Data Protection and Sharing Policy

St. Ives Tabletop

1. Introduction

1.1	The St. Ives Tabletop group (henceforth referred to as the “Group”) is managed by a committee (henceforth referred to as the “Committee”).
1.2	This policy covers aspects of data protection, data sharing, and data usage of information supplied by individuals to the Committee.
1.3	Any information shared with other members of the Group directly is beyond the responsibility of this document. However, mis-use of that information, and any distress or harm caused would be covered by the Group’s Conduct and Behaviour Policy.

2. Personal Data at Sessions

2.1		Individuals attending a session do not need to provide any personal information to the Committee.
2.2		Individual attendance will be optionally recorded, which may include:
	2.2.1	First name and initial
	2.2.2	Email address
	2.2.3	Discord username
2.3		Aggregate numbers will be recorded (to help the Committee manage the Group and assess the financial risks).
2.4		We will seek consent to capture images at sessions that may include individuals and their guardians/carers.
2.5		There is no membership of the Group as such, with no member card, nor member database.

3. Personal Data Online

3.1	The Group use several digital tools and social media platforms. Online communication requires the Committee to obtain and store information about individuals, specifically their name and username/identifier associated with the appropriate tool or platform.
3.2	The Committee will invite individuals to provide an email address. This will be used solely for the purpose of communicating updates on Group events and activities. These details will be stored within the relevant tool or platform, or within a database.
3.3	Any stored contact information will be visible to all members of the Committee and, depending on the digital tool or platform, revealed to other individuals (for example, joining a Facebook Group will reveal the individual to others within that Facebook Group - this is outside the control of the Committee).
3.4	Individuals are not required to use any digital tool or social media platform, and any such use is also in accordance with the relevant user agreements.
3.5	Individuals may at any time have their details removed from the relevant digital tool, social media platform account, or associated database. However, depending on the tool or platform, the Committee may not have the ability to fully remove an individual or their contributions (instead the individual might need to make such a request to the tool or platform). The Committee will acknowledge requests to be removed, and explain the actions taken, and what may remain, on a per tool/platform basis.

4.1	Individuals’ data will not be shared outside the Committee or sold to third parties.