The General Data Protection Regulations (GDPR) came into effect on 25th May 2018.
The GDPR aims to strengthen the rules about how organisations obtain, use, and store personal data.
The GDPR sets out six lawful bases for handling personal data and at least one of these must apply whenever we handle your personal information which you have given to the Club (your data). The basis which applies to the Club is the one which relates to Consent – this means that individual members have given clear consent for the Club to handle their personal data for specific purposes. By joining the club you consent to the club collecting and storing your data until you relinquish your membership.
- What personal data we collect and how we use it.
The Club will hold the details (eg. your name, age, address, emergency contacts, telephone numbers and e-mail addresses) provided by you on the joining and renewal forms along with other information it holds or obtains from or about you. The Club will use it for a number of purposes. For example:
for maintaining records;
for administering the finances of the Club;
for responding to any enquiries you might make;
for administering any Club events in which you participate or may wish to participate and to deal with any incidents involving you;
for creating anonymous aggregated information about members;
for contacting you about club events, offers and opportunities either by post, e-mail, online or phone;
- Recording Images
The Club may record the events and rides in which you participate and only general images of cyclists will form part of the information the Club holds and uses. Many of these images will be posted on the Club website.
Publication on websites: the only details posted on the Club website will be anonymous images of events and individual images in the Members Gallery is password protected from non-members. If you do not want your images to appear on the website you should inform the webmaster by e-mail.
If you wish to disclose your e-mail address(s) to members of the Club you must take positive action to do so on the relevant page of the website.
The Club does not participate in any marketing activities involving member’s data.
In addition, we do not pass on data to third parties for any reason without your consent.
- Your Rights
You are entitled to a copy of your personal data from the Club. For details of how to do this you should contact the Membership Secretary via the link on the Club website. If you leave the Club you can request that your all your data is deleted . However, we do have to hold some data for certain periods of time (5 to 7 years) to maintain our records. You can request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you properly corrected.
- Security of your data
Personal data on the Club website is password protected so people who are not members of the Club cannot access it.
The Club will handle your data in a manner that ensures appropriate security including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage using relevant technical or organisational measures.
Both the Treasurer and the Membership Secretary hold some Club data on their personal computers and every effort is made to ensure that his is held securely
Meridian Data Protection Statement v20180626