Q. WHAT promises do we make?
In the following, the terms "AVSFHG" and "the Group" both refer to the Alde Valley Suffolk Family History Group.
To administer the Group and provide a service to you, our members, we need certain data from you. As a minimum we need your name and preferably your email address, but, failing that, your postal address. We use that minimal information specifically to transmit the Newsletter to you and to administer your membership, including the collection of membership fees.
We consider this is a lawful basis for processing a limited amount of your personal data.
The Committee "will be responsible as data controller for ensuring that the records are held securely". The "data processors" (or "information officers" as we prefer to call them) are limited to three specific posts within the Committee, namely the Secretary, the Membership Secretary and the Newsletter Editor. The three individuals occupying those posts at any particular time are indicated on the AVSFHG Contact us webpage with an "ℹ︎", denoting "information officer". Only these three persons are privy to members' data.
Someone, like you, whose data is held is a "data subject".
Article 4(11) of the Regulation stipulates that "Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her". The duty of AVSFHG is to comply with the spirit of that and honour your trust in us.
When you apply to join you are asked if you consent to your details being stored on our database to facilitate the Group's administration. Be sure that information will not be shared with third parties, and that you can withdraw your consent at any time by advising the Membership Secretary in writing.
SECURITY AND CONTROLLING YOUR PERSONAL INFORMATION
We are committed to ensuring that your information is secure.
We have put in place physical, electronic and managerial procedures to safeguard and secure the information we collect. These procedures include, for example, limiting access to the data to only those with bona fide reasons for access, who we consider are just the three individual posts identified above.
We will not distribute your personal information to third parties, unless we are required by law to do so.
Those are the promises we make to you …
YOUR "DATA SUBJECT" ACCESS REQUESTS
You may request details of personal information which we hold about you. If you would like a copy of the information held on you, please email or write to the Secretary, whose contact details appear on the Contact us webpage.
If you believe that any information we are holding on you is incorrect or incomplete, please email or write as soon as possible. The Secretary will promptly arrange correction of any information found to be incorrect.
The UK's Information Commissioner's Office (ICO) suggests that the requested information "must be provided without delay and at the latest within one month of receipt".
To honour your privacy, we will only supply this information to the email address or postal address that we hold on file.
To exercise all relevant rights, queries or complaints, please in the first instance contact the Secretary, as explained above. Failing that, you can contact the Information Commissioner's Office on ☏ 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
If a personal data breach occurs, we must establish the likelihood and severity of the resulting risk to your rights and freedoms. If it is likely that there will be a risk, then the Secretary must notify the ICO without undue delay, but not later than 72 hours after becoming aware of it. If we take longer than this, we must give reasons for the delay.
However, if we decide we don’t need to report a breach, we need to be able to justify this decision, so we should document it.
If you continue to access this website or the services available from it after those changes have come into effect, you will be deemed to have agreed to the revised Policy.
WATCH WHAT YOU'RE SIGNING …
To ensure compliance with the latest Policy, please only sign forms at the latest versions, which may be less than the Policy version number shown at the head of this page, and which are —
|Membership application form||version 1.0|
|Committee member's website/Newsletter consent||version 1.0|
|Fieldwork consent||[to be designed, if required]|
|Family-search contract||[to be designed, if required]|
IMPACT OF BREXIT
We understand that the scope of the Regulation is unaffected by any changes resulting from Brexit.