What personal information do we collect?
When you become a member of Formby Civic Society you will be asked to provide certain information. This includes:
- your name
- home address
- email address
- telephone number
- your subscription preferences
How do we collect this personal information?
All the information collected is obtained directly from you. This is usually at the point of your initial registration and collected via your membership application form. The lawful basis for collecting and storing your information is due to the contractual relationship that you, as a member, have with Formby Civic Society. In order to inform you about the activities and events that you can access as a member we need to store and process a certain amount of personal data.
How do we use your personal information?
We use your personal information:
- To provide information about Formby Civic Society activities and services to you
- For administration, planning and management of Formby Civic Society
- To communicate with you about Formby Civic Society events
- To monitor, develop and improve the provision of Formby Civic Society activity
We’ll send you messages by email, post, other digital methods and telephone to advise you of Formby Civic Society activities.
With whom do we share your personal information ?
We may disclose information about you, including your personal information
- Internally – to Committee Members and Committee Attendees – as required to facilitate your participation in Formby Civic Society activities.
- If we have a statutory duty to disclose it for legal and/or regulatory reasons ie. To HMRC in relation to Gift Aid. Information would be shared without consent where there were serious safety concerns and it was felt to be in your or the Civic Society’s best interests to disclose information.
How long do we keep your personal information ?
We need to keep your information so that we can provide our services to you and fulfil our accounting obligations. We will keep information on the membership database whilst you are a member which will enable us to check renewal information. We will archive information for past members for historical purposes, unless you have asked us to delete those details. Limited personal information relating to subscription payments are required by the Charity Commission guidance to be kept for 6 years.
How your information can be updated or corrected
To ensure the information we hold is accurate and up to date, members need to inform Formby Civic Society as to any changes to their personal information. You can do this by contacting the Membership Secretary by email firstname.lastname@example.org or to
25 Gorse Way
Should you wish to view the information that Formby Civic Society holds on you, you can make this request by contacting the Membership Secretary as detailed above. There may be certain circumstances where we are not able to comply with this request. This would include where the information may contain references to another individual or for legal, investigative or security reasons. Otherwise we will usually respond within 28 days of the request being made.
How do we store your personal information ?
We have in place a range of security safeguards to protect your personal information against loss or theft, as well as unauthorised access, disclosure, copying, use or modification. Your membership information is held in an encrypted database managed by the Membership Secretary who occasionally provides encrypted copies or extracts to a very restricted number of Committee Members. The Treasurer also keeps limited information relating to subscription payments. Paperwork is kept in a secure locked cabinet.
Photographs are also personal information and we will use photographs taken at Civic Society events in the Newsletter and website only. Members taking photographs for inclusion in the Newsletter and website should seek your permission and tell you that they are taking them for that reason. If you wish at any time to have your photograph removed then you should contact the Membership Secretary. They can however not later be removed from the Newsletters that have already been printed and distributed.
Cookies on the Formby Civic Society website
Availability and changes to this policy
This policy is available on the Formby Civic Society website or by request to the Secretary. This policy may change from time to time. If we make any material changes we will make members aware of this via the newsletter, the Formby Civic Society website, email or at meetings.
The General Data Protection Regulation (GDPR) is a new, Europe-wide law that replaces the Data Protection Act 1998 in the UK.
More information can be found the Information Commissioner’s website:
If you have any queries about this policy, need it in an alternative format, or have any complaints about our privacy practices, please contact the Secretary, Nathalie Phillips
Or the Membership Secretary at the above address.
The Membership Secretary is not a Committee Member, however all references to “Committee Member” should be considered to also apply to that person.
Data Protection Policy
Scope of the policy
This data protection policy ensures Formby Civic Society:
- Complies with data protection law and follows good practice
- Protects the rights of members
- Is open about how it stores and processes members data
- Protects itself from the risks of a data breach
General guidelines for Committee Members, Committee Attendees
- The only people able to access data covered by this policy should be those who need to communicate with or provide a service to Formby Civic Society’s members.
- Formby Civic Society will provide induction training to Committee Members, Committee Attendees to help them understand their responsibilities when handling data.
- Committee Members and Committee Attendees should keep all data secure, by taking sensible precautions and following the guidelines below.
- Strong passwords must be used.
- If data files are being sent between committee approved persons by whatever means, then only encrypted files must be used
- Data should not be shared outside of Formby Civic Society unless with prior consent and/or for specific and agreed reasons.
- Member information should be refreshed periodically to ensure accuracy or when the policy is changed.
Data protection principles
The General Data Protection Regulation identifies key data protection principles:
Principle 1 – Personal data shall be processed lawfully, fairly and in a transparent manner
Principle 2 – Personal data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.
Principle 3 – The collection of personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
Principle 4 – Personal data held should be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
Principle 5 – Personal data must kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals;
Principle 6 – Personal data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Lawful, fair and transparent data processing
Formby Civic Society requests personal information from potential members and members for membership applications and for sending communications about their involvement with Formby Civic Society. The forms used to request personal information will contain a privacy statement informing potential members and members as to why the information is being requested and what the information will be used for. The lawful basis for obtaining member information is due to the contractual relationship that Formby Civic Society has with individual members. In addition, members may be asked to provide consent for specific processing purposes. Formby Civic Society members will be informed as to who they need to contact should they wish for their data not to be used for specific purposes for which they have previously provided consent. Where these requests are received they will be acted upon promptly and the member will be informed as to when the action has been taken.
Processed for specified, explicit and legitimate purposes
Members will be informed as to how their information will be used and the Committee of Formby Civic Society will seek to ensure that member information is not used inappropriately. Appropriate use of information provided by members will include:
- Communicating with members about Formby Civic Society events and activities
- Communicating with members about their membership and/or renewal of their membership
- Communicating with members about specific issues that may have arisen during the course of their membership
- Sending the Formby Civic Society Newsletter or news updates by email
- Posting Committee contact details on the website
- Publishing Committee contact details in the Newsletter
Formby Civic Society will ensure that members’ information is managed in such a way as to not infringe an individual members rights which include:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
Adequate, relevant and limited data processing
Members of Formby Civic Society will only be asked to provide information that is relevant for membership purposes. This will include:
- Postal address
- Email address
- Telephone or mobile phone number
Where additional information may be required such as health related information this will be obtained with the consent of the member who will be informed as to why this information is required and the purpose that it will be used for.
Where Formby Civic Society organises a trip or activity that requires next of kin information to be provided, a legitimate interest assessment will have been completed in order to request this information. Members will be made aware that the assessment has been completed.
Photographs are classified as personal data. Where group photographs are being taken for the Newsletter and website, members will be asked to step out of shot if they don’t wish to be in the photograph. Consent would be required if the photograph was of a named individual. Should a member wish at any time to have their photograph removed then they should contact the Membership Secretary to advise that they no longer wish their photograph to be displayed.
Accuracy of data and keeping data up-to-date
Formby Civic Society has a responsibility to ensure members’ information is kept up to date. Members should let the Membership Secretary know if any of their personal information changes. In addition, on an annual basis, the membership renewal process will provide an opportunity for members to inform Formby Civic Society as to any changes in their personal information.
Accountability and governance
Formby Civic Society Committee is responsible for ensuring that the Civic Society remains compliant with data protection requirements and can evidence that it has. Where consent is required for specific purposes then evidence of this consent (either electronic or paper) will be obtained and retained securely. Formby Civic Society Committee will ensure that new members joining the Committee receive an induction into the requirements of GDPR and the implications for their role. Committee Members shall also stay up to date with guidance and practice within the Civic Society movement. The Committee will review data protection and who has access to information on a regular basis as well as reviewing what data is held. When Committee Members and other members relinquish their roles, they will be asked to pass on the membership data they hold to those who need it and delete the membership data they hold.
Formby Civic Society Committee Members have a responsibility to ensure that data is both securely held and processed. This will include:
- Committee Members and Committee Attendees using strong passwords
- Restricting access of sharing member information to those on the Committee who need to communicate with members on a regular basis
- Using password protection on laptops and PCs that contain personal information and encryption of appropriate data files
- Using password protection/encryption of files when sharing data between Committee Members, Committee Attendees.
- Formby Civic Society uses local printers for newsletters, membership cards, and any special correspondence. Where this involves the use of personal data the committee will scrutinise the Terms and Conditions of each supplier and ensure that they are GDPR compliant
Subject Access Request
Civic Society members are entitled to request access to the information that is held on them by Formby Civic Society. The request needs to be received in the form of a written request to the Membership Secretary of Formby Civic Society. On receipt of the request, the request will be formally acknowledged and dealt with expediently normally within one month unless there are exceptional circumstances as to why the request cannot be granted. Formby Civic Society will provide a written response detailing all information held on the member. A record shall be kept of the date of the request and the date of the response.
Data Breach Notification
Were a data breach to occur, action shall be taken to minimise the harm. This will include ensuring that all Formby Civic Society Committee Members are made aware that a breach has taken place and how the breach occurred. The Committee shall then seek to rectify the cause of the breach as soon as possible to prevent any further breaches.The Information Commissioner’s Office would be notified. The Committee shall also contact the relevant Civic Society members to inform them of the data breach and actions taken to resolve the breach.
Where a Civic Society member feels that there has been a breach by Formby Civic Society, a Committee Member will ask the member to provide an outline of the breach. If the initial contact is by telephone, the Committee Member will ask the member to follow this up with an email or a letter detailing their concern. The alleged breach will then be investigated by members of the Committee who are not in any way implicated in the breach.
Availability and Changes to the Policy
This policy is available on the Formby Civic Society website or by request to the Secretary. This policy may change from time to time. If we make any material changes we will make members aware of this via the newsletter and or the Formby Civic Society website. .
If you have any queries about this policy, need it in an alternative format, or have any complaints about our privacy practices, please contact the Secretary Nathalie Phillips
The Membership Secretary is not a Committee Member, however all references to “Committee Member” should be considered to also apply to that person.