The Trinity Challenge is committed to protecting the privacy and security of your personal information, and this privacy notice describes how we will collect and use personal information about you, in accordance with the General Data Protection Regulation (“GDPR”) and Data Protection Act 2018 (“DPA 2018”).
It applies to all visitors to our website who decide to provide us with their personal data.
The Trinity Challenge is the data controller of personal data we process about you. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of certain information about how we will use your personal data, and that detail is set out in this privacy notice.
This notice does not form part of any contract to provide services which may exist between the Trinity Challenge and any individual. We may update this notice at any time and so we recommend returning to our website from time to time in order to review the latest version.
It is important that you read this notice, so that you are aware of how and why we are using such information and what your rights are under the data protection legislation.
We will comply with data protection law. This says that the personal information we hold about you must be:
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
There are certain types of more sensitive personal data which require a higher level of protection, such as information about a person's health or sexual orientation. Information about criminal convictions also warrants this higher level of protection. This is known as special category data although, for the avoidance of doubt, the Trinity Challenge does not envisage processing any such data about you.
In the event that you are interested in participating within The Trinity Challenge then you will be invited to contact us via a no reply email address, without providing additional data.
We will then store that communication and use the email address to send you one subsequent email inviting submission of further details (via a link) required to register your application with The Trinity Challenge. In the event that you decide to proceed with registration we will then collect, store, and use the following categories of personal information about you:
In the event you are interested in receiving The Trinity Challenge newsletter and consent to doing so by choosing the option to sign up to The Trinity Challenge newsletter we will then collect, store, and use the following categories of personal information about you in order to provide you with our newsletter:
Our lawful basis for processing the above personal data is generally Article 6(1)(f), namely the pursuit of legitimate interests by The Trinity Challenge which we are satisfied are appropriate and proportionate. The only exception to this is the personal data processed in order to provide you with our newsletter, in which case we rely upon Article 6(1)(a), namely your consent.
"Special categories" of particularly sensitive personal information, such as information about your health, racial or ethnic origin, sexual orientation or trade union membership, require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information.
We do not need to process such data about you, and so we have not identified a lawful basis for doing so at this stage.
With the exception of sending you our newsletter we do not need your consent, because we have alternative lawful bases to allow us to process your data without consent i.e. Article 6(1)(f) of the GDPR.
Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. We are allowed to use automated decision-making in certain, limited circumstances and subject to implementation of particular safeguards
You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.
We do not envisage sharing your personal data with third parties, although we cannot rule it out entirely. We will not share your personal information within the scope of this privacy notice unless required to do so by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
We do not envisage transferring your personal information outside the UK and/or EU.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Once you are no longer a member of the Trinity Challenge we will retain and securely destroy your personal information in accordance with applicable laws and regulations.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Under certain circumstances, and as set out in further detail in our general privacy notice, by law you have the right to:
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us in writing as set out below.
You will not usually have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
In limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. However, we are only processing your personal data on the basis of consent in very specific circumstances and so this right only arises in limited scenarios. In particular, it applies to the personal data processed in order to provide you with our newsletter; you can withdraw your consent to this at any time, and we will stop sending the newsletter to you.
For further information and/or to exercise your data subject rights, including withdrawal of your consent to receive the newsletter, please contact: firstname.lastname@example.org
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.
You can complain to the Information Commissioner’s Office (ICO) if you are unhappy with the way we have dealt with a request from you to exercise any of your rights or if you think we have not complied with our legal obligations. Whilst you do not have to do so, we would appreciate first making us aware of the issue and giving us an opportunity to respond and to address it before contacting the ICO.
Making a complaint will not affect any other legal rights or remedies that you have. More information can be found on the ICO website: https://ico.org.uk/ and the Information Commissioner’s Office can be contacted by post, phone, fax or email as follows:
Information Commissioner's Office
Cheshire SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745 9 (if you prefer to use a national rate number)
Fax: 01625 524 510