Norfolk and Norwich Naturalists’ Society Data Protection Policy – 2017
This policy describes how members’ data is held and used by the Norfolk and Norwich Naturalists’ Society. The policy has been agreed by the Council of the Norfolk and Norwich Naturalists’ Society and forms part of the society’s compliance with the General Data Protection Regulation.
In order to provide membership services, the Norfolk and Norwich Naturalists’ Society hold all or part of the following personal information on a computer:
- Member’s ID – a numeric identifier to avoid confusion over similar names.
- Member’s name
- Postal delivery address
- Member’s email address
- Up to two phone numbers. (Optional but kept if provided)
- Membership type (eg “Full”, “Non-member”, “Affiliated”)
- Date of most recent payment
- Amount of subscription received
- Amount of any donation to the Society
- Free-form comments about the subscription (eg subscriber’s reference, payment method,…)
- Date of most recent subscription payment.
- Date next payment due (normally 1st April annually)
- A list of publications to be sent.
The primary purpose of holding this data is for the Norfolk and Norwich Naturalists’ Society to fulfil its obligation to send members their subscribed publications to the address they supplied.
Occasionally, other communications regarding the Norfolk and Norwich Naturalists’ Society business may be sent either electronically or by post. In these cases the communication will only concern the proper functioning of the Norfolk and Norwich Naturalists’ Society. Examples might be: subscription change or reminder notices or notices of Norfolk and Norwich Naturalists’ Society events.
The Norfolk and Norwich Naturalists’ Society will not use its membership list to supply third parties with address lists or other information unless required to do so under UK law. Nor will the Norfolk and Norwich Naturalists’ Society use the data for fund-raising or direct marketing.
The membership data is held in a database on a personal computer. The computer is password protected as is the database itself . The computer has up to date anti-virus protection software.
Encrypted backup copies are made on other media. Access to that data is only available to Officers of the Society with who access has been shared and who have been informed of the latest password. Back up data will only be used to restore corrupted or lost primary data.
The database membership details are held for two years after membership has ceased, in order to validate accounts. Thereafter the record of every ex-member is deleted and a note added to a history archive recording only that fact.
Only the nominated manager of the data “Data Manager” (normally the Membership Secretary) may access the data and only for official Norfolk and Norwich Naturalists’ Society business. If the Data Manager is indisposed the Chairman of the Norfolk and Norwich Naturalists’ Society may appoint another Committee Member to take on that role. If this happens it will be documented (see Procedures).
Members may request in writing access to their own details for their own purposes. Proof of identity will be required before passing this information on. (For example if a request is received the email address or postal address must match those we hold).
We will respond within the statutory limit of 40 days.
Members can request changes such as address changes in writing and must include proof of identity such as providing the old address or by sending from the email address we hold.
If a member dies or resigns or when membership has lapsed the details of the member will be deleted after two years. This is to allow subscribers who have forgotten to renew to catch up, or to allow family members to continue membership.
If a valid request to delete a membership record is received, this will be done as soon as it is confirmed by the member.