Dolphins Cruising Club – General Data Protection Register (GDPR) Notice and Privacy Policy 5^thMarch 2019     

Your personal data 

Major changes are about to take place to UK law relating to data privacy and protection which includes personal information (“data”) which the Club keeps about you. 

It is vital that you take the time to carefully and thoroughly read this Privacy Notice. 

Any Questions at all, please contact the Hon Secretary. 

The Club’s first task is to be a lawful processor of your data. 

Lawful processing 

Dolphins Cruising Club (DCC) does not need to obtain specific consent to process data. DCC is also exempted from any obligation to appoint a Data Protection Officer. We accept the obligation to carry out processing in ways which are lawful, fair and transparent. 

Types of data collected and stored 

DCC is committed to recording accurate personal data which primarily consists of the information on the Membership Application Form, the website, as well as banking information either in the form of Direct Debit, credit or debit cards. 

In the event of there being a data breach DCC undertakes to inform you (as well as any relevant authority) not later than 14 days of it becoming aware of the breach. 

Transfer and sharing of data 

The Membership Secretary and Accounts (which includes any member of the administration team) together with the Hon Treasurer are the principal processors of your data. 

We will not be able to release to a member personal data about another member, save in relation to the basic information appearing on the Club Website and the Club Handbook, without consulting the other member. 

DCC does not knowingly transfer your data outside the EU. The ultimate location of computer servers can make this apparently simple commitment difficult to enforce. 

Retention of data 

DCC intends to hold your data throughout the period of your Membership and will apply the following post-Membership policies: 

– In the case of resignation, for up to six months and thereafter to retain indefinitely only your name, the date of joining, together with the date and reason of resignation. 

– In the case of death, for up to six months (from date of notification) and thereafter to retain indefinitely only your name, the date of joining and the date of death for archival purposes only. 

– After 6 months from the date of leaving all members will be required to remove data about you from their records. 

– In the case of exclusion, for eight years (in order that appropriate institutional memory exists of the circumstances). 

Your rights relating to your data 

To complain:

– DCC wishes to deal with complaints itself before recourse to any external authority and asks Members to submit complaints via email to the Commodore. It is open to Members to submit a complaint at any time to the Office of the Information Commissioner. 

– To have correct data recorded by the Club. 

– To require the Club to erase data which it holds about you as a Member. 

– DCC fully respects the new legislation but reminds Members that the low-level information gathered by the Club is perceived by the Club as the minimum needed. 

The Club website 

This policy applies when members use the Club website. 

There is a link to the policy when you log on to the site. 

Updates 

Whenever this policy is updated a notice will be sent to Members. 

This policy will be reviewed Prior to our AGM in 2019 and annually thereafter. 

Authorisation 

We require your specific consent to retain and use your data as indicated in the above. The submission of a membership application is taken as confirming your agreement.