The Data Protection  Act 2018

This Act is the UK’s implementation of the General Data Protection Regulation (GDPR).

What does it mean?

Any organisation holding personal data in written or digital format has to comply with the Regulation and ensure that-

1. The data is stored securely.
2. That consent must be given by an individual for their data to be retained.
3. That an individual can ask to have their data removed entirely at any time.

What information does the Society hold?

1. The Society maintains a single membership database.
2. This contains some or all of the following for each member –
• Name
• Address
• Telephone numbers
• Email address

Is the information safe?

1. Any paper records held by the Society are kept securely locked away.
2. Most information supplied to the Society in writing is transferred to our computer system and the original paperwork is destroyed.
3. Data held on our password protected computer system is securely encrypted.
4. Bulk email sent to Society members does not list the recipients.
• When you receive an email from the Society you cannot see details of other members who have been sent the same email.
• If a member were to suffer a security breach on their own computer a third party cannot extract details of any other Society member from the compromised data.

Do you ever share data?

1. The Society will never share information with any other party.
2. Information that we hold is used solely to maintain our membership list and to enable us to contact our members.

How is consent given to retain data?

1. Consent is given when the “Agree” button is selected on a “Join us” or “Renew subscription” form.

Can consent be withdrawn?

1. Consent can be withdrawn at any time by contacting The Secretary. must respond to your request within thirty days.
2. If consent is withdrawn all personal details will be removed from the Membership Database.
3. It will not be possible to send news updates or reminders to a member whose data has been removed.