Skip to Content

Area Meetings and the ICO

Home » Resources » Running a Quaker meeting » Resources for meetings » Data safety » Area Meetings and the ICO
Related pages: Area meetings, Data safety

 

Area meetings which have registered with the Charity Commission need to make their own arrangements to comply with the Data Protection Act for themselves and their constituent Local meetings.

All other Area and Local Quaker meetings are included in the Britain Yearly Meeting notification with the Information Commissioner's Office (ICO).

Area Meetings which are not independent charities

Area meetings and their constituent Local meetings have been covered by the Britain Yearly Meeting notification with the Information Commissioner's Office (ICO) and this continues unless the Area meeting  registers as an independent charity. If the trustees of any Area meeting wish to, they can make a separate voluntary registration with the ICO. This is unlikely to be necessary unless the Area meeting has particular data processing purposes outside those notified to the ICO by Britain Yearly Meeting. 

The details of the data classes of personal information notified to the ICO by Britain Yearly Meeting can be viewed by typing "Britain Yearly Meeting" into the "Name" field on the ICO's Search the register [new window] page and pressing the "Search Register" button. An individual Area Meeting may not need as many data classes as Britain Yearly Meeting.

Area Meetings which are independent charities  

Area Meetings which are independent charities are responsible for their own data protection. The responsibilities are set out in the Data Protection Act and helpful information is available online from the Information Commissioner's Office (ICO) or by phone from their helpline on 08456 30 60 60 or 01625 54 57 45. The helpline is open from 9am to 5pm, Monday to Friday.

Friends House are also able to offer general advice - please contact either Peter Sender (peters@quaker.org.uk) or Helen Griffith (heleng@quaker.org.uk).

Notification

The Information Commissioner's Office requires all organisations that process personal information to notify them so that they can be included in the ICO's register, which currently costs from £35 per year. The main purpose of notification and the public register is transparency and openness. It is a basic principle of data protection that the public should know (or be able to find out) who is processing personal data, plus other details about the processing (such as why it is being carried out).  Area meetings wishing to notify the ICO may wish to look at this guidance.

Exemption from notification 

All Quaker meetings are subject to the Data Protection Act, but there is an exemption from notification available for not-for-profit organisations which may apply to some Area meetings. This exemption is only available if certain conditions [PDF 35kb - new window] are met and it is open to an organisation to notify voluntarily, even if they qualify for an exemption. The exemption applies to the process of notification, the provisions of the Data Protection Act still apply to the data processed by the organisation. Exempt organisations will not appear on the public register.

The ICO publish a self assessment guide to Notification Exemptions [364kb - new window] which contains the following information:

"As a not-for-profit organisation is all of your processing covered by the following descriptions?

  • Your processing is only for the purposes of establishing or maintaining membership or support for a body or association not established or conducted for profit, or providing or administering activities for individuals who are either members of the body or association or have regular contact with it.
  • Your data subjects are restricted to the processing of those for whom personal information is necessary for this exempt purpose.
  • Your data classes are restricted to personal information that is necessary for this exempt purpose.
  • Your disclosures other than those made with the consent of the data subject are restricted to those third parties that are necessary for this exempt purpose.
  • The personal information is not kept after the relationship between you and the data subject ends, unless (and for so long as) it is necessary to do so for the exempt purpose."

The description given above restricts the information kept about individuals and the classes of data, to the purposes of establishing or maintaining membership or support or providing or administering activities for individuals who are either members of the body or association or have regular contact with it.

Some Area meetings have activities which involve individuals who are not members or in regular contact with the meeting but who the meeting might need to keep details on, for example they might support individuals overseas and keep information on the grants given, take one-off lettings for rooms in their meeting house or might run, manage or support community projects.

Some Area meetings might have a security camera which captures images of individuals who are not in regular contact with the meeting.

If circumstances like these apply, the meeting might not qualify for the exemption. The determination of when the line is crossed for a particular Area meeting is quite complex and beyond the scope of the Staff Data Protection Committee at Friends House to advise on. We have not taken legal advice on the examples suggested above. The determination will be different for each Area Meeting and they will need to decide whether to notify voluntarily (and meet the £35 annual cost) or to satisfy themselves that they and their constituent Local meetings qualify for the exemption.

The ICO has published additional guidance [PDF 35kb - new window] on exemption which concludes "It is important to be aware that when an organisation relies on an exemption from notification, they still must comply with the eight data protection principles of good practice. They are still obliged to respond in 21 days to a written request to provide the information that would have been included in the public register if they had notified."

It is open to each Area meeting to voluntarily notify the ICO so that they will be included on the public register of data controllers. Equally, Area meetings can choose to exercise their right to remain exempt from notification as long as they remain within the conditions for exemption. It is also important for Area meetings to ensure that Local meetings and individual Quakers are clear that in both cases their handling of personal information is covered by the Data Protection Act and that their Area Meeting's exemption from notification does not give an exemption from following the principles [new window] of the Act.

Further advice for Quaker meetings on data protection is available in Data Safety and Information Security Guidance Notes for Meetings (updated in November 2008) [PDF: 114kb - new window]

How to notify

If your Area meeting decides to notify the ICO, you may wish to look at our advice page about the notification process.