WSMFHS Privacy statement
Weston-super-Mare & District Family History Society
General Data Protection Regulation (GDPR) PRIVACY STATEMENT
Introduction: The General Data Protection Regulation (GDPR) 2018 requires the society to ensure that everyone about whom personal information is stored, whether on a computer or as part of our paper records, is aware of the information kept and the purpose for which it may be used.
What we hold: The society holds only the data you have supplied directly to us. This consists of members' names, addresses, email addresses, phone numbers and the bank information required to set up and monitor Standing Orders* for annual subscriptions. We also retain our Meeting Attendance Books. We keep your data because we have "Legitimate Interests" for processing it in ways which members would reasonably expect us to do and which have a minimal impact upon your privacy. Data is not subjected to any automated decision making protocols.
(* Our bank is HSBC, 30 High Street, Weston-super-Mare, BS23 1JE)
How we hold data: The information you provide to the Weston-super-Mare & District Family History Society will, with your consent, be held on a computer server which is backed up daily. In addition copies are held on a local computer and in a manual filing system. Electronic data will be password protected with a back up file being held in Dropbox computing services or similar.
How Data will be used and processed: For ordinary members, the information will be used solely for communication purposes including website notifications and will not appear elsewhere or be shared. Processing will entail producing mailing labels for posting out the Journal using the mail-merge facility in a word-processor. We also communicate by sending occasional "information emails" to all or some members as considered appropriate to promote society activities. All such emails will be sent "BCC" i.e. Blind-copied, where a recipient member will only be able to see their own email address. Email addresses will be stored securely. Members will be able to decline communications they no longer wish to receive.
Printed Journals are sent to the Agency for the Legal Deposit Libraries and to the British Library.
If you are, or become, a committee member, some of the information you give us may also be (but only with your consent) published on the internet web pages of the society.
Accuracy: The society will keep your data up to date. You can help us by contacting the Membership Secretary if there are changes to your details which need to be amended, or it can be edited by the member on the website.
Access to data: If you wish to obtain a copy of the data we hold, a description of the purposes for which it is being processed, a description of any potential recipients, or any information as to the source of the data, please contact the Secretary of the society who will reply free of charge. (In certain circumstances the society is entitled to charge a fee, currently not exceeding £10; for instance, if an individual requests this information on too regular a basis.)
Retention and disposal of data: Members may ask for their data to be erased at any time by informing the Membership Secretary via the “Contact Us” tab on our Website homepage. Any personal data you have supplied will be deleted if you leave the society unless retention is required for statutory purposes. If you have been a committee member at any stage and your details have (with your consent) appeared in our Journals, then the data will be archived in historic paper editions of the publication and may still be accessed by those who retain them or visit repositories where they are stored. Please contact the Membership Secretary or Secretary if you require further information.
Questions: Any questions or comments concerning GDPR should be directed to the Information Manager.
Thank you for your assistance.
Brian Airey (secretary)
Peter de Dulin (Information Manager & Vice Chairman)
13 May 2018
Approved by Committee: 14 May 2018
Next Review Date: 16 May 2019