Co-operative Party Ltd (known as The Co-operative Party) is committed to protecting the privacy and security of your personal information.

This privacy notice describes how we collect and use personal information about you during and after your membership or contact with us, in accordance with the General Data Protection Regulation (GDPR).

It applies to current and former members of the Co-operative Party and to others who have agreed to receive information from the Co-operative Party (referred to below as ‘contacts’).

The Co-operative Party is a ‘data controller’. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.

This notice does not form part of any contract with you and we may update this notice at any time.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you know how and why we are using such information.

We will comply with data protection law. This says that the personal information we hold about you must be:

1. Used lawfully, fairly and in a transparent way.
2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
3. Relevant to the purposes we have told you about and limited only to those purposes.
4. Accurate and kept up to date.
5. Kept only as long as necessary for the purposes we have told you about.Kept securely.

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

There are “special categories” of more sensitive personal data that require a higher level of protection.

When you register on our website or subscribe to our emails, we ask you for contact information (such as your name and e-mail address), geographic information (such as your postcode), and other details about you and your interests.

For members of the Co-operative Party, we are also required under the Co-operative & Community Benefits Societies Act 2014 to register your:

• Postal address
• Date that you joined (and, if appropriate, left) the Co-operative Party

We may also ask for your bank account details to set up a Direct Debit, or a credit card or debit card number so that we can process membership fee payments and donations.

We may also collect, store and use the following “special categories” of more sensitive personal information:

• The co-operative(s) that you are a member of. We collect this information because membership of a co-operative as recognised by the NEC is a condition of Co-operative Party membership.
• At your option, information about your race, ethnicity, disability, age or gender, which will not be disclosed outside of the organisation without your consent. This is to help us to provide a better membership service to you.
• Information about criminal convictions and offences, if these may cause you to be in breach of the Rules of the Co-operative Party.

We collect personal information about you that is provided directly by you. We may sometimes collect additional information:

• if you interact with us on social media sites such as Facebook and Twitter
• that is in the public domain
• from sources including the Electoral Register, as provided to us as a Political Party registered under the Representation of the People Acts, the Political Parties Elections and Referendums Act, and connected legislation.

The Co-operative Party may also analyse a range of other information about you and the area in which you live, including the electoral register, publicly available data such as census information and election results, estimates and segmentations of personal information, information about whether our efforts to contact you in person or over the telephone have been successful, and survey data which you may have directly provided to us or a third party, from a diversity of other sources.

We analyse these data in a variety of ways, and combine them (sometimes referred to as ‘profiling’), to:

• understand what issues are most likely to be relevant to each elector and each area,
• decide to whom we should send our campaign materials and messages,
• choose which messages and content we put on the materials we send to you, or show you on social media,
• ensure that donations you make to us are lawful,
• allow us to estimate which way you might vote in elections and referendums, and how likely you are to vote at all,
• help us understand in which areas, at which times of day, and with which people we should focus our campaigning efforts, and
• inform the development of our policy position for future elections and referendums at every level.

If you fail to provide personal information

If you fail to provide certain information, we may not be able to process your membership application if the information we are requesting is required by legislation or to meet our membership conditions.

IP addresses and log file data

We collect data about the activity of visitors to our websites. This data is not used to identify you personally, but it gives us aggregate level information on user activity that helps us improve the functionality and experience of the website.

The data that is collected may include the date and time you visit the website, information on your location inferred from your IP address, and the content you view.

The Co-operative Party site does not automatically capture or store personal information, other than logging the user’s IP Address or the location of your computer or network on the Internet, for systems administration and troubleshooting purposes.

We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

• Where we need to perform a contract we have entered into with you e.g. to process your membership application
• Where we need to comply with a legal obligation, for example, to maintain our members’ register or to ensure that donations comply with legislation
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests for, example, to contact you about meetings or events, or to enable you to participate in candidate selections
• Where you have given a freely given, specific, informed and unambiguous consent to the processing of your personal information for one or more specific purposes e.g. to send you targeted information about campaigns on issues that you have expressed an interest in.

We may also use your personal information in the following situations, which are likely to be rare:

• Where we need to protect your interests (or someone else’s interests).
• Where it is needed in the public interest or for official purposes.

Site registration and email service

When you register onto the site or subscribe to our emails, we ask you for contact information (such as your name and e-mail address), geographic information (such as your postcode), and other details about you and your interests. This is used to help us provide you with information to match your interests. We may also use it to alert you to campaigns you may be interested in and events happening in your area.

Joining the Party and renewing your membership online

We collect the information we require to check that you meet the conditions of membership and to help you fulfill the opportunities provided by membership of the Co-operative Party.

The Co-operative Party and its elected representatives nationally and locally, may contact you using this information.

To help us to check that you maintain the conditions of membership and to help you fulfil the opportunities provided by membership of the Co-operative Party, we may also use any information which you have made public, caused others to make public or which is already in the public domain.

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

Donating to the Co-operative Party

The information we ask for is used to process your donation and, if you donate more than £500, we are legally required to check that you are on the electoral register. If you donate more than £1,500 to a local Co-operative Party or branch or more than £7,500 to the Co-operative Party nationally in a calendar year, your name and the amount of your donation will be reported to the Electoral Commission for publication on their public register of donations. Donation information will be stored in our membership database and used to keep you informed of Co-operative news, campaign and other opportunities to support the Party.

Social Media Sites

We may use your details to target advertisements and posts on social media sites. For more information or to opt out of these services please see Facebook Lookalike Audiences, Facebook Adverts, Twitter Adverts and LinkedIn Adverts.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

“Special categories” of particularly sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information.  We have in place an appropriate written policy document and safeguards which we are required by law to maintain when processing such data.

Our obligations

We will use your particularly sensitive personal information, if held, in the following ways:

• To comply with relevant legislation (i.e. your name and postal address)
• To comply with our membership conditions (i.e. your membership of a co-operative society, details of relevant criminal convictions)

Do we need your consent?

We may approach you for your written consent to allow us to process certain particularly sensitive personal data.  If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent.  You should be aware that, in accordance with our written policy document, there are circumstances permitted by law where we may use particularly sensitive personal data without your consent.

We may have to share your data with third parties, including third-party service providers.  We require third parties to respect the security of your data and to treat it in accordance with the law.  We may transfer your personal information outside the EU.  If we do, you can expect a similar degree of protection in respect of your personal information.

Why might we share your personal information with third parties?

We will share your personal information with third parties where required by law, where it is necessary to administer your membership or where we have another legitimate interest in doing so.

Which third-party service providers process your personal information?

‘Third parties’ includes third-party service providers (including contractors and designated agents). The following activities are carried out by third-party service providers:

• Membership payments and donations
• Postal mailings
• Emails

How secure is my information with the Co-operative Party and third-party service providers?

Everyone who has access to your personal information, including third-party service providers is required to take appropriate security measures to protect your information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

When might you share my personal information with other entities in the group?

We will share your personal information with other entities in our group as part of legitimate activities as a political Party and/or as a registered co-operative society.

What about other third parties?

We will not share your personal information with other third parties without your consent unless necessary to fulfil our legitimate interests or with a regulator or to otherwise comply with the law.

Transferring information outside the EU

We may transfer the personal information we collect about you outside the EU to enable us to fulfil our legitimate interests. There an adequacy decision by the European Commission in respect of those countries. This means that the countries to which we transfer your data are deemed to provide an adequate level of protection for your personal information.

Sharing data with the Labour Party

The Labour Party and Co-operative party’s rules allow appropriate information about disciplinary action taken against their members to be shared between the Parties, to the extent that it is relevant to the interests of either organisation. Such information will only be shared where it is necessary to do so in accordance with either of the Parties legitimate interests in enforcing their own membership rules and in protecting the interests of the Parties and their members.

We have put in place measures to protect the security of your information. Details of these measures are available on request from the Data Privacy Officer. 

Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Data Privacy Officer.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

How long will you use my information for? 

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal information are available in our retention policy, which is available from the Data Privacy Officer.  To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.  

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. We will retain and securely destroy your personal information in accordance with our data retention policy and/or applicable laws and regulations. 

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.

Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

• Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
• Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your that situation that makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
• Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
• Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact the Data Privacy Officer in writing.

No fee usually required

You will not normally have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee for administration costs or if your request for access is excessive or clearly unfounded Alternatively, we may refuse to comply with the request in such circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Unsubscribe from mailings

We provide you with the opportunity to opt-out of receiving communications from us easily and promptly. Our unsubscribe requests are processed weekly.

Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

If you are a member and wish to resign your membership, please contact us at membership@party.coop. If you decide you no longer wish to remain a member of the Party, you may still opt to receive information from us. Please let us know which information you wish to continue to receive.

The Co-operative Party does not knowingly process any personal details from individuals under the age of 14 without parent/guardian consent.  Details of under-18s are processed for membership purposes or for other purposes defined prior to the data being submitted. 

We may use cookies – including analytics cookies provided by companies such as Google – to tailor your experience on our site according to the preferences you have specified. However, we will only access the information that we stored in your cookie file. We will not access any information stored in a cookie placed by other websites. Our cookies do not contain personally identifiable information, other than your IP address, which itself is only very rarely enough to identify you as an individual. 

We have appointed a Data Privacy Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the Data Privacy Officer . You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. 

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.  

If you have any questions about our privacy policy, the information we have collected from you online, the practices of this site or your interaction with this website, please contact us by emailing membership@party.coop or phone 020 7367 4150. 

Our Data Privacy Officer can be contacted at the following address:
Data Privacy Officer
Co-operative Party
Unit 13, 83 Crampton Street
London
SE17 3BQ