3 What Personal Data Do We Collect And Process About You?
4 How Do We Collect This Personal Data?
5 For What Purposes Do We Collect And Use Your Personal Data?
6 We Process The Personal Data Held About You In The Following Ways:
7 When Do We Disclose Personal Data?
8 What Are Your Rights?
11 Data Security
12 Restriction Or Objection
15 Contacting Us
Your privacy and the security of your personal data is, and will always be, enormously important to us. So, we want to transparently explain how and why we gather, store, share and use your personal data – as well as outline the controls and choices you have around when and how you choose to share your personal data.
The EU General Data Protection Regulation (GDPR) comes into force on the 25th May 2018.
We are obliged by this new regulation to:
- Let you know what information we hold.
- Let you know what we do with that information.
- Advise you how to request to review or erase that information.
When you join Sunderland Astronomical Society(SAS), you complete a membership form we hold that information (along with any changes subsequently notified to us) in a computer database system.
Information That You Give To Us
By providing us with your email address you agree to us contacting you by email. If you do not wish to receive emails, please let us know and we will erase your email address from the records.
In summary, the information we hold is:
- Your Name(s) (incl. family names used for family membership ID cards).
- Telephone number(s) (Home/ Mobile).
- Email address.
- Date Membership (New/Renewal).
- Option for SAS Text Alert Service.
- Option for Gift Aid donation.
- Date of any Gift Aid.
- Donation amount.
- Age range.
- Special Category Data (i.e. health/medical information, used for fundraising application purposes only).
- Photos in some instances (for SAS Committee members and other selected SAS members).
- Signature (on paper application forms).
Separately, we also maintain a record of the method that subscriptions are paid, e.g. Cheque, bank funds transfer or cash. This information is also held on Bank Statements and SARAS accounts. This information is kept for 6 years for audit purposes.
We maintain an electronic backup and also a paper copy (your original membership form).
Paper records are destroyed by shredding 2 years after membership has lapsed.
Electronic records are erased 13 months after membership has lapsed or 3 months after a member has deceased.
The information is primarily used:
- To check whether you are a current or a lapsed member.
- To provide us with a means of contacting you – primarily for notification of events but also general information, newsletters and membership renewal reminders.
We could not operate effectively without maintaining this information, as the only viable method of communication that we have is by email.
- We do not provide a general marketing service
- We will not disclose any information to a 3rd party without permission.
If you would like a written record of the information that we hold, this can be requested by Email or using the website Contact form.
You can request that any or part of the information that we hold is deleted, however this may impact on our ability to keep you notified and would therefore affect the way that the Club benefits you.
Information That You Give To Us
This is the personal data that you provide to us, for example by filling in forms or by corresponding with us by phone, e-mail, post, social media or otherwise.
This personal data would relate to applications for membership, requests to loan out society owned equipment or other society related items.
Information We Collect When Visiting Our Website
We monitor website behaviour through Google Analytics. We collect information about how each visitor uses our site. These are then used to compile reports and to help us improve our site. Information is collected in an anonymous form, including:
- The number of visitors to the site
- Where visitors have come to the site from
- The pages visited
Sunderland Astronomical Society (SAS) wants to provide you with the best possible service. We are always looking for ways to improve. This includes improving our website so that it provides the information that you need, on a regularly updated basis and in an easily accessible way.
Cookies On Our Website
To improve and keep our website up-to-date, we collect information about your visit and we may share some of this information with our third party data analytics service providers to help us assess and improve our website. When this website data is shared with third parties, it will be provided as anonymised, aggregated data with personal data no longer identifiable.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings.
Like most websites, if you turn your cookies off, some of our services may not function properly.
Our General Policy
To meet requirements of the GDPR the association will:
- Only collect information needed for the business of the Society – We will ask the question “Does the Society really need to keep this item of information on file?”
- Keep it secure – The Society will not allow members access to each other’s personal data. For example e-mails to all members will use blind copies (i.e Bcc:), so that members do not see everyone else’s e-mail address. Committee members are entitled to access all information held by their society or its officers acting for the society, but they will not be asking for personal data unless they need it to discharge their duty as a committee member.
- Ensure it is relevant and up to date –Members will be asked to confirm or correct the information the Society holds about them when they pay their rent or renew their membership each year. A review may be conducted if felt necessary by the General Committee.
- Allow the subject of the information to see it on request.
- This is a legal right, and members will be allowed to inspect the data held on them.
- To manage your application for membership of the Society.
- To administer your membership of the Society.
- To notify you of events that the Society is organising for members.
- To send periodic emails – The email address you provide when applying for membership, may be used to send you information and updates pertaining to your membership.
- To enable compliance with statutory and legal obligations.
- To administer and improve our website and other communications with you.
- To respond to any complaint that you might make.
- To contact you in an emergency.
- To answer general enquiries that you may make.
- To maintain the history of the allotment Society officials.
We will not process your personal data:
- To conduct market research.
- To pass it to a third party for that party’s or any other party’s purposes.
- To sell it to a third party.
To fulfil our statutory obligation with regards to the SAS membership of Federation of Astronomical Societies and the Charity Commission (relating to Committee Members only).
When entering into any agreements that involve the sharing or disclosure of personal data, Sunderland Astronomical Society (SAS) requires that these third parties comply with our data protection and information security policies or have substantially similar policies of their own in place.
The GDPR provides you with a number of rights in relation to your personal data. These include rights to the rectification or erasure of your personal data, and to restrict or object to its processing.
If you find that any of the personal data that we hold about you is inaccurate, incomplete or contains errors, please notify us in writing and we shall undertake to make the appropriate corrections at the earliest opportunity.
Should you wish to have some or all of your personal data erased, we will endeavour to do so although there may be instances where legitimate interests or the performance of our statutory obligations prevent us from doing so.
The erasure of your personal data could result in an inability to provide you with some or all of our services.
Sunderland Astronomical Society (SAS) holds all personal membership data in a secure manner. Holding personal data on electronic devices that are password protected and any portable device is encrypted.
Paper copies of data shall be held securely in locked cabinets in locked the appropriate room/building.
The SAS destroys paper copies when there is no longer a need to hold this data. Only holding members data for the absolute minimum and for as short a period as practicable.
If you wish to object to or restrict how your personal data is processed by us, you can do so by writing to us. Please see our contact details below. Please be aware that such requests could result in an inability to provide you with some or all of our services.
You may request to be told whether or not personal data about you is being processed by Sunderland Astronomical Society (SAS).
If your personal data is being processed, you are entitled to receive a response from us that provides you with a description of that personal data, the purpose for which it is processed, the recipients or category of recipients to whom that data is disclosed (including any recipients located outside the European Economic Area ((EEA), the source of the personal data, and information about its retention and storage. A copy of the personal data that is undergoing processing shall be provided to you.
We may occasionally make changes to this Policy.
When we make material changes to this Policy, we’ll provide you with prominent notice as appropriate under the circumstances, e.g., by displaying a prominent notice using the SAS Text Alert Service, our SAS Facebook webpages or by sending you an email. We may notify you in advance.
Please, therefore, make sure you read any such notice carefully.
If you want to find out more about this Policy and how SAS uses your personal data, please visit this Privacy webpage on to find out more.
Alternatively, write to the Data Protection Officer: Sunderland Astronomical Society, c/o Wildfowl & Wetlands Trust, Pattinson, Washington, Tyne & Wear. NE38 8LE.