Rotary Club of Newport Uskmouth Privacy Notice

Privacy Notice                           

The Rotary Club of Newport Uskmouth (“we”) promise to respect the confidentiality of any personal data you share with us, or that we have access to through Rotary International, Rotary International Great Britain and Ireland (Rotary GB&I) or other agency to keep it safe, and we will always make every effort to protect your privacy.  

The Rotary Club of Newport Uskmouth also acknowledge the Rotary GB&I Privacy Notice, and the Rotary District 1150 Privacy Notice and accept them as part of this document where appropriate.

It is expected that Club officers and other Rotarians acting under direction on behalf of The Rotary Club of Newport Uskmouth may also process member and other persons related to Rotary personal data, they too will be bound by this privacy notice.

We collect information in the following ways:

When you give it to us DIRECTLY

There are many ways you may give us your information. For example, when you join as a member, or communicate with us by means such as email or in person. We are responsible for your data at all times.

When you give it to us INDIRECTLY            

Your information may be shared with us by independent organisations, for example sites like Virgin Money Giving. These independent third parties will only share your information when you have consented. You should check their Privacy Notice when you provide your information  Via Social Media 

Depending on your settings or the privacy notices for social media and messaging services like Facebook you might give us permission to access information from those accounts. Via information available publicly

This may include information found in places such as websites, Companies House and information that has been published in articles/newspapers.

What personal information we collect and how we use it

We will only ever capture the minimum amount of data that we need to in relation to your membership, donation or services we provide to you and we promise to keep your information secure. The personal data we will usually collect is the minimum required to carry out the purpose of the data collection stipulated by the data controller.

 How we will use your data

We will use your personal data for the legitimate interest of conducting core business activities, these will include:

       Administer your membership or donation, including processing Gift Aid.

       Provide you with the services, products or information you asked for.

       Providing services, products, guidance or information to clubs for their general activities, including Disclosure and Barring Service checks.

       Communicating organisational messages and information to members and club officers.

       Facilitate conference, training seminars, meetings and other special event planning.

       Supporting Rotary members magazines.

       Supporting The Rotary Foundation (TRF) and the Rotary Foundation United Kingdom.

       Providing information and updates to Members and club officers on Rotary programmes and service projects.

       Preparation of Rotary handbooks.

       Identifying candidates for Presidential and Rotary Foundation appointments to conferences. 

       Appointments to committees, club and district offices and other assignments within the Rotary organisation.

       To present our website and its contents to you and to allow you to participate in interactive features on our website.

       Keep a record of your relationship with us.

       Understand how we can improve our services, products or information.

       In any other way we may describe when you provide the information.

       For any other purposes with your consent.


 Sensitive information

We do not collect any member’s personal information classified as ‘sensitive’ under the General Data Protection Regulations (GDPR).

We do not collect any personal information classified as ‘sensitive’ under GDPR on individuals to whom we provide a service. 

 Interact, Rotakids and under 18’s data

We do not collect information from anyone under 18 years of age with the exception of club sponsored participants in the Rotary Youth Leadership Award (RYLA).

The ROTARY GB&I District Youth Exchange Association operates as a separate entity https://www.youthexchange.org.uk/ 

 Data Sharing

1) Our service/host providers

In the course of our legitimate business activities, there may be a need for us to share, or give access to, your personal data to third parties that provide us with services or host our applications/software that you may access, for instance:

        Banking organisations – those that provide our banking/payment services.

       Financial audit companies for the purpose of auditing the Rotary Club of Newport Uskmouth’s finances.

       Magazine publishers and distribution providers.

       Heart Internet – Rotary GB&I Template database, Data Management System (DMS) and rotarygbi.org secure hosting service provider.

       HMRC – for Gift Aid, tax and employment details.

       Rotary International/Rotary International in Great Britain and Ireland

 We will ensure that data processing agreements, compliant to GDPR, are in place before sharing with, or giving access to, your data with any of our service/host providers.

2) Sharing within the Rotary organisation

The Rotary organisation is made up of Rotary International, The Rotary Foundation (TRF), Rotary International in Great Britain and Ireland, the Rotary Foundation United Kingdom (RFUK) and the RIBI Donations Trust.

When you give information to us it may be shared within the wider organisation to facilitate your membership or donations and to provide the service afforded to you as part of that membership/donation. We will ensure that data processing agreements, compliant to GDPR, are in place before sharing your data within the wider organisation.

 The Rotary Club of Newport Uskmouth is a data processor for some of your personal information associated with your membership and will process your data in accordance with this and Rotary GB&I and Rotary District 1150 privacy notices.  As a club where we collect personal data for our individual club activities we are an independent data controller. This means we are legally responsible for protecting your data under GDPR legislation.

 3) Sharing with third parties

We will never commercially sell your personal data to anyone else.

We will only ever share your personal data in other circumstances, not listed above, if we have your explicit and informed consent at the time of collection. However, we may need to disclose your details if required to the police, other agencies, for example HMRC, regulatory bodies or our legal advisors.

How we keep your information safe and who has access to it

We will ensure that where a club officer holds legitimate data outside the Rotary Data tools (e.g. DMS) there are appropriate physical and technical controls in place to protect your personal details. For example, confidential paper records are securely stored, virus and other security software is in place and updated. Confidential paper waste is shredded.

 Whoever holds data outside the DMS within the club should undertake regular reviews to ensure that your personal information is only accessible by the Rotary members and our service/host providers securely and only for the purpose collected and destroyed once the data has reached its planned time of use. 

We have a duty to report certain types of personal data breaches to the relevant supervisory authority, and where feasible, we will do this within 72 hours of becoming aware of the breach.  If a breach is detected and likely to result in a high risk of adversely affecting you, we will inform you without undue delay.

Where we store your information

We will endeavour to store data securely and where appropriate passwords, encryption, internet and virus security including backups.

How long we retain your information and how we keep it up to date

We will only keep your information for as long as we need it to assist you and within the time specified in the Data collection plan set up by the Data Controller. There are statutory timescales on how long we should keep your information, for example, gift aid transactions must be retained indefinitely; financial records must be kept for 7 years; information associated with Health & Safety for three years after an event; youth data up to three years after adulthood. We shall delete your information according to these statutory limits, or according to guidance issued by the Information Commissioner.

Individual members are responsible for keeping their own personal data up to date and have access to the Rotary GB&I Data Management System (DMS) or My Rotary on the Rotary GB&I website for this purpose. In addition, where necessary, we will keep your information accurate and up-to-date. 

Your rights

The General Data Protection Regulations gives you certain rights, further clarification of your rights is available on the Information Commissioners website https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulationgdpr/individual-rights/

In certain situations, these rights may not apply, for example if you are a valid member we will need to communicate with you about your membership and those services afforded to you as part of that membership; you hold a club or district office and we need to communicate with you in relation to that office, in which case you will not be able to unsubscribe from these communications.

We collect and process your personal data through legitimate interests or because you have provided it to us to enable us to deliver a service to you.  We will only process your personal data as you would reasonably expect us to. You can opt out of our general member mailings at any time.

If you are unhappy with how we have processed your information, you have the right to lodge a complaint with the Office of the Information Commissioner, contact details below.

Changes to this privacy notice

We may change this Privacy Notice from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our website or by notifying you directly.

Our contact details

Hon. Secretary via the Contact page

Complaints

If you are unhappy with how we have processed your personal information, please firstly contact the Hon. Secretary, Rotary Club of Newport Uskmouth as above.

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire, SK9 5AF

The Rotary Club of Newport Uskmouth


Cookies:

Like most websites, we use “cookies” to help us make our site, and the way you use it, better. We do not store any personal data in the cookies that we use. Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier – for example by automatically filling your name and address in text fields.

In addition, the type of device you’re using to access our website or apps and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, what your device settings are. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.

The type and quantity of information we collect and how we use it depends on why you are providing it. You should be able to control what cookies are placed on your device through your browser settings. Go to www.aboutcookies.org to find out more about cookies, including how to see what cookies have been set and how to manage and delete them.