WARAWest Acton Resident Association

GDPR & Privacy Policy

Introduction

West Acton Residents Association ("WARA", "we", "our", "us") is committed to protecting your personal data and respecting your privacy. This policy explains how we collect, use, and safeguard your information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller

West Acton Residents Association is the data controller responsible for your personal data. If you have any questions about this policy or our data practices, please contact us using our contact form.

Information We Collect

We may collect and process the following personal data:

  • Membership information: Name, address, email address, and phone number when you join WARA
  • Contact information: Details provided when you submit enquiries through our contact form
  • Meeting attendance: Records of attendance at quarterly meetings
  • Payment information: Membership subscription payment records
  • Technical data: IP address, browser type, and device information collected automatically when you visit our website
  • Usage data: Information about how you use our website

How We Use Your Information

We use your personal data for the following purposes:

  • To manage your WARA membership
  • To send you newsletters and updates about local issues affecting West Acton
  • To notify you of quarterly meetings and community events
  • To respond to your enquiries
  • To process membership subscriptions
  • To advocate on behalf of residents with Ealing Council and other bodies
  • To improve our website and services
  • To comply with legal obligations

Legal Basis for Processing

We process your personal data on the following legal bases:

  • Consent: Where you have given clear consent for us to process your data for a specific purpose
  • Contract: Where processing is necessary for your membership agreement with WARA
  • Legitimate interests: Where processing is necessary for our legitimate interests as a residents' association and does not override your rights
  • Legal obligation: Where we need to comply with a legal requirement

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. Membership records are retained for the duration of your membership plus 2 years. Contact form submissions are typically retained for 2 years. Financial records may be retained for up to 7 years for accounting purposes.

Your Rights

Under UK GDPR, you have the following rights:

  • Right of access: Request a copy of your personal data
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your data in certain circumstances
  • Right to restrict processing: Request limitation of how we use your data
  • Right to data portability: Request transfer of your data to another organisation
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us using our contact form. We will respond to your request within one month.

Cookies

Our website uses essential cookies to ensure proper functionality. We may also use analytics cookies to understand how visitors interact with our site. You can control cookie settings through your browser preferences.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. However, no internet transmission is completely secure, and we cannot guarantee absolute security.

Third-Party Services

We may use third-party services to help operate our website and manage our association. These providers are bound by contractual obligations to keep your data secure and use it only for specified purposes.

Changes to This Policy

We may update this policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

ICO Website: www.ico.org.uk

Last updated: March 2026