Data Protection Privacy Policy
Strensall Local History Group
General Data Protection Regulations - Privacy Policy
About this policy - This policy explains when and why we, Strensall Local History Group, collect personal information about our members and how we use it; keep it secure and club member’s rights in relation to it. This includes visitors and guests. We will collect, use and store personal data, as described in this Data Protection Policy when people engage in activities at the club. Normally this will be through membership.
We reserve the right to amend this Data Protection Policy from time to, in this event the membership will be advised by newsletter and through our website.
We will always comply with the General Data Protection Regulation (GDPR) when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner (www.ico.gov.uk).
Responsible person - For the purposes of the GDPR, The Club Membership Secretary will be the “controller” of all personal data we hold about club members and others. The Committee is responsible for making sure the club complies with the General Data Protection Regulation (GDPR) which applies from 25 May 2018. We will review personal data every 2 years to establish whether we are still entitled to process it or not.
Member’s rights - You have rights under the GDPR:
For more details, please address any questions, comments and requests regarding our data processing practices to any committee member for referral to the Membership Secretary at our meetings or by email to [email protected].
Specific use and sharing of personal information - In general your personal data will only be used for the purposes of membership management (renewals etc.) and your email and telephone numbers may be used to communication with you on Group News and Events. Your personal data will not be passed to anyone else outside the club and your email will only be given to someone outside the club with your permission.
The Lawful reasons for processing your data - We have two lawful reasons for processing your data, which are:
(a) Processing of your data is necessary for the administration of your membership.
(b) You have given consent to the processing of your data by signing our privacy statement for the specific
purposes set out in this policy.
Data processed with your consent - The Group will seek consent in the application form before processing any information as outlined below.
How we protect your personal data - The Data Controller will process membership information electronically and hold all information on a database on a secure computer. A backup of this information will be held on the Group Secretary’s secure computer. Paper copes of data will be held at The Secretary’s house and secured by lock and key If it is necessary to transport data it will be kept secure.
For any on-line payments which we take from members we will use a recognised online secure payment system.
In the unlikely event of a breach of the security of data we will notify members promptly and we will never sell or pass on your personal data.
Request to see your personal information - If you wish to know what personal data the club holds please contact the Secretary either personally or via email at [email protected] and he/she will respond within 14 days of the request (depending on availability).
Accuracy and retention of data - Each individual member is responsible for keeping the Membership Secretary informed of changes to their data (e.g. address/telephone number etc. and this is updated at least once a year at renewal and you are at that time authorising the group to hold such data on file). The Membership Secretary can be accessed at group meetings or by email at [email protected]. The data will be normally be kept for up to 2 years.
JN/14-8-18.
General Data Protection Regulations - Privacy Policy
About this policy - This policy explains when and why we, Strensall Local History Group, collect personal information about our members and how we use it; keep it secure and club member’s rights in relation to it. This includes visitors and guests. We will collect, use and store personal data, as described in this Data Protection Policy when people engage in activities at the club. Normally this will be through membership.
We reserve the right to amend this Data Protection Policy from time to, in this event the membership will be advised by newsletter and through our website.
We will always comply with the General Data Protection Regulation (GDPR) when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner (www.ico.gov.uk).
Responsible person - For the purposes of the GDPR, The Club Membership Secretary will be the “controller” of all personal data we hold about club members and others. The Committee is responsible for making sure the club complies with the General Data Protection Regulation (GDPR) which applies from 25 May 2018. We will review personal data every 2 years to establish whether we are still entitled to process it or not.
Member’s rights - You have rights under the GDPR:
- To access your personal data
- To be provided with information about how your personal data is processed
- To have your personal data corrected
- To have your personal data erased.
- To object to or restrict how your personal data is processed.
For more details, please address any questions, comments and requests regarding our data processing practices to any committee member for referral to the Membership Secretary at our meetings or by email to [email protected].
Specific use and sharing of personal information - In general your personal data will only be used for the purposes of membership management (renewals etc.) and your email and telephone numbers may be used to communication with you on Group News and Events. Your personal data will not be passed to anyone else outside the club and your email will only be given to someone outside the club with your permission.
The Lawful reasons for processing your data - We have two lawful reasons for processing your data, which are:
(a) Processing of your data is necessary for the administration of your membership.
(b) You have given consent to the processing of your data by signing our privacy statement for the specific
purposes set out in this policy.
Data processed with your consent - The Group will seek consent in the application form before processing any information as outlined below.
How we protect your personal data - The Data Controller will process membership information electronically and hold all information on a database on a secure computer. A backup of this information will be held on the Group Secretary’s secure computer. Paper copes of data will be held at The Secretary’s house and secured by lock and key If it is necessary to transport data it will be kept secure.
For any on-line payments which we take from members we will use a recognised online secure payment system.
In the unlikely event of a breach of the security of data we will notify members promptly and we will never sell or pass on your personal data.
Request to see your personal information - If you wish to know what personal data the club holds please contact the Secretary either personally or via email at [email protected] and he/she will respond within 14 days of the request (depending on availability).
Accuracy and retention of data - Each individual member is responsible for keeping the Membership Secretary informed of changes to their data (e.g. address/telephone number etc. and this is updated at least once a year at renewal and you are at that time authorising the group to hold such data on file). The Membership Secretary can be accessed at group meetings or by email at [email protected]. The data will be normally be kept for up to 2 years.
JN/14-8-18.