Data Protection

Data Protection

The General Data Protection Regulation (GDPR) is a European Union regulation which came into effect on 25 May 2018.

GDPR applies to all organisations and aims to standardise and strengthen data protection policies. There can be serious financial penalties for any organisation that breaches these laws.

The term ‘data’ refers to any personal information you store. The data you hold belongs to the data subject (the person) and that data subject has the absolute right to say what happens to their information - and seek compensation if it is wrongly used or used without proper explicit consent. GDPR applies to all personal data that you currently hold. These laws apply to all data, not just data collected after May 2018.

Data Protection - Proof of Insurance

When organising events, we have to show reasonable endeavours to enquire whether participants are insured, and particularly if they are not our Gold members, then a straightforward self-declaration is sufficient. If this entails a tick box, the name of the insurer and policy number then that is enough for the purposes of our own policy. Furthermore, we have to be very careful, and avoid the risk that under data protection and GDPR principles that we may be holding, and not storing securely, physical insurance certificates from individuals that contain personal data. (Duncan Snook - Dec 2021)

Templates

Privacy Policy

Privacy Notice - Membership Form

Responding to a Data Protection Breach

Subject Access Request (SAR) Procedure and Form

Subject Access Request (SAR) Guidance for Staff & Volunteers

Data Processor Agreement

Managing a Data Protection Breach

Personal Information Asset Register

Photography, Filming and Recording

Photography, filming and recording advice

Location advisory notice for photography, filming and recording

Photo consent must be obtained and the forms retained.