Data Policy


The KCIMESG Data Policy governs the collection, storage and use of personal data by the Kirklees and Calderdale Independent ME Support Group.

The KCIMESG Management Committee shall include a data officer, whose role will be to ensure that .KCIMESG complies with this policy and applicable laws on data.


KCIMESG may collect the names, addresses, telephone numbers and email addresses of members, service users and volunteers.

Personal data may be collected on behalf of KCIMESG by the organisation’s volunteers.

KCIMESG must inform people who provide their personal data to KCIMESG, whether their personal data is only being collected on behalf of KCIMESG, or if their personal data is being collected on behalf of other organisations.


Electronic documents which include personal data collected by KCIMESG must be stored in password-protected files and directories.

Print documents which include personal data must be stored in lockable cabinets or lockable drawers.

Data must not be stored for more than one year.


Personal data stored by KCIMESG may be accessed by the organisation’s officers.

Only the data officer may permit specific KCIMESG volunteers to access personal data relevant to their roles. The data officer will provide an authorisation document to volunteers, which states what data they can access, and which they can use to prove they are authorised to access data.

For £5 per request, people may access copies of their personal data held by KCIMESG.


KCIMESG will not share personal data with other organisations.

KCIMESG may share anonymous feedback and statistical data with other organisations.


During the first month of each new membership year, KCIMESG will delete all data of people who have not renewed their memberships.

If people request that KCIMESG deletes their personal data, KCIMESG must inform them of the consequences of removing their data and ask them to confirm that they still want their personal data to be deleted. If they still want their personal data to be deleted, their personal data must be deleted within ten working days of the receipt of confirmation.

Last Updated