Walk N Talk 4 Mental Health – Privacy Notice for Employees, Volunteers, and Users

Purpose

Walk N Talk 4 Mental Health ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This privacy notice explains how we collect and use personal information about you during and after your engagement with us, in line with the UK General Data Protection Regulation (UK GDPR).

Walk N Talk 4 Mental Health is a "data controller." This means we are responsible for deciding how we hold and use personal information. We are required by law to notify you of the information contained in this notice.

Scope

This notice applies to all current and former employees, volunteers, and users of Walk N Talk 4 Mental Health. It does not form part of any contract of employment or services. We may update this notice periodically and will notify you of any significant changes.

Data Protection Principles

We will comply with data protection law, ensuring that personal information is:

  • Used lawfully, fairly, and transparently.
  • Collected for specified, legitimate purposes.
  • Relevant and limited to what is necessary.
  • Accurate and kept up to date.
  • Kept only as long as necessary.
  • Processed securely.

What Information We Collect

We may collect, store, and use various categories of personal information:

  • Identity Data: Name, date of birth, gender.
  • Contact Data: Address, email, phone numbers.
  • Employment Data: Role, start date, work history (employees/volunteers).
  • Health Data: Voluntarily disclosed information relevant to event safety.
  • Technical Data: IP address, device information, and website usage data.

How We Collect Your Data

We collect personal information:

  • Directly: Through event registrations, volunteer applications, and communications.
  • Indirectly: Via automated interactions with our website (e.g., cookies).
  • From Third Parties: Such as recruitment agencies or background check providers (employees/volunteers).

How We Use Your Information

We use your personal data to:

  • Manage volunteer and user participation in activities.
  • Communicate relevant updates and event information.
  • Ensure health and safety compliance.
  • Enhance services and monitor usage for improvement.

Legal Basis for Processing

We rely on:

  • Consent: For specific communications and health data.
  • Legitimate Interests: For operational needs and safety.
  • Legal Obligations: For regulatory and compliance requirements.

Data Sharing

We may share data with:

  • Service Providers: For IT support, data storage, and communication services.
  • Regulatory Authorities: When legally required.

Data Security

We use appropriate security measures to protect your data from unauthorized access, alteration, or disclosure. Access is restricted to personnel with a legitimate need to know.

Data Retention

Your personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or as required by law.

Your Rights

Under data protection law, you have the right to:

  • Access: Request copies of your personal data.
  • Correction: Request corrections to your data.
  • Erasure: Request deletion of data in certain circumstances.
  • Restriction: Request limitation of data processing.
  • Objection: Object to processing based on legitimate interests.
  • Data Portability: Request data transfer to another party.

How We Use Sensitive Personal Data

Sensitive data, such as health information, is processed only:

  • With your explicit consent.
  • To comply with employment law or for health and safety.

Automated Decision-Making

We do not currently use automated decision-making processes. If this changes, we will inform you and explain your rights.

Data Sharing with Third Parties

We may share data with:

  • Third-Party Providers: For services like payroll or IT support.
  • Regulatory Bodies: For legal compliance.
  • Other Organisations: In case of potential mergers or regulatory needs.

Data Security Measures

We implement stringent security protocols, limit data access to authorised personnel, and ensure data is stored securely. Procedures are in place for responding to data breaches.

Data Retention Policy

We retain personal data only as long as necessary for our operational needs and legal obligations. Anonymised data may be used beyond retention periods for statistical purposes.

Your Responsibilities

It is important that personal data we hold is accurate and current. Please notify us of any changes.

Contact Us

If you have questions or wish to exercise your rights, contact us at:
Email: [email protected]

Complaints

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data rights have been violated.

Last Updated: 30 June 2025

Rolling hills