Cookstown and Western Shores Area Network, (CWSAN) is a local Rural Community Support network company ltd by guarantee and with charitable status. We provide advice and support on community and rural development and which deliver Community projects and programmes largely focusing in the Mid Ulster area. We sometimes use the descriptive “the Mid Ulster Community Network or MUCN”. We are managed by a voluntary Board of Directors elected from our member groups and we currently employ seven staff.
We are committed to protecting and respecting your privacy. This privacy notice explains why we collect information from people and how we use it. We are both a data controller and a data processor in the context of the General Data Protection Regulations which comes into effect in May 2018. Our registered office address is The Crieve Centre , Stewartstown, Co Tyrone BT71 5HY.
What Personal Information Do We Collect?
Personal information we collect may include: your name; address; telephone number; email address; and postcode. We may also collect the following for Board and staff members: date of birth and National Insurance number. CWSAN collects information when you register with us, place a booking for, or access a grant, information or service.
Bases and Purposes of Processing
We outline below the different basis upon which we process personal information collected from different categories of individuals and the purpose of the processing.
If you are a service user (and/or a member beneficiary of our advice and support we will collect and process personal information from you on the basis of legitimate interest. We have identified our legitimate interest as providing you with the advice, support and related service you have requested and which is within our remit and function as an advice giving charity. We only collect the personal data of the people who have requested our service in order to provide it and we will use your personal data only as you might reasonably expect us to. This may include contacting you by letter; email; or telephone about your advice case and/or other planning and related matters. We will not share your personal data with any other organisation. We undertake ongoing research on the effectiveness of and demand for our advice services – we thus retain historical data on our support work but your identifiable personal information does not feature in this, only the support subject matter.
If you are member of our Board of Directors we will collect and process personal information from you on the basis of legal obligation. The purpose of this processing is charity governance and it is a regulatory requirement for us to provide some personal information to a range of bodies including HMRC; the Charity Commission NI and Companies House.
If you are an employee we will collect and process personal information from you on the basis of the contract of employment you have with us. The purpose of the processing will include training, payroll and other personnel functions. Recipients of employee personal data will include HMRC, pension providers and funders.
If you apply for a job with us (a job applicant) we will process the personal information you provide on the basis that you might soon enter into a contract with us as an employee. The purpose of the processing is to contact you about the vacancy, progress your application and to assess your suitability for the post. Only our staff and recruitment panel (upon which our Board of Directors is represented) will have access to this data and it will not be shared with anyone else. We will destroy all job applicants’ personal information and job applications six months after the recruitment exercise has ended.
We will retain personal information for as long as is required by law or for as long we consider it necessary for our legitimate business purposes.
Technical and Organisational Security Measures
Personal information we collect from you is stored either: (a) in hard copy or electronic format at our registered office or (b) in the cloud (via Microsoft Office 365 or Salesforce CRM).
Only CWSAN staff (and partners staff) or CWSAN Board of Directors have access to and are authorised to view and process your personal information. Access to any of our cloud data is by named licenced user only and will be password protected. Our data is hosted in a secure environment that uses a firewall and other advanced technology to prevent interference or access from outside intruders.