From 1 April 2026, Taff Rocks and Smyrna will be trialling a new electronic visitor log system. During this initial trial period, visitors will be required to sign in and out by scanning a QR code. Should the trial indicate that dedicated hardware is necessary, this will be considered for future implementation.
Data Collection
The following information will be collected:
Name* (required): This is essential for fire safety and security purposes during your visit.
Organisation (optional): This information supports audit and reporting requirements.
Data Retention
Visitor names will be retained until the first working day of the following month. At that point, the data will be aggregated for reporting purposes and subsequently deleted. Organisation names may be retained on an ongoing basis for audit and statistical use.
Use of Information
On the day of your visit, Taff Rocks staff will use the information provided for fire safety and security purposes.
Beyond this, collected data, excluding names, will be used solely for the generation of statistical reports.
Purpose of Data Collection
Accurate data is essential within the third sector. Funding bodies require clear evidence of impact, and reliable statistics provide objective, widely recognised support for grant applications. This enables us to demonstrate that our work is evidence-based and effective, rather than anecdotal.
The data collected will help us evidence our value to donors, stakeholders, and the wider public, which is critical to maintaining ongoing support. Strong statistical reporting also enables small, grassroots organisations such as ours to demonstrate relevance, impact, and accountability, while contributing to greater trust in the sector overall.
By using this data, we can ensure transparency and accountability in relation to both the funding we receive and the services we deliver.
* We recognise that some individuals accessing Taff Rocks and Smyrna services may require additional privacy and confidentiality. If you have concerns about providing your name, you may use an alternative name that you can personally identify with, including for any children or infants accompanying you.
The name and contact details of our organisation. Taff Rocks, Smyrna, Aberfan Road, Aberfan, Merthyr Tydfil CF48 4QN
The name and contact details of our representative. The Chair of the Taff Rocks Board of Trustees at the above address.
Taff Rocks is registered with the Information Commissioner's Office: Registration reference: ZB868354
Our host's GDPR and general data security information.
Where is visitor data hosted? The Sign In App is a cloud based service hosted in Tier 4 data centres. We selected UK (London). All visitor data and backups are stored and replicated within the region we selected. The data centres employ physical security and environmental controls to secure our infrastructure from physical threat or impact. Each site is staffed 24/7/365 with on-site physical security to protect against unauthorised entry.
How long is the data retained for? We control how long your visitor and staff sign in history is retained for. Please see above information
Is the data encrypted? All data is encrypted at rest and in transit over TLS 1.2. All backups are encrypted.
What happens to data in the event of a disaster? During any disruption to the Sign In App service, the app will continue to operate in offline mode. The service will notify us within one hour if an extended period of disruption is expected. All data is backed up and their disaster recovery procedures are outlined as part of their ISO27001 certification.
What does ISO27001 certification mean? ISO 27001 is a specification for an information security management system (ISMS) as defined by the International Organization for Standardization (ISO). It’s a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes. Simply put, it ensures that an organisation strictly controls all aspects of information security. Sign In App Ltd is ISO27001 certified with certificate number 122520.
How is our service provider GDPR compliant? Sign In App acts as our data processor for visitor data. Their responsibilities include ensuring our data is secure, providing transparency around where the data is stored and providing features to allow us to control our data in line with your GDPR policies. Ethical data protection has always been a key part of Sign In App and the GDPR has only strengthened this since coming into force. With Sign In App we set your own data retention rules, customise the data collected for each visitor type and present policies and opt-in options to visitors. You can also rest assured that our visitor data stays in the region we chose.
They also have an IASME certificate of assurance issued to us for GDPR compliance. This is attained following a self-assessment against the IASME governance standards which are verified by IASME.
Smyrna Chapel Community Hall,
Aberfan Road, Aberfan,
Merthyr Tydfil CF48 4QN
© Taff Rocks - All Rights Reserved
Taff Rocks logos © 2018 - 2026 Nicola Hill & AJH. All rights reserved.
Best AI Website Maker