The Verwood and District Horticultural Society Members
Data Protection Policy of 25 May 2018
The data that members provide on their membership forms is kept in documents that are held and processed electronically. This means that the Society is subject to the Data Protection Act.
Under the Act, member's data is not classed as "sensitive data", and because the Society is a not-for-profit organisation there is no requirement to register with the ICO (Information Commissioner's Office). Nevertheless, under the Act, there are responsibilities of care to uphold. Below outlines the Society policies.
1. What data is held?
The Society is only allowed to keep data necessary for Society activities.
The following data will be kept on record:
2. What is the data used for?
The data will only be used for legitimate Society uses, including: communication between committee members and other members as part of the general running of the Society; notification of Society meetings, outings, notices etc.
The Society will not disclose your data to other members or to third parties, or use it on behalf of third parties.
3. Who has access to the data?
Only those who need access to the data have access to it. The following committee members have access to the member data: Chairman, Secretary, Membership Secretary, Show Secretary. The Chairman and Secretary hold paper copies of the membership list should they need to contact members. The Social Secretaries may be given member contact data if they need to communicate for social events or outings.
4. What happens when a member chooses to leave the Society?
If a member leaves the Society, their details will be immediately taken off both computers and the Chairman and other members of the committee will get a revised membership list.
5. How is data accuracy maintained?
The Society endeavours to maintain accurate records, but it relies on members advising the Membership Officer of data changes. Members can at any time ask the Secretary for a copy of their recorded data. To request this, send an email to firstname.lastname@example.org.
6. How will the email addresses be used?
The Committee member responsible for sending distribution emails to all members has a specific email account (email@example.com) used for the purpose. This account contains members' email data. Mass emails to the membership are sent out as a blind carbon copy (Bcc) so that addresses are not disclosed.
7. How will data be secured?
The membership data is held in documents on committee members' personal computers. Committee members are expected to take the usual precautions regarding security. The documents themselves, mostly spreadsheets, are not encrypted.
There is sometimes a need to transmit a copy of all the data between committee members. Under these circumstances any document will be encrypted and the password communicated by telephone. This is to mitigate the risk that the document is sent to the wrong recipient.
8. Who is responsible for the implementation of this policy?
The Chairman of the Society is responsible for ensuring that this policy is adhered to.