EAST ANGLIA LOTUS CLUB
Privacy Notice and Data Protection Policy
Commitment
The East Anglia Lotus Club is committed to ensuring that data is collected and used appropriately, fairly and lawfully.
What data is collected?
Personal data is collected from members of the Club. This may include, for example, name, address, telephone numbers, their car details, and email addresses and/or social media identification. Only data necessary for the Club’s activities is collected. Contact details are also collected from prospective new members who enquire about the Club, to enable information about the Club to be supplied to them. Full details are provided in the Privacy Policy which can be downloaded below.
How is personal data used?
Data is used for the management of the Club, organisation of events and activities and/or day to day contact as necessary. This includes communicating with members by post, telephone and email, and/or via social media regarding membership status, organisational issues, news and information about the Club, financial transactions with the Club, and promoting the Club activities. Personal data collected by the Club is not to be used for any other purpose.
Who has access to personal data?
Portions of data is shared among members of the Club for the purposes described above.
Personal data is not shared outside the Club except where necessary for the organisation of the Club's activities. For example, information may be used for transport arrangements for a field trip or for insurance purposes when required by an external event organiser or organisation. Data may also be disclosed when required by law, or if disclosure is necessary in an emergency situation. Full details are provided in the Privacy Policy which can be downloaded below.
How is data stored?
Master storage of all club data is centralised using Microsoft OneDrive Cloud storage and is only accessible by members of the committee, webmaster (limited access) and publications editor (limited access). Distributed copies of data will exist on those officials of the club
Is the data accurate and up-to-date?
Members are given the opportunity to check the accuracy of the information held about them and to provide updates. Access requests and updates should be sent to secretary@ealc.org.uk
For how long is data retained?
Personal data is kept for current members of the Club and may be retained beyond membership expiring. Data is deleted if it is out-of-date, or if an individual has withdrawn consent and there is no legitimate need to keep their data. Contact details for prospective new members are deleted if they fail to join the Club or if they confirm they do not give consent to their data being retained. Deletion means removal of records from the current data in use for the Club's activities. Records may still exist as part of archived data that is not available for use. Note that the holding of contact details by individuals for their own social and domestic purposes is outside the scope of this policy.
Who is the Data Controller?
The Club's Chair acts as data controller and is responsible for ensuring that queries and concerns about data protection are dealt with effectively and promptly. Members have the right to see data held about them and to object to how it is being used.
Contact chair@ealc.org.uk
What information does the Club distribute?
Website and Social Media: Personal data (for example, private contact details) are not displayed on the Club's website unless by specific consent. The website lists the names of the current Committee Members but does not show the full names of other members of the Club. The website includes photographs of members engaged in Club activities and events, but does not identify individuals. Member's cars (which may show registration numbers) are also included within the website. If any personally identifiable information is posted on social media, this should be done with appropriate privacy settings.
Have members given consent?
All members of the Club are made aware of this policy through the Club's terms and conditions of membership at the time of joining and/or renewal or acceptance of complimentary membership. Members consent to their acceptance of the Club's policy as a condition of joining it. If after becoming a Club Member they do not give consent for their personal data to be collected and used as described within the policy, such confirmation must be given in writing, either on paper, by email (to secretary@ealc.org.uk) and records of the non-consent will be retained. There are situations in which data may be used, without specific consent, to pursue legitimate interests of the Club in ways which might reasonably be expected. For example, using contact details when money is owed, or to provide information to prospective new members.
________________________________________________________
The EU's GDPR and the UK's UK GDPR (Data Protection Act 2018) share core principles but operate under separate laws post-Brexit, with the UK adopting the EU rules into its domestic law, ensuring largely similar data protection for residents.
| Attachment | Size |
|---|---|
| privacy.pdf | 198.03 KB |
