Home Syllabus Competitions News Members Gallery Exhibitions Links

Download Data Protection Policy

Dearne Valley Camera Club Data Protection Policy.

A Policy Statement informed by guidelines issued by the Photographic Alliance of Great Britain, and with reference to ‘Data Protection’ notes issued by GOV.UK. The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR).

Dearne Valley Camera Club (DVCC) is a voluntary organisation existing for the shared interests of its members. It is a ‘Data Controller’ in the UK, subject to the Data Protection Act 2018. All persons whose personal data are collected and stored are ‘Data Subjects’.

Summary of Principles:

The Data Controller may only collect Personal Data relevant for lawful purposes. The information should be sufficient and adequate (not excessive) accurate and up to date.

• • Personal Data must be destroyed when it is no longer relevant or required.

• • The Data Controller must keep all Personal Data secure but available for all relevant purposes.

• • The Data Controller must respect the rights of Data Subjects including the rights of access and erasure.


Provisions:

• • Scope: The Club may collect, manage and process data relating to o its members;

• o officials of other Photographic Clubs;

• o lecturers, judges and invited photographers listed within the published PAGB Handbook;

• o other individuals with whom the Club needs to maintain contact, such as editors of local magazines/newspapers/Libraries/Schools for the publication/promotion of Club Events.

• • Compliance: The Digital Economy Act 2018 abolished a requirement to be checked by notification to the Information Commissioner (although non-profit organisations such as DVCC were exempt.) Instead, DVCC will demonstrate its compliance by: o Publishing its Policy, in which it will detail its scope and purpose

• o Reviewing and documenting its compliance with its Policy. (Review annually – document any alterations

• o This Policy recognises the need to respect the rights of all Data Subjects to be informed. All data maintained and processed will be accurate, updated as required, and erased when no longer relevant.

• o Where emails are concerned: it is acceptable for email addresses to be visible when messages are restricted to Committee Members. It is essential that messages sent to the general membership are ‘blind copies’ i.e. the sender should place the circulation list in the ‘BCC’ section of the email header, not in the ‘To’ section.

• o Sign-in forms for meetings and events: Whilst it is important to collect information regarding attendance at events both for evaluation/feedback/administrative purposes and for Health and Safety reasons, it is essential that these lists contain no unnecessary personal information i.e. addresses, telephone numbers, email accounts etc.


• • Voluntary Officers: The Club will designate all Committee Members to be responsible for ensuring the accuracy and safe-keeping of the data held by the Club. No person acting as a Data Controller for the club may share data with another Data Controller body for whom he/she holds responsibility.

 • Lawful Purpose: There are six lawful purposes for the processing of Personal Data. Those relevant to DVCC may be Consent, Contract and /or Legitimate Interests. o DVCC should inform its members about the requirement to hold personal data without explicit consent, as this is deemed valid in preparing a published Policy.

 



 o Data stored must be relevant to the relationship the member has with the Club: Name, any photographic affiliations, awards or achievements, Address, Telephone Number, Email Address, Date of Birth (in the event of tiered memberships); Competition information re image titles and scores, members’ volunteered information offered re photographic equipment used, interests, and any other information necessary or relevant to the running of the Club.

 o Information must be deleted, on request – or through another mechanism where membership ends – within twenty-eight days.

 o It is acceptable to maintain details on a ‘Past Members List’, unless a member requests otherwise.

 o DVCC also maintains the importance to retaining historical records, such as Programmes, Salon Brochures and Award-Winner lists.

 


• • Consent via a Third Party: Data can be shared with other organisations, such as PAGB, providing permission has been obtained from the individual. This permission could be obtained when the individual completes the Club Membership Form. (It would normally be confined to Committee Posts relevant to the needs of the Third Party organisation) and to Inter-Club Competition images and authors.


• • Subject Access: DVCC undertakes to respond within twenty-eight days to a written request for information held on that individual. No reason needs to be stated. It is obliged to react swiftly to any request for rectification or alteration of information. The Club must comply immediately to an individual’s request to receive no further emails. For this purpose, a specific email account has been created for members’ use, which offers a link to unsubscribe: gensecretary_dvcc@yahoo.com.


• • DVCC undertakes that it will never make their membership’s personal data available to any electronic marketing organisation.


• • DVCC undertakes to refuse any request to cascade marketing material to members by electronic messaging.


• • Complaints: If you believe that your data has been misused, or that DVCC has not kept it secure, you should contact the Club to inform them of your concerns. DVCC undertakes to respond in writing within 28 days. In the event the response from DVCC is unsatisfactory, or for further advice, you should contact the Information Commissioner’s Office (ICO):


ICO

Casework@ico.org.uk Telephone: 0303 123 1113 Textphone: 01625 545860

Monday to Friday 9am to 4.30pm Find out about call charges: (http://www.gov.uk/call-charges)

Or write to:

Information Commissioner’s Office

Wycliffe House, Water Lane

Wilmslow

Cheshire

SK9 5AF