We recognize the need to respect and protect the need to respect and protect information disclose to us that is called Personal Information (explained below.)

This notice is intended to tell you how we use your Personal Information and describes how we collect and use your Personal Information during your stay with us. We are committed to handling data fairly and lawfully taking the data protection obligations seriously. We ensure that we process the Personal Information in compliance with the General Data Protection 2018 (“GDPR”).

1. WHAT IS PERSONAL DATA AND WHAT PERSONAL DATA INFORMATION DO WE COLLECT ABOUT YOU.

1.1 What is Personal Information

For the purposes of this Data Protection Policy “Personal Information” consists of any information that relates to you and/or information from which you can be identified, directly or indirectly. For example, information which identifies you may consist of your name, address, telephone number, photographs, location data, an online identifier (e.g. cookies identifiers and your IP address) or to one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity. When we combine other information (i.e. information that does not, on its own, identify you) with Personal Information, we treat the combined information as Personal Information.

2.TYPES OF PERSONAL INFORMATION WE COLLECT

We collect, use, store and transfer different kinds of Personal Information about our subscribers, volunteers and donors.

2.1 Subscribers to our mailing lists

We collect Name, Email and Location.

2.1.1 How is your Personal Information Collected

• • We collect information through our subscription forms found on our website and feedback forms distributed to the attendees at our events.

2.1.2 How we use your Information

• • We use name and email to inform you about your chosen updates and events. Location information is used to send you updates and events that are relevant to your location.

2.1.3 Data Retention

• • Subscribers will continue to receive email updates until they wish to unsubscribe. The option to unsubscribe will be provided on each email updates sent by us. We will keep information about unsubscribe for a year to avoid them from being by accident. If you would like complete erasure before one year period, feel free to contact us after you have unsubscribed.

2.1.4 Data processor used to process and store your Personal Information

We use MadMimi email marketing platform (https://madmimi.com/) to process the subscriptions. They use GDPR compliant security levels.

In order to see how people respond to our emails we have email views and clicks tracking enabled in Madmimi. We may send extra event information (such as event reminders) to people who show more interest. You are welcome to disable views and clicks tracking in the following manner. When you receive our mail:

• Click the “Preferences” button that’s automatically included with each email.
• Check the link in the automated email you will receive to access your Subscription Management page.
• Tick “Don’t collect data about my email views and clicks”
• To save the changes click “Update”.

2.2 Volunteers

In order to process all the applications fairly and according to our availability and to ensure that you have required skills and are well enough to volunteer with us we collect Name, Contact Details, Address, Skills, Work Experience, Immigration Status, Diet Requirements, Food Allergies, Interests in our programmes and the what you would

like to achieve by volunteering with us, including next to kin contact details in case of an emergency.

We are determined to ensure healthy, safe and peaceful environment to all our guests, our volunteers as

well as our residents at our permises therefore we are obliged to obtain Special Category

Personal Data (as defined in the GDPR) such as medical conditions and criminal records information.

2.2.1 How is your Personal Information Collected

• • We collect information through our secure online volunteering application form.

2.2.2 How we use your information

• • To process your application to volunteer with us, to asses relevance of your skills with our present needs and

ability to fulfil the tasks required and to schedule your volunteering period.

2.2.3 Data Retention

• • Volunteers Personal Information will be retained for a maximum period of 2 years in order to fastrack the

application process of returning volunteers. We will keep a separate record of blacklisted volunteers up to 20

years depending on seriousness of offense as this is our legitimate interest to keep our public environment safe

and peaceful for our volunteers, visitors and residents alike.

2.2.4 Data processor used to process and store your Personal Information

• • We use JotForm forms to collect your personal information. They store and processes all our Volunteers Personal Data in compliance with GDPR. The Personal Data is secured and protected and can only be accessed by a private key. More details on it’s privacy policy can be found on

https://www.jotform.com/privacy/

2.3 Donors and Patrons

a) We collect Name, Contact Details, The amount you wish to donate and if you wish to set up regular payments.

b) Bank Details are collected and securely processed by our data processor Total Giving platform ‘Donation

Manager”. For more details on it’s policies please see clause 2.3.4 below.

2.3.1 How is your Personal Information Collected

We collect information through Total Giving donation manager platform.

2.3.2 How we use your Personal Information

a) To maintain and review order donations histories.

b) Address is used to serve you certain benefits that comes with your donation amount such as sending you our

bi-monthly magazine “Back to Godhead” for our patrons.

2.3.3 Data Retention

a) We retain the Personal Information of one off donations for a maximum period of 7 years as required by law.

b) We retain the Personal Information of regular Donors and Patrons until they cancel their donation. Then the record of donations will be stored for up to 7 years as required by law.

2.3.4 Data processor used to process and store your Personal Information

Total Giving manages all our Donors Personal Information securely according to GDPR requirements. For more

details on it’s privacy policies please visit https://donationmanager.co.uk/info-pages/privacy

2.4. Google Analytics

We use Google Analytics to analyse the use of our website by mean of cookies. The information gathered

relating to our website is used to create reports about the use of our website. Google’s privacy policy is available

at https://policies.google.com/privacy

2.5. Combining Personal Information

We may combine the Personal Information that we collect from you to the extent permitted by applicable law.

3.TO WHOM WE DISCLOSE YOUR INFORMATION

We will only use your Personal Information for internal purposes only. Only two people currently has an access to your personal data – the person who processes applications and IT admin. We do not share your information with third parties.

4. ACCESSING YOUR PERSONAL INFORMATION AND OTHER RIGHTS YOU HAVE

We will collect, store and process your Personal Information in accordance with your rights under any applicable General Data Protection Regulations. You have the following rights in relation to your Personal Information:

a) Subject Access – you have the right to request details of the Personal Information which we hold about you and copies of such Personal Information.

b) Right to Withdraw Consent – where our use of your Personal Information is based upon your consent, you have the right to withdraw such consent at any time. In the event you wish to withdraw your consent to processing, please contact us using the details provided in clause 8 below.

c) Data Portability – you may, in certain circumstances, request us to port (i.e. transmit) your Personal Information directly to another organisation.

d) Rectification – we want to ensure that the Personal Information about you that we hold is accurate and up to date. If you think that any information we have about you is incorrect or incomplete, please let us know. To the extent required by applicable laws, we will rectify or update any incorrect or inaccurate Personal Information about you.

e) Erasure (‘right to be forgotten’) – you have the right to have your Personal Information ‘erased’ in certain specified situations.

f) Restriction of processing – you have the right in certain specified situations to require us to stop processing your Personal Information and to only store such Personal Information.

g) Object to processing – You have the right to object to specific types of processing of your Personal

Information, such as, where we are processing your Personal Information for the purposes of direct marketing.

h) Prevent automated decision-taking – in certain circumstances, you have the right not to be subject to

decisions being taken solely on the basis of automated processing.

5. ENFORCING YOUR RIGHTS

If you wish to enforce any of your rights then please contact us on our details in clause 8 below.

We will respond to your request without undue delay and no later than 30 days from receipt of any such request,

unless a longer period is permitted by applicable General Data Protection Regulations.

6. COMPLAINTS

If you are concerned that we have not complied with your legal rights under applicable General Data Protection

Regulations, you may contact the Information (Commissioner’s Office https://ico.org.uk) which is the data

protection regulator in the UK where we are located. Alternatively, if you are based outside the UK, you

contact your local data protection supervisory authority.

7. CHANGES TO THIS DATA PROTECTION POLICY

It is also important that you check back often for updates to the Data Protection and Privacy Policy, as we may

change this Data Protection and Privacy Policy from time to time. The “Date last updated” legend at the bottom

of this page states when the Data Protection and Privacy Statement was last updated and any changes will

become effective upon our posting of the revised Data Protection and Privacy Policy.​

We will provide notice to you if these changes are material and, where required by applicable law, we will obtain

your consent. We will provide this notice by email or by posting a notice of the changes on our website.

8. CONTACT US / FURTHER INFORMATION

8.1 Our Details

This website is owned and operated by ISKCON Scotland Ltd

Karuna Bhavan

Bankhouse Road

Lesmahgow

ML11 0ES

SCOTLAND, UK

Resgistered Charity number SC001127.

If you have any queries at all in relation to your data and how we protect your data rights, please contact our

Data Protection Officer on admin@iskonscotland.org

Other Ways of Contacting us

a) using our Website contact form.

b) by telephone on +447726688778

​

​

Last updated 06/07/2022