General Data Protection Regulations Policy

Background

The new General Data Protection Regulations, which extend the provisions of the existing Data Protection Act, came into force on 25 May 2018. This change affects the way in which the Association holds personal data for its members, and sets out its responsibilities as well as its members’ rights.

Personal Data is any information in digital or physical form that identifies any aspect of members, including name, address, e-mail address, telephone number and financial information, such as bank details relating to subscription payments.

Data Protection

The Association, which is a member organisation, maintains a record of the names and addresses of its members and, where these have been given and where appropriate, e-mail addresses and telephone numbers for the purpose of communicating with them. Where applicable, bank details are also held.

Procedures

Physical data is held solely by the Membership Secretary, who also acts as Treasurer, in dedicated files. A full membership list is maintained in digital form on a personal computer protected by password. Where members have agreed to be contacted by e-mail, these addresses are held by the Association’s Website manager on a separate database.

Privacy

The Association undertakes not to make this information available to any third party, nor use it for any purposes other than for contacting members or, where applicable, processing subscription payments.

The Association may, however, publish contact details of its Committee members and its Local Representatives for the purposes of running the organisation, subject to obtaining their prior consent.

The Association may from time to time send e-mails to the membership via an e-mail marketing service called Mailchimp, which will be covered by its own privacy policy and for which the Association can accept no responsibility.

When members pay their subscriptions via PayPal or GoCardless, information provided to that organisation will be covered by their own privacy policy, for which the Association can again accept no responsibility

Members’ rights

Members have the right to enquire what data is held about them and can have such data corrected or deleted.

They also have the right to have their data removed if they cease to be members, although it must be understood that the Association may need to retain information subsequently to meet legal requirements.

They will be informed of any data security breach.

Executive responsibilities

The new legislation requires an organisation to identify those responsible for data control and processing.

The Data Processors will be the Membership Secretary and the Website Manager, answering to the Committee, which will act as Data Controller.

Consent

New members will signify consent to receive the Association’s communications on joining. Existing members are deemed to have given their consent by virtue of their membership. They will however be given the option to discontinue receiving communications.

New members will signify that they agree with the organisation’s four main objectives upon joining:

(a) To monitor rural planning and proposed development in the designated area and generally take any action considered desirable to protect and improve the rural environment (including the landscape, nature conservation, places of historical interest and rural amenities) whilst recognising the demands of agriculture, the need for appropriate new housing and renewable energy.

(b) To encourage those living in the area to take an interest in protecting and improving it as aforesaid.

(c) To liase with and support other organisations or associations concerned with protecting and improving the rural environment as aforesaid, whether in the designated area or more generally.

(d) Generally, to undertake all such other actions and activities as are considered consistent with the above objects.