This Privacy Policy explains how we collect, store and use the personal information you give to us. If you have any questions concerning your personal data and how we look after it or if you would like to update how you would like to hear from us, then please contact us (click here).

Norfolk & Norwich Naturalists' Society Data Protection Policy

Thank you for reading this page – it is part of our compliance with the UK General Data Protection Regulation (GDPR) 2018

Personal Data held, how it is used, where it is stored, who accesses it and how, your consentamending your data, removing data no longer needed.


This policy describes how members’ data is held and used by the Norfolk & Norwich Naturalists' Society. The policy has been agreed by the Council of the Norfolk & Norwich Naturalists' Society and forms part of the society’s compliance with the General Data Protection Regulation.

Personal Data Sources

When a member subscribes, renews their subscription or amends their contact information a record is added or amended in our data.
When a purchaser of our publications places an order, their contact information is only retained for accounting purposes and for no other, nor is it shared except for the purpose of sending that order.

Personal Data Held

In order to provide membership services, the Norfolk & Norwich Naturalists' Society hold all or part of the following personal information:

  • Member’s ID – a numeric identifier to avoid confusion over similar names.
  • Member’s name
  • Postal delivery address
  • Member’s email address
  • Up to two phone numbers. (Optional but kept if provided)
  • Membership type (eg “Full”, “Non-member”, “Affiliated”)
  • Date of joining the Society, if known
  • Amount of subscription received
  • Amount of any donation to the Society
  • Free-form comments about the subscription (eg subscriber’s reference, payment method,…)
  • Date of most recent subscription payment.
  • Date next payment due (normally 1st April annually)
  • A list of publications to be sent.

How We Use Personal Data

The primary purpose of holding this data is for the Norfolk & Norwich Naturalists' Society to fulfil its obligation to send members their subscribed publications to the address they supplied.
Occasionally, other communications regarding the Norfolk & Norwich Naturalists' Society business may be sent either electronically or by post. In these cases the communication will only concern the proper functioning of the Norfolk & Norwich Naturalists' Society. Examples might be: subscription change or reminder notices or notices of Norfolk & Norwich Naturalists' Society events.
The Norfolk & Norwich Naturalists' Society will not use its membership list to supply third parties with address lists or other information unless required to do so under UK law. Nor will the Norfolk & Norwich Naturalists' Society use the data for fund-raising or direct marketing.

Storage of Personal Data

We store Membership data on an encrypted database on a personal computer with password protection and it may be copied to secure “Cloud” storage such as OneDrive. The computer has up to date anti-virus protection software.
We keep separate secure mailing lists on MailChimp and MailerLite, entries on which are held in a GDPR compliant manner. Access to that data is only available to Officers of the Society with whom access has been shared for the Society’s purposes and who have been informed of the latest password. Back up data will only be used to restore corrupted or lost primary data.
The database membership details are held for two years after membership has ceased, in order to validate accounts. Thereafter the record of every ex-member is deleted and a note added to a history archive recording only that fact.

Access to Personal Data

Only the nominated manager of the data “Data Manager” (currently the Membership Secretary) may access the data and only for official Norfolk & Norwich Naturalists' Society business. If the Data Manager is indisposed the Chair of the Norfolk & Norwich Naturalists' Society may appoint another Committee Member to take on that role. If this happens it will be documented.

If you are a Member, you give consent for the Society to hold the information which you supplied to us, and which is necessary for us to serve you as a member and without which the Society does not consider you to be a Member.

Members may request in writing access to their own details for their own purposes. Proof of identity will be required before passing this information on as a “Subject Access Request” (SAR). (For example if a request is received the email address or postal address must match those we hold).

We will respond within the statutory limit of 40 days.

Changes to Personal Data

Members can request changes such as address changes in writing and must include proof of identity such as providing the old address or by sending from the email address we hold. Your Email address can be changed here.

Deletion of Personal Data

If a member dies or resigns or when membership has lapsed the details of the member will be deleted after two years. This is to allow subscribers who have forgotten to renew to catch up, or to allow family members to continue membership in the short term.
If a request to delete a membership record is received, this will be done as soon as the written request is validated by the member or other representing them. By post or email from a known recipient.

Document Revison History

Revised January 2024
Revised November 2022
Revised April 2020
Rewritten April 2018 for GDPR 2018
Completely revised April 2015
Previous version on request only.