WORCESTER RAMBLING CLUB – GDPR DATA POLICY
1. This Policy describes how Worcester Rambling Club (WRC) will handle personal data so as to comply with the General Data Protection Regulation (GDPR) when it comes into force on 25 May 2018.
2. All Committee members who hold office from time to time as members of the Committee of WRC hold personal data on behalf of WRC during their period of office. The signed data consent forms are held by WRC Treasurer.
3. WRC holds data in accordance with good practice standards of personal domestic data security. Data is not encrypted.
4. WRC only uses personal data for the specific purposes of WRC for which members intend it, for example subscription data, and for the purposes of specific consents which it receives for the sending and receipt of information.
5. WRC does not release a member’s personal data to any other person without the specific consent of the member. Permission can only be obtained by request to a designated data holder (paragraph 2 above) and that data holder asking for and receiving the consent of the member to release it to the person requesting.
6. WRC does not send open address emails, that is an email sent to more than one person at the same time where the email address of more than one intended recipient is visible in the email as an intended recipient.
7. A person who has given data consent to WRC may opt out of that consent at any time by informing WRC Treasurer. Contact details can be found in WRC Newsletter or via the WRC website.
Date: 27th March 2018