West Mercia Beagle Club

 

GENERAL DATA PROTECTION REGULATION (GDPR)

West Mercia Beagle Club

General Data Protection Regulation

Data Protection Policy and Procedures

 

Introduction

 

The West Mercia Beagle Club (WMBC) is committed to a policy of protecting the rights and privacy of individuals. WMBC needs to collect and use certain types of Data in order to carry on our work of running and providing the services of a breed club. This personal information must be collected and handled securely. 

The Data Protection Act 1998 (DPA) and General Data Protection Regulations (GDPR) govern the use of information about people (personal data). Personal data can be held on computers, laptops and mobile devices, or in a manual file, and includes email, minutes of meetings, and photographs.

 

WMBC will remain the data controller for the information held. The Officers and Committee are personally responsible for processing and using personal information in accordance with the Data Protection Act and GDPR. The Officers and Committee, who have access to personal information, will therefore be expected to read and comply with this policy.

 

Purpose    

The purpose of this policy is to set out WMBC’s commitment and procedures for protecting personal data. The Officers and Committee regard the lawful and correct treatment of personal information as very important to successful working, and to maintaining the confidence of those with whom we deal with. WMBC recognise the risks to individuals of identity theft and financial loss if personal data is lost or stolen.

 

Lawful Basis for the Collection of Data   
 

The lawful basis for the processing of personal data by WMBC is by consent of the individual, clearly given to WMBC. Explicit consent may be in the form of a written agreement at the time of joining or by actively requesting personal data being included by WMBC on its database, e.g. seeking inclusion on a judging list.

 

Applying the Data Protection Act within WMBC

WMBC will only collect personal data for the purposes of running the services of WMBC and in the provision of activities associated with WMBC. It is our responsibility to ensure the data is only used for this purpose. Access to personal information will be limited to The Officers, Committee and only those acting with the authority of the Officers and Committee in running events and activities for WMBC. Personal data will only be held for as long as it is reasonably required to fulfil the obligations of WMBC.

WMBC does not undertake commercial marketing activities and will not disclose personal data to any third party for such purposes. Personal data is required to be submitted to The Kennel Club annually.

 

Responsibilities     

WMBC is the Data Controller under the Act, and is legally responsible for complying with the Act, which means that it determines what purposes personal information held will be used for.  The Officers and Committee will take into account legal requirements and assure that it:

 

- collects and uses information fairly;
- specifies the purposes for which information is used;
- collects and process as appropriate information, and only to    the extent that it is needed to fulfil its operating needs or to    comply with any legal requirements;
- ensures the quality of information used;
- ensures the quality of information used;

- ensures the rights of people about whom information is held,    can be exercised under the Act;

including,


   - the right to be informed that processing is undertaken;
   - the right of access to one’s personal information;
   - the right to prevent processing in certain circumstances, and
   - the right to correct, rectify, block or erase information 
     which is regarded as incorrect information.
 

- take appropriate technical and organisation security
  measures to safeguard personal information,
- set out clear procedures for responding to requests for
  information.
 

All the Officers and Committee are aware that a breach of the rules and procedures identified in this policy may lead to action being taken against them.

 

Procedures for Handling Data & Data Security    

The Officers and Committee must ensure that personal data is dealt with properly no matter how it is collected, recorded or used. This applies whether or not the information is held on paper, in a computer or recorded by some other means.

 

Personal data relates to data of living individuals who can be identified from that data and use of that data could cause an individual damage or distress. This does not mean that mentioning someone’s name in a document comprises personal data; however, combining various data elements such as a person’s name address, telephone number and e-mail address etc. would be classed as personal data, and falls within the scope of the DPA and GDPR.

 

WMBC’s Data Protection Officer is the Secretary

 

The Data Protection Officer will be responsible for ensuring that this policy is implemented and is periodically reviewed and amended as required.

 

Privacy Notice and Consent Policy    

The privacy notice and consent policy are as follows and will be used on all membership forms:

WMBC has a Data Protection Policy and accompanying procedures. These are published on the WMBC website and are also available from the Secretary on request.

 

Members’ personal data (name, address, telephone number and KC affixes) are processed in a computer for the purpose of compiling and maintaining WMBC’s list of members and for use with WMBC’s correspondence with members. The list of members will be supplied to The Kennel Club, but will not be issued or sold to commercial organisations. In order to comply with The Data Protection Act 1998 (DPA) and General Data Protection Regulations (GDPR) signing the application form gives explicit consent to member’s personal data being recorded on computers or electronic media authorised by WMBC for such use.

Consent forms will be stored by the Secretary in a securely held electronic or paper file.

 

* * * * * * *