Data Protection Policy - Suffolk Poetry Society
1. Lawful basis for processing data
Suffolk Poetry Society (the Society) is an unincorporated association with members and a registered charity no. 116 2298.
The Society has the following objectives: the advancement of education in the Arts and in particular in the Art of Poetry howsoever and wheresoever and particularly in the County of Suffolk and in all respects for public benefit. Trustees are elected annually by members at the Annual General Meeting according to the Constitution.
Members join the Society on payment of an annual subscription due in January each year; patrons are appointed for a period of up to three years. In order to contact members and patrons, provide member benefits and share information about poetry opportunities, the Society needs to hold personal information on members and patrons. Personal data will be processed lawfully, fairly and transparently in compliance with UK data protection regulations.
The Society obtains personal data from individuals on taking out membership and reminds members annually at renewal of membership of the need to inform the membership secretary of any change to their contact details. This is laid out in the privacy notice published on the website. The Society requests consent to holding the personal data of patrons at the time of appointment for the period of their appointment.
The Society will collect and use such personal data for legitimate Society purposes and will not pass on personal data without the explicit consent of the member or patron. Personal data will be held securely and confidentially.
This policy explains how such personal data is collected, processed, stored and deleted:
2. Members’ details
Members’ names, postal addresses, telephone details and email addresses are kept confidentially by the Membership Secretary
These details are shared with the Officers of the Charity (Chair, Treasurer and Secretary) who may pass on individual details to other Trustees as required for the purposes of the Charity’s business.
These details are updated annually as necessary.
These details will not be shared with any third party without the explicit consent of the member.
Financial information provided by members is processed by the Treasurer for the purposes of individual financial transactions
Gift Aid details provided by members are maintained by the Membership Secretary and passed to the Treasurer who advises HMRC.
Members will be advised by notices at events that photographs or video recordings may be taken for publicity purposes, Twelve Rivers magazine, the Society’s website etc. If members do not wish to be in any photographs/videos, they should make themselves known to the photographer/organiser.
3. Details of third parties
The details of non-members (including patrons), customers, sponsors and partners as provided by them (names, postal addresses, telephone details, email addresses, financial data) will be used by the Society on a transactional basis e.g. for the Festival of Suffolk Poetry, Twelve Rivers, Crabbe Poetry Competition, workshops and other Society collaborations. These details will not be shared with third parties without the consent of the non-member, customer or partner.
4. Members’ rights
Members can request to see any personal data stored on them, by contacting the Membership Secretary or a Trustee; the Membership Secretary will respond within one month.
Members can request that any inaccurate personal data is updated or removed by contacting the Membership Secretary who will do this within one month (maximum two months if a complex request), informing the officers of the Society.
A member’s personal data will be erased from the membership list by the Membership Secretary annually once it is clear that the member has not re-subscribed for the following year
Members can unsubscribe from receiving news items by clicking on the unsubscribe link or by contacting the Membership Secretary.
Members can object to how their personal data is being used by contacting the Membership Secretary who will respond within one month.
Members have all other rights as laid down in the UK General Data Protection Regulation coming into force on May 25th 2018.
5. Responsibilities for data protection
The Trustees of the Society are responsible for
ensuring appropriate safeguards are in place to keep the personal data of members safe and secure (password protected or physically secure),
keeping this policy updated
the Charity complying with legal data protection requirements
The Membership Secretary is responsible for
maintaining and keeping secure up-to-date records of members’ personal data.
These records will be destroyed on non-renewal, resignation or death of any member, once the Society no longer requires the information.
The Secretary will
maintain and update this policy on behalf of the Trustees
work closely with the Chair on investigating and reporting any breaches, including informing the ICO
ensure the Society’s privacy notices are reviewed regularly by the Trustees (at least annually)
maintain Trustee details and up-date Charity Commission records of Trustees annually
The Treasurer will
Act as the lead trustee for the Society as Data Controller, on behalf of the Trustees
Keep the Society’s database up-to-date and secure, based on information provided by the Membership Secretary
Keep secure any financial information provided by members, only keeping this for any legally required period
Share members’ names and addresses with HMRC according to members’ Gift Aid declarations so that the Society can claim back Gift Aid.
The Crabbe Competition Secretary will maintain securely the names and addresses of entrants to the annual Crabbe poetry competition. These records will be destroyed once the Crabbe Competition Secretary no longer needs this information.
The Editor of Twelve Rivers will maintain securely the names and addresses of members and non-members with whom she/he has correspondence about Twelve Rivers.
The Portfolio Group Secretary (currently not a trustee) will maintain securely the names and addresses of members who join the Portfolio Group. These records will be destroyed on non-renewal, resignation or death of any member, once the Portfolio Group Secretary no longer requires the information.
The Officers and other Trustees (if appropriate for an event) will hold copies of members’ details securely, not holding on to paper lists which might become out of date, other than for a short time period e.g. for AGM admission purposes and Festival purposes. Paper lists will be destroyed after these events.
In the case of a personal data breach reported by a Trustee and/or a member, this will be reported to the Chair who will immediately inform the Membership Secretary and work with the officers of the Charity to investigate the occurrence. Any breach must be reported to the ICO within 72 hours detailing what data has been breached (amount, type of data), the likely consequence, the steps already taken to mitigate and the name of the Data Controller.
Secretary, Suffolk Poetry Society
Registered charity 1162298
Approved by trustees 20.5.18
To be reviewed May 2019