This Privacy Policy explains how we collect, store and use the personal information you give to us. If you have any questions concerning your personal data and how we look after it or if you would like to update how you would like to hear from us, then please contact us (click here).

Norfolk and Norwich Naturalists’ Society Data Protection Policy

Thanks for reading this page – it is part of our compliance with the UK General Data Protection Regulation (GDPR) 2018

Personal Data held, how it is used, where it is stored, who accesses it and how, your consentamending your data, removing data no longer needed.


This policy describes how members’ data is held and used by the Norfolk and Norwich Naturalists’ Society. The policy has been agreed by the Council of the Norfolk and Norwich Naturalists’ Society and forms part of the society’s compliance with the General Data Protection Regulation.

Personal Data Held

When a member subscribes, renews their subscription or amends their contact information a record is added or amended in our data.

Personal Data Held

In order to provide membership services, the Norfolk and Norwich Naturalists’ Society hold all or part of the following personal information on a computer:

  • Member’s ID – a numeric identifier to avoid confusion over similar names.
  • Member’s name
  • Postal delivery address
  • Member’s email address
  • Up to two phone numbers. (Optional but kept if provided)
  • Membership type (eg “Full”, “Non-member”, “Affiliated”)
  • Date of joining the Society, if known
  • Amount of subscription received
  • Amount of any donation to the Society
  • Free-form comments about the subscription (eg subscriber’s reference, payment method,…)
  • Date of most recent subscription payment.
  • Date next payment due (normally 1st April annually)
  • A list of publications to be sent.

We may also store some of this data securely on “Cloud” storage including OneDrive and MailChimp.

How We Use Personal Data

The primary purpose of holding this data is for the Norfolk and Norwich Naturalists’ Society to fulfil its obligation to send members their subscribed publications to the address they supplied.
Occasionally, other communications regarding the Norfolk and Norwich Naturalists’ Society business may be sent either electronically or by post. In these cases the communication will only concern the proper functioning of the Norfolk and Norwich Naturalists’ Society. Examples might be: subscription change or reminder notices or notices of Norfolk and Norwich Naturalists’ Society events.
The Norfolk and Norwich Naturalists’ Society will not use its membership list to supply third parties with address lists or other information unless required to do so under UK law. Nor will the Norfolk and Norwich Naturalists’ Society use the data for fund-raising or direct marketing.

Storage of Personal Data

The membership data is held in a database on a personal computer. The computer is password protected as is the database itself . The computer has up to date anti-virus protection software.
Encrypted backup copies are made on other media. Access to that data is only available to Officers of the Society with whom access has been shared and who have been informed of the latest password. Back up data will only be used to restore corrupted or lost primary data.
The database membership details are held for two years after membership has ceased, in order to validate accounts. Thereafter the record of every ex-member is deleted and a note added to a history archive recording only that fact.

Access to Personal Data

Only the nominated manager of the data “Data Manager” (normally the Membership Secretary) may access the data and only for official Norfolk and Norwich Naturalists’ Society business. If the Data Manager is indisposed the Chairman of the Norfolk and Norwich Naturalists’ Society may appoint another Committee Member to take on that role. If this happens it will be documented (see Procedures).

If you are a Member, you consent for the Society to hold the information which you supplied to us, and which is necessary for us to serve you as a member and without which the Society does not consider you to be a Member.

Members may request in writing access to their own details for their own purposes. Proof of identity will be required before passing this information on as a “Subject Access Request” (SAR). (For example if a request is received the email address or postal address must match those we hold).

We will respond within the statutory limit of 40 days.

Changes to Personal Data

Members can request changes such as address changes in writing and must include proof of identity such as providing the old address or by sending from the email address we hold.

Deletion of Personal Data

If a member dies or resigns or when membership has lapsed the details of the member will be deleted after two years. This is to allow subscribers who have forgotten to renew to catch up, or to allow family members to continue membership.
If a valid request to delete a membership record is received, this will be done as soon as it is confirmed by the member.