Privacy Notice and Privacy Statement: General Data Protection Regulations 2018 [25th May 2018] – NWDAA Ref Number Policy 14

NWDAA introduction

This document sets out how NWDAA uses and protects any data information that you provide when applying for membership, and any data you provide will be used solely in accordance with this privacy statement.

We may update this policy from time to time by updating this page.

In applying for and becoming a member of the NWDAA we will collect certain data including your name, address, e mail address, telephone number[s], DOB, and occupation.

This information will be used for the legitimate interests of membership and association management purposes only, and be used for the communication of appropriate NWDAA circulars.

You may request details of personal information which we hold about you by contacting the membership secretary.

NWDAA do not hold or retain any Sensitive information, only information given during the application process or during discussions at meetings.

If you believe your data has been wrongly processed, stored or handled, you have the right to raise concern with the Information Commissioners Office (ICO)

Privacy Notice

  1. These Regulations come into force on 25th May 2018 and the club is the Data controller for the purposes of GDPR with the Club’s General Secretary being the main contact for the implementation of these regulations. The contact details for the Club General Secretary are available on the NWDAA website.

  2. We only process personal data necessary to administer our membership records and provide services and benefits to members as a recreational angling club.

  3. The extent of personal data handled by NWDAA is generally limited to Name, Age, Date of joining, Contact Address, Telephone Numbers and e mail address – where applicable.

  4. The vast majority of the data is retained and processed by the Membership Secretary who may have to circulate – eg Membership detail listings to other Trustees. Persons leaving the club will be taken off the Members listing and details archived. The membership secretary will send out updated listings as and when appropriate to other Trustees. This information regarding members will be safeguarded by all trustees by the use of Passwords on their own electronic devices and equipment, and hard copies will be under lock and key if stored in any areas that constitute a risk of access.

  5. Junior members contact details are not documented by NWDAA and the only reference to the Junior member is their Parent or Guardian.

  6. Each member has the following rights :

  • The right to see their personal data and be given a copy FOC

  • The right to erase their own personal data

  • The right to withdraw their consent to process their own data

  • The right to restrict any items of personal data from their records and/or cease processing it in a particular way

  • Personal data will be retained, and protected [under lock and key or electronic password] indefinitely as past membership details may be needed in the event of a re-submission for membership.

  • Website information will be archived every 3 years and again password protected or if in hard copy under lock and key by the NWDAA website controller.

  • If any member has concerns over the NWDAA GDPR processes that cannot be resolved by contacting the General Secretary then contact the ICO on www.ico.org.uk.

This listing explains in more detail how membership details are processed and used.

Info number

Type of information held

Where stored initially

Person in primary ‘control’

Access controls and comments

1

Member name and membership number

Membership information listings

Membership secretary

This info collected at the joining stage and records are retained indefinitely for NWDAA historical information purposes only. The membership listings contain all this information but is only communicated to other Trustees on a need to know basis and Trustees are entrusted not to disclose or circulate any information regarding members to anyone else other than the Trustees themselves. New Trustees will sign a confidentiality statement to that effect. The Membership Secretary has the key responsibility for assessing any risk with information circulated, and will keep a record of information given to others where any risk exists. IMPACT ASSESSED AS VERY LOW RISK

2

Member telephone numbers

Membership information listings

Membership secretary

3

Member e mail if applicable

Membership information listings

Membership secretary

4

Member postal address

Membership information listings

Membership secretary

5

Member joining date

Membership information listings

Membership secretary

6

Members age

Membership information listings

Membership secretary

7

Members details and members comments and uploads

On our password protected Website

Website Controller

This is monitored on at least a weekly basis and any information that is deemed inappropriate will be deleted. The website will be updated by removing past members’ details. Past members trying to post comments on the website will be denied access.

In general only 3 years history of website comments will be retained and the Website Controller will archive this historical information based upon importance and risk. This can be by hard copy or electronically. IMPACT ASSESSED AS VERY LOW RISK

8

Meeting minutes

Initially with the General Secretary

General secretary

This information is for Trustees only, particularly the TMMs and cannot be communicated to anyone else. However AGM and any SGM minutes will be read out at the appropriate meeting for approval or amendment. These will not contain any sensitive information and normally only contain names and membership numbers. IMPACT ASSESSED AS VERY LOW RISK

9.

E mail circulation

Membership secretary database

Membership secretary

To reduce paperwork and postage costs there are times when as many members as possible are sent information by e mail – all other members’ e mails will be hidden by using the Bcc facility. IMPACT ASSESSED AS VERY LOW RISK

Privacy Statement

  • Personal data will only be collected for the purpose of membership contact details so that members are communicated with on a need to know basis – eg the date and venue of AGMs or SGMs.

  • We will not supply your personal details to any person other than Trustees, without your prior permission.

  • DATA breaches

  • NWDAA have risk assessed all of the above listed data, and no areas of concern have been identified due to the controls in place.

We believe that the controls detailed in this document, will ensure that personal and sensitive information on individuals is not misused resulting in the GDPR regs being breached. However, if there are any concerns that data has been misused i.e. information that is not specifically required for the controls and administration of the of NWDAA then it must be reported immediately to the General Secretary for progression .The General secretary will assess the risk and discuss with the Trustees before deciding on a course of action if deemed necessary. This may involve contacting the ICO [Information Commissioner’s Office]. This would only be required if one of the following has occurred:

  • Discrimination

  • Damage to reputation

  • Financial loss

  • Loss of confidentiality

  • Any other significant economic or social disadvantage.

We as an Organisation will communicate with all individuals directly involved where this has occurred.

--------------------------------------------------------------------------------------------------------------

This Policy has been approved following the June 2018 members’ details survey and resulting questionnaire returns in addition to follow up conversations with members who had not completed the appropriate section of the return. There were no members who we made contact with that were against the contents of this Policy. This now an approved document . R Bainbridge 30.12.2018