Fare City Data Protection Statement
This Data Protection statement describes how and why Fare City CIC (“we”, “us” or “our”) collects and uses data from activities, when you interact with us. It also explains the policies and procedures on how we will store, handle and keep data safe and the disclosure of your personal information.
Fare City is a city transport think tank and social enterprise dedicated to the co-creation of fairer cities and is committed to delivering social value to our stakeholders. In working to achieve these aims we collect and use data about individuals. We at Fare City take this data very seriously and understand the need for it to be handled safely and with respect.
This is why we review our activities in this area on a regular basis and update the policy as necessary. We’ll notify you of any significant changes, or you can visit this statement to see our policy at any time.
This policy has been created to ensure that Fare City demonstrates that data processing is performed in accordance with relevant laws and regulation and that our stakeholders and staff understand the organisation’s commitment to General Data Protection Regulation (GDPR) obligations and highlight our commitment to data protection.
Please contact us if you have any questions about our Data Protection Policy, if you want to make a request to exercise any of your rights, or would like to submit a complaint. You can contact us by email at firstname.lastname@example.org or at our postal address: Fare City, 2nd Floor Regis House, 45 King William Street, London, EC4R 9AN.
Fare City is committed to the principles of UK GDPR as both a “data controller” and “data processor”:
- Lawfulness, fairness and transparency – we ensure that all data in relation to individuals is processed lawfully, fairly and transparently by adhering to the policies outlined below.
- Purpose limitation – we ensure that we only collect data for specific and legitimate reasons.
- Data minimisation – we collect and store data that is limited to what is necessary in relation to the purposes they are processed.
- Accuracy – we place great importance on accuracy of data, ensuring personal data is accurate and ensuring processes are in place to rectify or erase any data that is not.
- Storage limitation – we only keep data in a form that permits identification of data subjects for no longer than necessary.
- Integrity and confidentiality (security) – we process in a manner that ensures high levels of security of personal data and protects against unlawful processing, loss, destruction or damage.
- Accountability – we understand and acknowledge that as a controller we are responsible for and demonstrating compliance with the first 6 principles through this policy document and its updating.
The policies and practises below further outline how Fare City ensures these principles are enshrined in the work we do.
When do we collect your data?
Below we have outlined the instances when we will collect data:
- When conducting research we collect data from stakeholders and participants (including but not limited to: industry professionals – public, private and non-governmental; members of the public and organisations).
- We keep contact details and related information of organisations and individuals who have expressed an interest in our research findings and work, and that have contacted us.
- We also maintain contacts of organisations who may in the future want to work with Fare City but only use publicly available information.
- We keep contact details and relation information on individuals and organisations who have either worked with us, supported us or funded us in the past – to ensure we can contact them, pay and invoice them.
- We also keep publicly available details of organisations and individuals who work for organisations that may be interested in working with Fare City in the future.
- If you have signed up to be a Fare City Patron, we will only keep contact details and other required information to service the programme and to contact you as a Patron.
- If you are a Fare City Partner we will only keep contact details and other required information to service the programme and to contact you as a Partner.
- We maintain administrative records of current and former staff.
What sort of data do we collect?
- We collect publicly available contact information on individuals that work at organisations that may be interested in working with Fare City in the future.
- When we are contacted we may collect your email address and given name and use it to respond and/or to send follow up information.
- When conducting research we may collect contact and personal data, however we will ensure that all data is anonymised or pseudonymised where required.
How and why do we use your information?
- Contact information provided to us may be used to communicate with you about our services and information relevant to the reason you supplied the information.
- Publicly available contact information will be used to contact individuals that work at organisations that may want to work with Fare City in the future.
- Information collected from stakeholders when conducting research will be anonymised unless otherwise stated at the point of collection and used to support the research project it has been collected for.
How do we ensure data is kept securely?
- We keep your information secure by maintaining high levels of security through a range of data security protocols, with all personal data stored in password secure databases.
- Whenever we collect or process your personal data, we willl only keep it for as long as is necessary for the purpose for which it was collected. We will tell you how long this is, when we initially collect your information.
- If we are required to collect any special categories of personal data we will ensure that it is anonymised.
- We will only record information that is strictly necessary for the purposes for which data is collected.
- We will keep all staff records secure and separate from shared organisational files, so contractual information and performance information is only accessible to senior management.
- We will only share your data with third parties with your permission and we will only share your date with third parties we are working alongside with your permission and only if absolutely essential
- When working with other organisations we will have agreements in place to ensure they are also GDPR compliant in how they manage your data.
- Make available all data we hold about an individual to the individual when requested.
- Make it easy to opt out of our communications, including newsletter subscription, events invitations and requests for funding or partnership.
What are your rights?
- You have the right to request a copy of the information that we hold about you. If you would like a copy of some, or all, of your personal information, please get in contact.
- We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
- You may ask Fare City to limit the use of, stop using, or completely erase the personal data that we hold.
To exercise any of your rights, please get in touch using the contact details at the top of this statement.
You can find out more about your rights on the ICO website here: