Trustees
Volunteers
Hall Manager
Contractors acting on behalf of the charity
Anyone processing personal information for the Hall
3. What Personal Data We Hold
We may collect and process personal information including:
Names
Postal addresses
Email addresses
Telephone numbers
Booking information
Payment records
Correspondence
Volunteer and trustee contact details
Supplier and contractor details
CCTV images (if applicable)
We only collect information that is necessary for the operation of the Hall.
4. How We Use Personal Information
Personal information is used for purposes including:
Managing hall bookings
Responding to enquiries
Maintaining contact with hirers
Managing trustees and volunteers
Maintaining financial records
Processing invoices and payments
Complying with legal obligations
Maintaining the safety and security of the Hall
We will never sell personal information to third parties.
5. Lawful Basis
We process personal data using one or more of the following lawful bases:
Performance of a contract
Legitimate interests
Legal obligation
Consent where required
6. Data Protection Principles
King George Memorial Hall will ensure personal data is:
Processed lawfully, fairly and transparently.
Collected only for specified purposes.
Adequate, relevant and limited to what is necessary.
Accurate and kept up to date.
Retained only for as long as necessary.
Kept secure.
Processed in accordance with individuals' rights.
7. Data Security
We take appropriate technical and organisational measures to protect personal information.
These include:
Password-protected computers and devices.
Secure email accounts.
Restricted access to personal information.
Secure storage of paper records.
Secure disposal of confidential documents by shredding or approved disposal methods.
Regular software and security updates where applicable.
8. Sharing Information
Personal information will only be shared where necessary:
With professional advisers.
With payment providers.
With insurers.
Where required by law.
Where necessary to protect the Hall or its users.
Any third parties processing information on our behalf are expected to comply with UK GDPR.
9. Data Retention
We retain information only for as long as required.
Typical retention periods include:
Booking records – up to 6 years.
Financial records – 6 years plus the current financial year.
Trustee records – whilst serving and for an appropriate period afterwards.
Accident reports – in accordance with legal requirements.
CCTV footage (where applicable) – normally no longer than 30 days unless required for investigation.
10. Individual Rights
Individuals have the right to:
Request access to their personal information.
Request correction of inaccurate information.
Request deletion where appropriate.
Restrict processing.
Object to processing.
Request portability where applicable.
Withdraw consent where consent is the lawful basis.
Requests should be made in writing to the Hall.
11. Data Breaches
Any suspected or actual data breach must be reported immediately to the Chair of Trustees or Hall Manager.
The Trustees will:
Investigate the incident.
Take steps to minimise any harm.
Notify the Information Commissioner's Office (ICO) where required.
Notify affected individuals where legally necessary.
12. Data Protection Complaints
King George Memorial Hall takes any concerns regarding the handling of personal information seriously.
If you believe your personal data has been collected, used or disclosed inappropriately, or that your rights under data protection legislation
have not been respected, you should raise your concern with the Hall in the first instance.
Complaints should be made in writing by email or post and should include sufficient detail to enable the Trustees to investigate the matter.
The Trustees will:
Acknowledge receipt of the complaint as soon as reasonably practicable.
Investigate the circumstances surrounding the complaint.
Respond in writing, normally within one calendar month.
Take appropriate action where any improvements or corrective measures are identified.
If you remain dissatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).
Information about making a complaint to the ICO can be found at www.ico.org.uk or by calling 0303 123 1113.
13. Responsibilities
The Trustees are collectively responsible for ensuring compliance with data protection legislation.
Everyone handling personal information on behalf of the Hall must:
Keep information confidential.
Only access information required for their role.
Keep passwords secure.
Report any suspected breach immediately.
Dispose of personal information securely.
14. Website
The Hall website may collect personal information submitted through enquiry forms or emails.
Information received through the website will only be used to respond to enquiries, manage bookings and administer Hall activities.
The website may also use cookies to improve user experience.
15. Policy Review
This policy will be reviewed annually or sooner if there are significant changes to legislation or the way the Hall processes personal
information.
Contact
King George Memorial Hall
2655 Stratford Road
Hockley Heath
Solihull
B94 5NH
Email: office@kinggeorgememorialhall.co.uk
If you have concerns regarding how your personal information has been handled, you may contact the Information Commissioner's Office
(ICO) at www.ico.org.uk.
Policy Date 01/07/2026
Trustees
Volunteers
Hall Manager
Contractors acting on behalf of the charity
Anyone processing personal information for the Hall
3. What Personal Data We Hold
We may collect and process personal information including:
Names
Postal addresses
Email addresses
Telephone numbers
Booking information
Payment records
Correspondence
Volunteer and trustee contact details
Supplier and contractor details
CCTV images (if applicable)
We only collect information that is necessary for the operation
of the Hall.
4. How We Use Personal Information
Personal information is used for purposes including:
Managing hall bookings
Responding to enquiries
Maintaining contact with hirers
Managing trustees and volunteers
Maintaining financial records
Processing invoices and payments
Complying with legal obligations
Maintaining the safety and security of the Hall
We will never sell personal information to third parties.
5. Lawful Basis
We process personal data using one or more of the following
lawful bases:
Performance of a contract
Legitimate interests
Legal obligation
Consent where required
6. Data Protection Principles
King George Memorial Hall will ensure personal data is:
Processed lawfully, fairly and transparently.
Collected only for specified purposes.
Adequate, relevant and limited to what is necessary.
Accurate and kept up to date.
Retained only for as long as necessary.
Kept secure.
Processed in accordance with individuals' rights.
7. Data Security
We take appropriate technical and organisational measures to
protect personal information.
These include:
Password-protected computers and devices.
Secure email accounts.
Restricted access to personal information.
Secure storage of paper records.
Secure disposal of confidential documents by shredding
or approved disposal methods.
Regular software and security updates where
applicable.
8. Sharing Information
Personal information will only be shared where necessary:
With professional advisers.
With payment providers.
With insurers.
Where required by law.
Where necessary to protect the Hall or its users.
Any third parties processing information on our behalf are
expected to comply with UK GDPR.
9. Data Retention
We retain information only for as long as required.
Typical retention periods include:
Booking records – up to 6 years.
Financial records – 6 years plus the current financial
year.
Trustee records – whilst serving and for an appropriate
period afterwards.
Accident reports – in accordance with legal
requirements.
CCTV footage (where applicable) – normally no longer
than 30 days unless required for investigation.
10. Individual Rights
Individuals have the right to:
Request access to their personal information.
Request correction of inaccurate information.
Request deletion where appropriate.
Restrict processing.
Object to processing.
Request portability where applicable.
Withdraw consent where consent is the lawful basis.
Requests should be made in writing to the Hall.
11. Data Breaches
Any suspected or actual data breach must be reported
immediately to the Chair of Trustees or Hall Manager.
The Trustees will:
Investigate the incident.
Take steps to minimise any harm.
Notify the Information Commissioner's Office (ICO)
where required.
Notify affected individuals where legally necessary.
12. Data Protection Complaints
King George Memorial Hall takes any concerns regarding the
handling of personal information seriously.
If you believe your personal data has been collected, used or
disclosed inappropriately, or that your rights under data
protection legislation have not been respected, you should
raise your concern with the Hall in the first instance.
Complaints should be made in writing by email or post and
should include sufficient detail to enable the Trustees to
investigate the matter.
The Trustees will:
Acknowledge receipt of the complaint as soon as
reasonably practicable.
Investigate the circumstances surrounding the
complaint.
Respond in writing, normally within one calendar month.
Take appropriate action where any improvements or
corrective measures are identified.
If you remain dissatisfied with our response, you have the right
to lodge a complaint with the Information Commissioner's
Office (ICO).
Information about making a complaint to the ICO can be found
at www.ico.org.uk or by calling 0303 123 1113.
13. Responsibilities
The Trustees are collectively responsible for ensuring
compliance with data protection legislation.
Everyone handling personal information on behalf of the Hall
must:
Keep information confidential.
Only access information required for their role.
Keep passwords secure.
Report any suspected breach immediately.
Dispose of personal information securely.
14. Website
The Hall website may collect personal information submitted
through enquiry forms or emails.
Information received through the website will only be used to
respond to enquiries, manage bookings and administer Hall
activities.
The website may also use cookies to improve user
experience.
15. Policy Review
This policy will be reviewed annually or sooner if there are
significant changes to legislation or the way the Hall processes
personal information.
Contact
King George Memorial Hall
2655 Stratford Road
Hockley Heath
Solihull
B94 5NH
Email: office@kinggeorgememorialhall.co.uk
If you have concerns regarding how your personal information
has been handled, you may contact the Information
Commissioner's Office (ICO) at www.ico.org.uk.
Policy Date 01/07/2026