PURPOSE OF THIS POLICY
This policy gives the following information about personal data:
what information we collect from you;
where we keep it;
why we collect it;
how we use it; and
how long we keep it; and
your rights in relation to it.
WHAT INFORMATION MAY WE COLLECT FROM YOU?
The Data we hold on Members are their names addresses, telephone numbers and in some cases their e-mail addresses. The GDPR applies to any personal data that we keep on members of the club and members of staff needed to run the club. (Club Bookings) Names, addresses and telephone numbers.
WHERE WE STORE YOUR PERSONAL DATA
The Data we hold on members is contained on a computer. The computer is kept in the secretary’s office which is kept locked when not in use and requires a password to access the members data. This password is changed monthly. All Membership application forms and Membership renewal forms are shredded within 30 days of completion. The Data we hold on Staff Members are; their names, addresses, telephone numbers, training records national insurance numbers, and any relevant tax coding information, Club bookings data kept in a diary behind bar
USES MADE OF THE INFORMATION
The data we hold is only used for core business purposes only, including staff administration, and record keeping of members for administration purposes only. we do not share any information we hold on members and staff with any third parties, other than the regularity authorities, such as HMRC as required by law.
DISCLOSURES OF YOUR INFORMATION
This information is not shared with any third parties and is only used by the club to contact individuals through E-mail, telephone or the postal service, on club business. Deceased members information is deleted on notification of death. Any member if they so wish can have their e-mails deleted from our data base by submitting a request in writing, this also applies to resigned, lapsed or any other who was and is now not a member of Middlesbrough & District Motor Club. Names and addresses of all ex members are kept on file for information we require to comply with our Articles of Association under section 14 Cessation of membership and section 15 Expulsion or Suspension of Members. This information is not shared with any third parties.
Access to information. The Act gives you the right to access information held about you. You can find out what information we hold about you by making a Subject Access Request under the Act. If we hold personal information about you we will give you a description of it, tell you why we are holding it and let you have a copy of it.
UPDATING OR AMENDING DATA
If any of the personal information that we hold about you is incorrect or needs updating, or if you want us to delete any personal information, please contact us. We may request that you provide further information and identification to enable us to comply with this request.
RETENTION AND DELETION OF YOUR DATA
We need to retain certain data to ensure that we can:
comply with our legal and regulatory requirements;
fulfil and service your membership
investigate any complaints and bring or defend any legal proceedings.
We are permitted to retain data for longer than the periods specified above if we need to use that data to bring or to defend legal action. This exclusion is necessary to allow us to collect and safely store all relevant materials and to allow us to prepare our case.
We must also retain data for a longer period if a crime is detected or suspected, or if we are requested to do so by a court or by a law enforcement agency.
THIRD PARTY LINKS ON OUR WEBSITE
Our site may, from time to time, contain links to and from the websites of our partner networks, affiliates and other third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
The Data Protection Act 1998 allows for CCTV images which can be used to identify an individual to be handed over for the prevention or detection of crime, the prosecution or apprehension of offenders or where the disclosure is required by law. While many licensing conditions stipulate that licensees should provide CCTV images to the police “on request”, the requirements of the Data Protection Act 1998 are that such disclosures should only be necessary for investigating or preventing a crime or apprehending or prosecuting an offender. Any other requests for access to CCTV images will only be considered in line with the relevant GDPR available to the committee.
We do not put images from our CCTV coverage on any social media outlets. All CCTV images are deleted after 30 days
Data Controller: (Chairman)
Data Input Controller for Membership: (Membership Chairwoman)
Data input controller for Staff: (Treasurer) & (Assistant to Treasurer)
Data input controller for Function Book/Diary (Secretary)
Data input controller for Motor Sport Diary: (Motor Sport Captain)