Legal

Disclosure: Ear-Buddy! operates as a space for people to connect, play games & develop new friendships and to assist in the fight against chronic loneliness epidemic the nation is currently experiencing whilst also helping to assist people who feeling socially isolated.

Ear-Buddy! does not nor will be a platform for depression although we are fully aware loneliness can play its part in depression. In our development we have hopes to become a signpost to leading charities or organisations.

If you are feeling unwell, please seek urgent help from your GP. If you are not feeling safe, please contact Samaritans (116 123)

House Rules.

  1.  Please do not share any personal information such as:
    • Home address.
    • Contact details.
    • Any financial information such as bank details.
  2.   Always show respect.
    • No Racism.
    • No Homophobia, transphobic comments.
    • No Hate speech.
    • No cyberbullying.
    • No Abusive language.
  • No sexually explicit or suggestive language.
  • Never verbally attack, provoke nor incite others.
  • Never use language which is likely to cause offence.
  • Never upload explicit or indecent profile pictures. Through development Ear-Buddy! will be implementing a flagging system which will highlight any untoward activity which can be reported and acted upon accordingly. Privacy & Data Notice. When you register with Ear-Buddy! Ear-Buddy! will need to collect and store a brief amount data, such as:
  • Name.
  • Age.
  • Email address.
  • Phone number.
  • Nationality.
  • Certain hobbies & interest to allow us to create Ear-Buddy! Matches.
  • Favourite topics of conversations. *Upon registration we have asked 5 questions, these questions are to help us to create a better experience and are subject to change or be updated within the Ear-Buddy! application. Q1) Do you consider yourself an introvert or extrovert? (please select)
    Q2) Are you:- Employed- Unemployed- Disabled or Retired. (please select) Q3) Are you political? Yes-No. (please select)
    Q4) Do you mind swearing? Yes or No. (please select)
    Q5) Do you drink alcohol? Yes or No. (please select) These questions we feel will give people who join our community a better match and interactive experience. Upon registration you have given permission for Ear-Buddy! to hold store and use this data for matching purposes. Special Category Data Approved • Express consent under the GDPR is generally needed from the individual concerned before collecting and processing what is known as “special category data” unless another special justification applies. Most importantly for Ear-Buddy! ltd this includes health data, such as information on the amount of time a person is using Ear-Buddy!, as well as other matters such as race, religion, ethnic origin, politics, trade union membership, genetics, biometrics, sex life and sexual orientation. • Ear-Buddy! ltd will frequently need to obtain and record information about a person’s health to provide services or deal appropriately with a volunteer or other individual or evaluate its

activities but will obtain and record consent before doing so except in the limited circumstances mentioned below.

Ear-Buddy! ltd will not retain health or other special category data in a form which can be linked to an individual unless it obtains that individual’s consent, or the circumstances below apply, but may retain special category data in a fully anonymized form.

• Consent is not required if:

A. the individual concerned has manifestly made the special category data public themselves; or

B. the information is needed to carry out the obligations or exercise the rights of Bipolar UK or the data subject in the field of employment or social protection; or

C. the data subject is physically or legally incapable of giving consent and the information is needed to protect someone’s life. If a staff member or volunteer considers there to be a life- threatening situation of this kind, it is the policy of Ear-Buddy! ltd that priority should be given to protecting life. There are certain other grounds for processing special category data without consent and we are considering these further. However, they are less clear, and it is not the policy of Ear-Buddy! ltd to use them.

PECR • Consent under the PECR is needed from the individual before making an unsolicited communication by:

o Vocalconversations
o Textmessageconversations.Ear-Buddy!ltdwillensurethatwhenitasksfor

consent to data processing or communications the request is
o clearandnotmixedupwithothermatters.
o notmadeaconditionforprovidingaservice
o explainswhythedataiswantedandwhatitwillbeusedfor.
o disclosesanythirdpartieswhowillrelyontheconsent.
o explainsthatindividualscanwithdrawconsentatanytime,and o thatEar-Buddy!ltdkeepsappropriaterecordsofconsentsgiven.

Information for data subjects

Individuals must be given information about Ear-Buddy’s! data collection and processing and the reasons for it and about their rights both before information is collected from them and on an ongoing basis. Ear-Buddy! provides this information through the privacy policy information notice on its website and will refer people to this notice as part of the explanation given to them whenever data is collected, or queries raised.

Gathering and checking information

Before personal information is obtained, we will consider what details are necessary for the intended purpose, that the purpose is legitimate, whether there is a more limited and less intrusive way to fulfil the purpose, whether anyone could be harmed by the data processing and how long we are likely to need the information. If a new category of data is being collected, personal data is being used for new purposes, or there are other changes to data collection and processing, your line manager must be consulted in advance to make sure that the appropriate legitimate interest assessment and disclosures are made, including any appropriate changes to the website privacy information notice.

Data security

Ear-Buddy! lts will take steps to ensure that personal data is kept secure at all times against unauthorised or unlawful loss, disclosure or damage. The measures taken include but are not limited to:

• Secured offices using lockable cabinets (restricted access to keys) • Clear desk policy and out of hours review

• Computer systems established to allow restricted access to files • Password protection on personal information files
• Remote and secure back up of data held on computers

• Limited sharing of personal data externally and password protection of email attachments containing personal data

• Staff are only allowed to access personal data outside the office via Remote Desktop access and are not permitted to store personal data locally on Ear-Buddy! or send it to or store it on personal devices

• External data storage (e.g. memory sticks) must not be used for any personal data. If it is essential to use external data storage, rather than Remote Desktop access, for other Ear-Buddy! ltd material (e.g. for an external presentation which does not include personal data) clearance should be obtained from the Finance Manager or CEO and encryption or password protection should be used.

• Staff are not permitted to use personal e-mail accounts to send and receive Ear-Buddy! emails.

• Staff are not permitted to share their login passwords to circumvent access restrictions.
• User of Ear-Buddy! are required to change their login passwords at least every six months.

Data breach

Any breach of data security or other breach of this policy must be reported immediately to The Finance Manager so that they can assess whether a report should be made to the Information Commissioner and what other action should be taken. Reports to the Information Commissioner must be made within 72 hours.

Third parties

If Ear-Buddy! ltd uses a third party to collect or process personal data for it or otherwise works with third parties to control, collect or process personal data it will ensure that appropriate contracts are in place covering data protection responsibilities in accordance with the legislation.

Responsibilities

Ear-Buddy! is registered as a data controller on the public register maintained by the Information Commissioner. The notification is renewed annually, and any interim changes are notified to the Information Commissioner within 28 days. Overall responsibility for the protection of personal data by Ear-Buddy! rests with its governing body, the Board of Trustees. The Chief Executive has overall delegated responsibility for data protection and this policy, and the Finance Manager has day to day responsibility. All staff, volunteers and trustees who process personal information must ensure that they understand and act in accordance with this policy and the requirements of the data protection legislation. Failure to do so can lead to disciplinary action by Ear-Buddy! ltd and breach of the legislation is also a criminal offence for which individuals can be liable.