19/07/21

General Data Protection Regulations (GDPR).

On 25/05/18 new regulations came into force governing the storage and use of your personal data. We are required by law to explain how we store, use and process your data. Our GDPR  policy will be reviewed every three years.

How We Gather Your Data

We gather your personal data from the application forms you will complete (or have completed) to become a club member or to make a venue hire booking.

We will soon be launching a new monthly newsletter for customers and members, you can subscribe here.

We do not gather personal data from any other sources. The accuracy of the information we gather is reliant upon the information you supply. 

Why Do We Need It ?

We use your data to maintain our membership records and customer database. We will use your data to contact you regarding your membership or regarding a booking.

 Processing And Storage

All application forms and booking forms will be directed to a central email address, and processed onto a database. The database is held offline, and is password protected. We are transitioning to a paperless system, and some data is still stored on paper.

We will only store your data for a period of three years, after that we will contact you to confirm that you wish to stay on our database.

Who Has Access To My Data ?

Only the Trustees and the club management team, who deal with membership and venue hire have access. A full list is available upon request from the Data Protection Officer. We will not offer or share any part or parts of your personal data to third party organisations without your explicit consent.

Your Consent

All new membership applications will contain a detailed consent for data storage, as will venue hire booking forms.

Your Rights

  1. You have the right to withdraw your consent to data storage at any point. Just simply email our Data Protection Officer (details below), and request to have your data deleted.

  2. You have the right to see the personal data we hold on you. Again just email the DPO, and ask for a copy of your records. We aim to respond to all requests within 30 days.

  3. You have the right to be informed if we plan to use your personal data for a new purpose or if we update our privacy information. We will communicate the changes to individuals before starting any new processing.

 

Data Protection Officer

The DPO is Lisa Thomas, who can be contacted at enquiries@mayandbakersclub.co.uk