Rotary Club of Gloucester Severn Privacy Notice
Rotary Club of Gloucester Severn
Members’ Privacy Notice
Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”).
Who are we?
We are the Rotary Club of Gloucester Severn (“RCGS”) and we are a data controller as defined by the GDPR. This means that we decide how your personal data is processed and for what purposes.
We also act as a data processor for Rotary International in Great Britain and Ireland (“RIBI”). RIBI has issued its own Privacy Notice (“RIBI Notice”) and, as a data processor, RCGS is bound by the provisions of the RIBI Notice, a copy of which may be viewed at:
https://www.rotarygbi.org/privacy-policy
Consent
We have determined that your consent is required to our holding and processing your personal data in order to comply with the provisions of Article 6 of the GDPR.
What personal information we collect and how we use it
We will only ever capture and retain the minimum amount of information that we need to in relation to your membership, donation or services we provide to you and we promise to keep your information secure.
The personal data we will usually collect is:
- your name;
- your contact details;
- your date of birth; and
- your bank details.
Where it is appropriate, we may also ask for additional information.
How we will use your personal data
RCGS complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for the following purposes:
- administrating your membership or donation(s), including processing Gift Aid;
- communicating organisational messages and information to you by email, telephone or post; and
· processing refunds of any monies due to you by direct transfer from our bank account.
Sensitive information
We do not collect any personal information on members classified as ‘sensitive’ under the GDPR.
Data Sharing
In the course of our legitimate activities, there may be a need for us to share, or give access to, your personal data to third parties that provide us with services or host our applications/software that you may access, for instance:
· our bank or banks so that they can process any monies due to you;
· HMRC - to enable us to process Gift Aid claims; and
· RIBI – you should refer to the RIBI Notice for full details of how RIBI may share your data.
Sharing with Third Parties
We will never commercially sell your personal data to anyone else.
We will only ever share your personal data in other circumstances, not listed above, if we have your explicit and informed consent at the time of collection. However, we may need to disclose your details if required to the police, other agencies, for example HMRC, regulatory bodies or our legal advisors.
How we keep your information safe and who has access to it
The majority of RCGS’s records are stored on the personal computers of the President, Secretary, General Treasurer and Charity Treasurer (collectively the “Officers”) and all sensitive files are password protected. Each Officer has his own passwords and these are not shared with other Officers or with third parties. To the extent that external backup systems are used, these are also password protected. Paper files are kept at the homes of the Officers.
In addition, data processed by RCGS on behalf of RIBI is passed to and held on the RIBI database. The protection of such data is governed by the provisions of the RIBI Notice.
How long we retain your information and how we keep it up to date
We will only keep your information for as long as we need it to assist you with your enquiry, process your membership, donation, event registration or other services associated to your Rotary membership. There are statutory timescales on how long we should keep your information, for example, Gift Aid transactions must be retained indefinitely, financial records must be kept for 7 years and information associated with Health & Safety has to be retained for three years after an event. We shall delete your information according to these statutory limits, or according to guidance issued by the Information Commissioner.
Individual members are responsible for keeping their own personal data up to date and have access to the RIBI Data Management System (“DMS”) or My Rotary on the RIBI website for this purpose. In addition, where necessary, we will keep your information accurate and up-to-date.
Members are also responsible for advising the General Treasurer if they change their banking details and RCGS can accept no liability for any loss suffered as a consequence of a failure to do so.
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
· the right to request a copy of your personal data which RCGS holds about you;
· the right to request that RCGS corrects any personal data if it is found to be inaccurate or out of date;
· the right to request your personal data is erased where it is no longer necessary for RCGS to retain such data;
· the right to withdraw your consent to the processing at any time;
· the right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller;
· the right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing; and
· the right to lodge a complaint with the Information Commissioners Office.
Changes to this privacy notice
We may change this privacy Notice from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our website:
http://www.rotary-ribi.org/clubs/homepage.php?ClubID=604
and/or by notifying you directly.
Our contact details
All enquiries should be directed to the Honorary Secretary of RCGS who may be contacted by email via the ‘Contact Us’ section on our website.
Cookies:
Like most websites, we use “cookies” to help us make our site, and the way you use it, better. We do not store any personal data in the cookies that we use. Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier – for example by automatically filling your name and address in text fields.
In addition, the type of device you’re using to access our website or apps and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, what your device settings are. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.
The type and quantity of information we collect and how we use it depends on why you are providing it. You should be able to control what cookies are placed on your device through your browser settings. Go to www.aboutcookies.org to find out more about cookies, including how to see what cookies have been set and how to manage and delete them.