Version 1.0
Date: 20/02/2020
Introduction
The intention of this policy is to clearly define to any individual how Telford Business Club processes ‘Personal data’ for which it has responsibility.
The definition of ‘Personal data’ is that as defined by the Data Protection Act 2018 / GDPR, this is primarily pieces of data that identify you as an individual.
In circumstances where any individual supplies ‘Personal data’ about themselves to Telford Business Club, we will become responsible for it legally as the ‘Data Controller’ and will process your data in accordance with the Principles and legal requirements of the Data Protection Act 2018 / GDPR.
The definition of a ‘Data Controller’ is that as defined by the Data Protection Act 2018 / GDPR.
Telford Business Club operates for the purpose of providing opportunities to its members, visitors and guests to promote themselves and their business activities. It is therefore an integral element of engagement with the club, that personal data provided will be shared in variety of ways.
Company Contact Details:
Telford Business Club
c/o Nigel West (Chair)
51, High Street, Newport, Shropshire. TF10 7AT
Contact: secretary@telfordbusinessclub.com
The appointed club member responsible for Data Protection is:
The appointed Chairperson is responsible and can be contacted using the above details.
Why do we need your data?
We require Personal data from you to be able to facilitate your membership of the club and promote your business. We may also collect a minimum amount of data from you as a visitor to the club or guest speaker.
We will only ask for and keep the data needed by the club to manage membership, club events and general promotion of members businesses and club events.
The Privacy Notice Matrix at the end of this policy gives details of what types of data we may store about you and the lawful basis for this.
What do we do with your data?
We have a responsibility to protect data we hold about you and ensure it is not accessed by anyone who is not authorised to use it for the reasons we legitimately hold it. We also have a responsibility to ensure that your data is accurate, retrievable and is not kept any longer than is necessary or legally required.
We have assessed the risks associated with the types of data we are responsible for and implemented appropriate levels of Technical and Organisational measures to protect it.
We will not store your data outside of the European Union.
Access to the storage of data held by the club about you, will be limited to only those authorised committee members who administer the various activities of the club. The club is legally bound to provide your data to any regulatory body who has authority to request access to it.
The club exists for the purpose of providing members, visitors or guests networking opportunities to promote themselves and their businesses. Your data will therefore be made available in membership listings online, during events and other promotional communications. Members of the club are encouraged to promote fellow members, visitors or guests to other businesses or individuals who may be interested in their products or services and in doing so, may share your data with them. The club may also share your data with other parties interested in your scope of business activity.
It is therefore essential that you do not share any data with the club or its members, that you would not consent to being used as described above. It will be considered by the club that as a participating member, visitor or guest you are consenting to the use of your data as described.
If you are concerned about the use of any specific data, which the club has requested or has previously been given to it, please contact the secretary.
We will not pass your data to third parties to use for marketing of their own services.
The Privacy Notice Matrix at the end of this policy gives details of how long we may need to keep your data.
What happens if we lose your data or it is accessed by unauthorised persons?
If we detect that ‘Personal data’ we are holding as a Data Controller, has been lost or accessed by unauthorised persons (a Data Breach) and that this will potentially infringe your rights or cause you harm; we will inform you immediately of the data breach.
We will also be required legally to inform the Information Commissioners Office (the Governments data protection regulator) within 72Hrs of detecting the breach; if harm or distress has been caused to individuals, who may then investigate our compliance with data protection legislation and effectiveness of our controls.
What rights do you have?
Data protection regulations give you a legal right to:
- request information on what data is held about you.
- have your data changed or deleted from our records.
- withdraw any consent given.
- have your data transferred.
- restrict processing of your data and/or objection to its processing.
To make a request under these rights please use the following:
E Mail: secretary@telfordbusinessclub.com
Under normal circumstances we will not charge you for processing these requests and will respond to you within 30 working days. If we believe your request is complex and will be chargeable; we will first contact you before proceeding.
- To lodge a complaint with the Information Commissioner’s Office
To make a complaint to the ICO (Information Commissioners Office) use the link below or call their hotline on Tel No.: 0303 123 1113.
General Enquiries ?
If you would like to make any general enquiries about our data protection policies please use the following contacts:
E Mail – secretary@telfordbusinessclub.com
Links to other websites
Our website may contain links to other websites of interest. You should note that we do not have any control over those websites, and so cannot be responsible for the protection and privacy of any information which you provide whilst visiting them.
Acceptance of these terms
By using our website and/or engaging with the club, which requires the use of your Personal data; you signify your acceptance of the terms of our privacy policy.
Please do not proceed, If you do not agree to the terms of our privacy policy and/or wish to enquire further about them.
We reserve the right to make changes to this Privacy Notice at any time.
Privacy Notice Matrix
Processing Activity | Personal Data required / held | Retention Time | Lawful Basis for Processing |
Membership Administration | Name, Work Phone No., Work Address Work E Mail Address | Duration of Membership + 3 Months | Consent / Legitimate Interest Data provided by you and used in the interests of you & the club |
Visitors, Guests & E mail enquiries | Name, Work Phone No., Work Address Work E Mail Address | Maximum 3 Months | Consent / Legitimate Interest Data provided by you and used in the interests of you & the club |
Website Members Listing | Name, Work Phone No., Work Address Work E Mail Address Images (Photo) | Duration of Membership + 3 Months | Consent / Legitimate Interest Data provided by you and used in the interests of you & the club |
Club promotional activities, events & marketing | Images (Photo’s / Video) Name, Work Phone No., Work Address Work E Mail Address | Retained unless you withdraw consent | Legitimate Interest Retained by the club to promote its previous activities & membership benefits |