Data Protection Compliance
The Twang Music Foundation
Data Protection Policy
​
The Twang Music Foundation (TMF) is required to process relevant personal data regarding
members of staff, beneficiaries, and volunteers as part of its operation and shall take all
reasonable steps to do so in accordance with this Policy.
Personal Data is essentially personal information about an individual that is held
electronically (on a computer) or held in a file.
​
Beneficiary records could include the following information:
-
Personal information such as full name, address, date of birth, school, medical
information
-
Name of Parent/carer (where applicable) and contact information such as mobile
telephone and email address
-
Parent/carer bank details
-
Ensemble activity.
​
Staff records include:
-
Personal information; name, address, date of birth, DBS and other recruitment and
or appointment information
-
Bank details
-
Salary correspondence
​
TMF recognises The EU General Data Protection Regulation (GDPR) 2018 and aims to ensure
that Personal data shall be:
1. Processed lawfully, fairly and in a transparent manner.
2. Collected for specified, explicit and legitimate purposes.
3. Adequate, relevant and limited to what is necessary.
4. Accurate and, where necessary, kept up to date.
5. Retained only for as long as necessary.
6. Processed in an appropriate manner to maintain security.
Personal Data shall not be transferred to a country or territory outside the European
Economic Area unless that country or territory ensures an adequate level of protection for
the rights and freedoms of Data Subjects in relation to the processing of Personal Data.
This policy was written on the 3 rd of March 2023. All TMF policies are reviewed annually.
Data Retention
TMF is directly responsible under the Data Protection Act (DPA) for the collation, retention,
storage, and security of all information we produce and hold. Personal data processed for
any purpose shall not be kept for longer than is necessary for that purpose. Information
shall be securely deleted when it is no longer required. Data may be archived only if there is
a possibility it may still be required.
Confidentiality
TMF will respect the confidentiality of information it processes. However, information will
be disclosed on a need to know basis. For example, the relevant Office Staff or appropriate
First Aider may disclose details of a pupil's allergy so that other staff know how to respond.
Care must be taken to ensure that only information that the individual is entitled to is
released and that it does not include other sensitive information in error.
Access
Parents, beneficiaries, staff and volunteers are able to make a request under the DPA to find
out if TMF holds any Personal Data about them and what it is. This is called a data subject
access request. DPA requests should be written to Philip Tindley, Chair of TMF:
Philip Tindley
Director and Data Protection Officer
Twang Guitars Ltd & Twang Music Academy Ltd & Twang Music Foundation
94 High Street
Penge
London
SE20 7EZ
TMF will endeavour to respond to any such written requests as soon as is reasonably
practicable and, in any event, within 40 days for access to records and 21 days to provide a
reply to an access to information request.
Consent
TMF processes some personal data for direct marketing and fund-raising purposes. For
beneficiaries under the age of 18, permission will be sought via permission slips given to the
parents or carers of be beneficiaries. No personal data will be used on our website or social
media channels without the express permission of parents/carers.
Security
TMF will take appropriate technical steps and implement organisational systems to ensure
the security of personal data. All staff will be made aware of this policy.
This policy was written on the 3 rd of March 2023. All TMF policies are reviewed annually.