The choir’s Data Protection Policy can also be downloaded as an MS Word document HERE

GDPR Data Protection Policy

General

1.     This policy is designed to meet the requirements of the General Data Protection Regulations (GDPR) that are to come into effect on 25th May 2018.  Although those regulations are primarily aimed at large commercial concerns that handle very considerable volumes of personal data, the regulations do have direct impact on much smaller, membership organisations such as the Weybridge Male Voice Choir (the Choir). 

2.     The Executive Committee of the Choir is committed to safeguarding the privacy of its members. This policy sets out how your personal information will be treated. 

What is Personal Information?

3.     We (the Executive Committee) collect, store and use the personal information that you provide to us (normally on joining the Choir and thereafter, updated from time to time). This includes your name, address, telephone number(s) and email address.  We do not collect or store sensitive personal data such as information relating to bank details, health, beliefs, or political affiliation.

How Do We Use Your Personal Information?

4.     Your personal information may be used to:

  1. Enable you to utilise the Choir’s website and also to aid the website’s administration e.g. keeping it current.

  2. Send you notifications relevant to your membership of the Choir by email, surface mail or telephone.

  3. Contact you in connection with Choir events.

  4. Deal with any enquiries and/or complaints that you may have.

Legitimate Interests

5.     We will rely on a condition known as “legitimate interests” where we have identified a genuine and legitimate reason for contacting you.  It is important that you understand that it does not override your rights and interests.  It is in the Choir’s legitimate interests to collect your personal data as it provides us with the information needed to operate effectively.

 

 

Disclosures

6.     Except as provided for in this policy, we will not provide your information to third parties.

7.     We may disclose information about you:

  1. To the extent that we are required to do so by law; or

  2. Exceptionally, in connection with any legal proceedings, or prospective legal proceedings.

Security of Your Personal Information

8.     On the Choir’s host server, the transmission and storage of all the personal information you provide is encrypted and secured by industry standard SSL technology (evidenced by the “Secure” padlock that appears by the Choir’s site address in your browser).

9.     Your website login details and email address are stored on the website on initial enrolment.  Those details can be amended by you at any time (see paragraph 14 below).  The master Membership List, which also contains your postal address and telephone number(s), is maintained by the Data Controller.  The Membership List is available to members in the Members’ Area of the website and can be downloaded, but not amended, by members.  Members are notified whenever the Membership List is updated.

10.  You are responsible for keeping your Choir password and user details for the Choir’s website confidential and for having your personal email account password protected.

How Long Will We Keep Your Information For?

11.  We will retain information about you only for as long as you are a member of the Choir, unless, on your leaving, there is outstanding business between us and, even then, your personal information will be held only for as long as it takes to conclude that business.

Your Rights

12.  You have the right to:

  1. Ask to access the personal data that we hold about you in a structured, commonly used and machine-readable format.

  2. Make us correct, or erase, any inaccurate personal data we hold about you.

  3. Object to the use of your data in the ways described above.

  4. Withdraw your consent, if we are using your personal data based on that consent.

Queries and Complaints

13.  If you have any queries about this policy, or wish to exercise any of your rights, please contact the Data Controller (see paragraph 17 below).  If you have any concerns about the way we process your personal data, or are unhappy with the way we have handled a request by you in relation to your rights, you can make a complaint to the Information Commissioner’s Office at;

First Contact Team, Information Commissioner’s office, Wycliffe House, Water Lane, Wilmslow. SK9 5AF. 

Telephone 0303 123 1113.  Email: casework@ico.org.uk 

Updating Information

14.  The only personal data held on the website, which can be changed by the member concerned, are the member’s login details (user name and password) and email address.  This is done via the “Your User Profile” page on the Members’ Menu.  Changes to your personal information shown on the Membership List should be notified to the Data Controller by email or letter. Please ensure your information is kept up to date. 

Policy Amendments

15.  We may update this data protection (privacy) policy from time-to-time by posting an updated version on the Choir’s website. You will be notified if and when a change is made.

Third Party Websites

16.  The Choir’s website contains links to other websites. We are not responsible for their data protection policies or practices.

Data Controller

17.  The data controller responsible for information collected by the Choir is the Treasurer (email treasurer@weybridgemvc.org.uk ).