GDPR Compliant Policy For Data Storage & Use
To comply with Data Protection legislation from May 25th, 2018
What We Store
The details which we currently hold for you, if available, are your:
- Name
- Address
- Telephone number
- Mobile number
- Contact preferences
- Membership status
- Login details
We do NOT keep any financial or banking details, these are on the banks' secure servers only.
Where We Store It
Your details are kept securely in a password protected location on our server.
In the unlikely event that our security is breached, you will be immediately informed by one or more of: email, phone, text, letter.
How We Use This Data
By email, phone or post we:
- Contact members on group administrative business
- Inform members of new events or changes to current events
- Inform members of group related news
- Inform members of urgent business requiring fast response
- Make necessary contact details available to event organisers for the sole purpose of administering their event
Notes:
- We will only process your data in connection with the activities listed above and for any legal or regulatory requirements.
- Information processed for contacts based in the European Economic Area (EEA) will not be transferred outside the EEA without getting their permission to do so first.
- We will never sell your data, nor share it with third parties for marketing or any other purposes.
Who Can Access The Data?
Full access is restricted to committee members via login.
Contact details may be made temporarily available, via a temporary login, to event organisers only for use on their event.
Retention Policy
We will continue to hold your data safely and securely until:
You ask us to remove it from our database
Or
You have not been active on group events for 3 years [unless you specifically ask to be kept on].
GDPR Requirement
To comply with the new regulations, we must now have your permission for us to continue holding and using your personal details.
This has been completed for all members current to September 2018.
Members who gave permission to Leicester Local YHA Group are deemed to have transferred that permission to Leicester Hiking & Hostelling Group after the Group's name change agreed at the 2018 AGM.
New members since then will be able to do this (or have done so) on a revised membership form.
You can withdraw your permission for us to hold and use your details at any time by contacting a member of the management committee and asking to be removed.
You can ask for one of the following:
- Only your name as a member of the group and a contact method of your choice to be held in our records. This will not be passed on so you will be responsible for contacting event organisers on events you want to join.
- To be completely removed and no longer be a member.
Help
We hope this clarifies the way we store and use your data. If you have any questions regarding this policy please contact a member of the Management Committee.