When you visit our website, it sends small files to your computer called cookies. These cannot be used to identify you personally, but can make the website work more efficiently for you by improving the time required to access pages and reducing the number of times you need to enter information. Cookies also enable us to understand how people are using the website so they can improve the online experience they provide.
Privacy & Data Protection Policy
The Charles Close Society (CCS) is run by and for its members. This policy provides an explanation of how its Officers use and protect specific personal information, which includes the information that is gathered from members when they join the CCS.
The Data Protection Act 2018 (DPA (2018)) is the UK Government’s implementation of GDPR and replaces the previous data protection legislation, the Data Protection Act 1998 Like the previous Act, it imposes controls on all organisations which gather and use personal information, affecting both what can be gathered and how it is used.
The impact of DPA (2018) on CCS? Anyone can join CCS without an invitation and for their own reasons. Any one member of CCS is unlikely to know more than a small proportion of the membership either by name or personally. This makes it fundamentally different from a small local club in which all the members know each other and willingly share personal details. The public in general and by implication members of CCS are nowadays much more aware of data protection and the use to which personal data might be put, for example unwanted direct marketing and possibly identity fraud. In the past the regulatory burden on small organisations such as CCS has been light. This may continue to be the case but it is important to be aware of and engage with accepted good practice.
What type of personal data does CCS hold? In its simplest terms, this is the membership list. This contains, as might be expected, the names and contact details of all the members – typically names and addresses but in some cases telephone numbers and email addresses. It also includes current membership status, whether or not a member has signed for gift aid and any position held within CCS.
The justification for holding and processing personal data The regulations make it clear that holding and processing personal data must be for a lawful purpose and these must be determined before data is gathered or processed. For the purposes of CCS it can be argued that we hold and process data on the basis of legitimate interests, for example we hold and process members’ personal data in a way that they consider reasonable and has a minimal impact on their privacy. CCS also obtains and uses personal information by consent. However, there is an important change in that under the new regulations consent must be gained through a positive “opt in” and that consent needs to be specific and easy to withdraw.
Membership information which is held by CCS When a new member joins the CCS, the society collects the new member’s name and contact details, i.e. address, telephone number and e-mail address, which are held in a computer database (a formatted spreadsheet). The CCS will also hold a record of when the subscription was paid, whether the members has signed a Gift Aid Declaration Form and the date on which this was completed. These details are retained for the duration of the membership, by the membership secretary, on their personal computer.
How does CCS use membership information? The personal information that is provided by members is used in a number of ways: -
- To prepare a mailing list for the authorised third parties (e.g. the print company) to facilitate the dispatch of Sheetlines and any other publications for members (e.g. Maps from the Past). This mailing list is password protected when transmitted to the authorised third parties.
- To facilitate member events with items such as name badges.
- To allow officers in the CCS to contact members if this should be necessary (e.g. for subscription renewals)
- To allow CCS to contact HMRC to make a claim for Gift Aid for those members who have completed a Gift Aid Declaration. HMRC requires that Gift Aid records are kept for 6 years.
A separate email list is used to facilitate transmission of news items of interest to members. Members need to specifically “opt-in” to request this service (which is a one-off action) and can remove themselves from the list at any time by contacting the membership secretary. This email list is used for the following purpose: - To send out “CCS News” by email The email list is password protected when passed between Society Officers and not retained on any computer system other than that of the Membership Secretary. A separate list is compiled of those members who have given explicit permission for their name, address and other agreed details to be shared with other CCS members. This list is compiled annually by the Sheetlines editor and a printed copy is distributed to all ordinary and family members with the December issue of Sheetlines.
Sharing information CCS does not share the information it holds with any other organisation and it is only used for the purposes outlined above. No full list of existing or newly-joined members’ details will be published. Backup copies of the membership data are held by the membership secretary.
Information access and correction Members are entitled to request details of the personal information held by the CCS and to ask for it be altered or corrected. A member may also request that some details are deleted, if for example they no longer wish to be contacted by email or no longer wish the CCS to claim Gift Aid. To do this, members should write to or email the CCS membership secretary.
CCS website The CCS website shopping area collects a purchaser’s contact details as part of the online sales process. If the purchase relates to a CCS publication, then the contact details are used to post the goods to the purchaser. If the purchase relates to membership (new or renewal), then the details are used to update the CCS membership database, as detailed above. The purchase contact information, from the website or other contact means (i.e. post, email) is retained securely for a total of seven financial years, as required by HMRC, and held in appropriate secure backup and archive. It is not shared with anyone outside the CCS Officers, and its access is password protected. Credit / debit card details, as provided for the purchase, are not held by the CCS, but immediately passed on to the payment agent (Nochex) for the purposes of the sale. The CCS website “Small advertisements” area advertises on behalf of members and shows their relevant contact information, as provided by those members. The CCS website “contact us” area shows the details for Society Officers, as publicly available. There are links to other websites on the CCS website. This policy only covers the CCS and its website. For other organisations, members should check their privacy policies.
Retention of personal information If a member decides not to continue with their membership of CCS, the CCS will not retain the personal details that they have provided after their membership has ended. Normally this will be once it is clear that the membership has indeed ceased (typically June in the year following the last year for which a subscription was paid i.e. 15 months after membership has lapsed). If the CCS is notified that a member has passed away, their details will be deleted after 3 months. Such data removal will also be implemented in backup copies within an additional 3 months. Any information required for Gift Aid claims will be retained for as long as HMRC requires. Purchase and invoice information will be retained for as long as HMRC requires.
Drafted by Stephen Braim Membership Sec. April 2018 Updated March 2020 Adopted by CCS committee 1 April 2020