YRC Privacy Notice
For full information about GDPR, you can visit the Information Commissioner’s website (www.ico.gov.uk); for the purposes of GDPR, we are the ‘controller’ of all personal data we hold about you; specifically the Membership Secretary acts as the Data Protection Officer for the club, and should be contacted with any enquiries.
We will only contact you regarding Club or membership-related matters (to send you the membership magazine, membership renewal reminders and details regarding our AGM etc.)
Personal information held
The following information is collected and stored, regarding each member:
Name, address, telephone number, email address (if provided upon joining):
Required for managing your membership to the club, e.g. for posting the club’s magazine StaRatS and contacting regarding any club or membership related matters.
Date of birth (junior memberships only):
Required to manage junior memberships – this information is deleted once a member progresses to an adult membership (over 16). Consent must be provided by a parent or guardian for junior membership information to be used. For this reason, a parent/guardian must submit applications for membership that relate solely to junior membership of the club and provide their contact details.
Stud/rattery name (registered studs/ratteries only):
Required to maintain a list of registered studs/ratteries for showing purposes. A list of current members with ratteries/studs is listed on the website and in StaRatS.
Protection of your information
- Membership information is kept within a secure database, held by the Membership Co-ordinator. A copy of this is available to some other committee members, where necessary, to manage your Club membership.
- We have implemented generally accepted standards of technology to protect personal data from loss, misuse or unauthorised alteration or destruction.
- Please note that any information sent to us over the internet can never be guaranteed to be 100% secure.
- We will not transfer your personal data outside the EU without your consent.
- For any payments taken online, we will use a recognised online secure payment system.
- We will notify you promptly in the event of any breach of your personal data which might expose you to serious risk.
Access to your information
- Membership details (name, address, email and phone number) are accessible by the committee.
- We will never sell your personal data or share your data with any third parties without your prior consent, except where we are required to do so by law, or as set out below.
- We may pass your personal data to third-parties, who are service providers to us for the purposes of completing tasks relating to your membership on our behalf. We do this for our legitimate interests in operating the Club.
How long do we keep your information?
We will hold your personal information on our system for as long as you are a member of the club. If your membership lapses, the club will hold your information for five years, to comply with legal obligations and to enable renewal of membership within this period. After five years, your personal data will be removed from the system, including the deletion of forum accounts. If you renew after the five-year period, you must pay the full new membership fee. Information pertaining to rattery/stud names is kept in perpetuity for historical purposes.
Any paper documents or emails will be kept whilst you are a member as evidence of your original membership or rattery registration consent. Five years after membership lapsing, this information will be destroyed/deleted.
Any information held in Club documents, such as names listed in AGM minutes, will be kept in perpetuity unless requested to be specifically removed.
Information provided on rattery registration forms is dealt with in the same manner as membership personal data. This information may be different from membership information (e.g. website details or a different email address). If you agree to be included in our Breeders’ list, your contact information and rattery details are listed on our website. When completing the registration form, you will have the opportunity to choose which contact details to include on the list.
You have the right to amend or remove your details from the list at any time – please contact the Membership Secretary to do this. Please be aware that we do not have control over members of the public downloading and saving information once it is published online.
Under the GPDR, you have the following rights:
- To access your personal data
- To be provided with information about how your personal data is processed.
- To have your personal data corrected
- To have your personal data erased in certain circumstances
- To object to, or restrict, how your personal data is processed
- To have your personal data transferred to yourself or to another business in certain circumstances at your request.
If you have any concerns, or wish to make any data requests, please contact the Membership Secretary. You have the right to take any complaints about how we process your personal data to the Information Commissioner: ico.org.uk/concerns/.
Please note that the information contained in this policy represents the Club’s interpretation of the GDPR as at the date of publication and does not offer official legal advice. While we take reasonable care to ensure the information provided is accurate, members are advised to take appropriate professional advice specific to individual circumstances.
If you have any questions about your personal data, or want to know anything else about GDPR and how it affects you, please get in touch with the Membership Secretary by email to firstname.lastname@example.org. Any requests will be actioned within 30 days.