Modern Slavery statement

Grassroot for Good CIC work to ensure and these statements describe the steps taken to identify, redress and mitigate modern slavery and human trafficking in our own business and supply chain operations.

Grassroots for Good CIC continue to seek to collaborate with others to be as effective as we can in tackling all forms of human rights abuses including modern slavery and human trafficking. Our aim is to continuously improve our practices and impact over time.

Grassroots for Good CIC considers modern slavery and human trafficking extremely serious crimes, grave violations of human rights and contrary to the ethical standards and values we hold dear. As a charity that, as part of its wider objectives, fights for the protection and advancement of human rights in the UK, and around the world through our subsidiary partners, Hackney Wick FC, we have a zero tolerance approach to such abuses.

We are committed to preventing modern slavery in our organisation and ensuring that our supply chain is as equally free of both modern slavery and human trafficking (within the reasonable bounds of our influence and control to ensure compliance with the Act by our supply chain and / or assure ourselves of their compliance).

Grassroots for Good endeavours to raise awareness among all employees of the identification, prevention and eradication of modern slavery and human trafficking, and has policies and procedures in place to ensure that they can do so.

Data Protection policy

Grassroots for Good CIC ensure we are secure to safeguard your data

From 1 January 2021, the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018 became the UK law governing the processing of personal data.

The UK GDPR gives individuals more control and rights over the processing of their personal data. In addition, it introduces more accountability on data controllers like the University to demonstrate compliance with data protection law. At the company, we prepared for some time to ensure our systems and processes are compliant with UK GDPR.

Some of the highlights in UK GDPR are as follows:

All personal data must be processed lawfully, fairly and transparently. It must be collected for a specific and lawful purpose, limited to what is necessary to fulfil the purpose, kept accurate and for no longer in time than is necessary as well as processed in a secure way. The company must be able to demonstrate compliance with these principles.

Data subjects (e.g. staff members and students) must be provided with detailed information (usually through privacy notices) including an explanation as to the purpose and legal basis for processing.

Data subjects have increased rights in relation to the processing of their personal data. Some operate in only certain circumstances.

The rights include:

  • the right to access to their personal data (eg via a subject access request, free of charge to be dealt with within one month of request)

  • the right to rectification of inaccurate personal data

  • the right to data portability (ie made available in a portable format in order to move it from one controller to another)

  • the right to erasure (ie deletion of personal data)

  • the right to object to processing

  • the right to restrict processing and

  • rights in relation to automated decision-making, including profiling.

Greater safeguards exist when processing 'special category' personal data. This includes data relating to health, religion, race, sexual orientation, genetics and biometrics.

The Company must ensure data protection 'by design' and 'by default' which means it must ensure there are appropriate technical and organisational controls in place to process personal data securely.

It must also ensure that major projects and developments are subject, where appropriate, to Data Protection Impact Assessments (DPIAs).

Safeguards must be in place if personal data is to be transferred outside of the UK or European Economic Area