SBADS Privacy Policy
SBADS Privacy Policy
At SBADS, we take your privacy seriously and will only use your personal information to keep in touch with you, and other members, through emails and newsletters and to record your subscriptions to the Society. The law on data privacy is changing and from 25 May 2018 the UK will enact the EU General Data Protection Regulations (GDPR) which places a greater burden on organisations which gather and hold your personal data and which more accurately details your rights (see the second page of this policy for those rights and how they relate to SBADS).
We will not share this information with anyone who is not a member of SBADS for any purpose. If we receive a request for your data from any external organisation or individual, we will refuse, but if we feel the request has merit we will contact you with the request and invite you to contact them directly if you desire.
Information we hold. We will keep no more information than that which you have shared with us and at most that will be the following:
- Your name;
- Your age if under 18 (necessary to comply with child protection and other legislation);
- Your address;
- Your home telephone number;
- Your mobile telephone number;
- Your email address(es).
SBADS will hold your data to pursue our legitimate interests in keeping you in touch with SBADS, advising you of events and collecting subscriptions. These details are kept securely by the Treasurer both as hard and soft copies as password-protected files. They will be available to other members of the committee to the minimum required in pursuit of their duties.
Website Cookies: SBADS does not use cookies on its website; we retain no record of your visits. You should be aware, however, that your web browser or search engine may track your visit to our website and hold data relating to your visit over which we have no control. We advise you to become knowledgeable about the behaviour of the systems you use to access the web and use your privacy controls to best reflect your wishes.
MailChimp
SBADS occasionally uses the MailChimp service to send emails to all our volunteers, members and clients; without it every email would have to be sent at least three times to reach you all owing to address caps on email. To make this work we hold your email address (but no other information) on the MailChimp servers. MailChimp is fully GDPR compliant and you can find their privacy policy here.
Your Rights Under the GDPR
As a not-for-profit organisation we will remain unregistered with the Information Commissioner’s Office, but we will remain compliant with the General Data Processing Regulation (GDPR) which come into force in May 2018. As such you, as the “data subject” within the regulations have eight rights, the first seven of which have applicability to SBADS.
It should be noted that, in common with most legislation, there is considerable detail in the rights and if you plan to exercise one of them (particularly those marked *) it would be good to have a look at the full details at this link. In all circumstances we will do our best to assist you in exercising your rights or suggesting an independent adviser in the unlikely event of any conflict.
| Your right | How you exercise it with SBADS |
|---|---|
| The right to be informed | through this privacy policy |
| The right of access | simply send us an email, phone or write to us to ask what we hold |
| The right to rectification | having seen what we hold, you can tell us to change it if it is wrong* |
| The right to erasure | in certain circumstances * you can ask us to erase the data we hold at any time; your data will also be erased within two months after you leave SBADS for any reason |
| The right to object if for any reason you feel the data we hold is causing you concern | although that is unlikely given that we only hold the above data - you can object* to us, and if you are still not happy, to the Information Commissioner |
| The right to restrict processing | we only process your data internally for your benefit as a member; you can at any time ask us about this and if you desire, restrict what we do* |
| The right to data portability | Although we have no direct equivalence in other organisations we cannot rule out there may be a need for us to transfer your data (at your request)* to a similar organisation. |
The right which doesn’t apply to SBADS:
| Right which doesn’t apply | Why it doesn’t apply |
|---|---|
| Rights in relation to automated decision making and profiling | we do not conduct these activities |
If you have any questions relating to the way we hold and protect your data, then please get in touch.
For further detailed information on the new rules concerning Data Protection please refer to the Information Commissioner’s Office website