosing any personally identifiable information.

Contact us
If you have any queries concerning your personal information or any questions on our use of the information then please contact us at hello@gawcottsolar.co.uk or by sending us a letter to Communities for Renewables, Redruth House, Cornwall Business Park West, Scorrier, Cornwall, TR16 5EZ or by telephoning us on 01209 705 423.