BSB GENERAL DATA PROTECTION REGULATION (GDPR) POLICY (28 AUGUST 2018)
The Bath Spa Band (the BSB), which incorporates Main Band and Training Band, is required to be compliant with the General Data Protection Regulation (GDPR). This policy explains what Personal Data the BSB stores, how it uses that information and what rights members have.
The BSB GDPR Policy will be published on the Bath Spa Band website and all information will be deemed to cover both the Main Band and Training Band (referred to jointly as “The BSB”).
2. Membership Information
The BSB stores and uses Personal Data (see Paragraph 5 of this document) solely for the purposes of legitimate use and administration of:
a) Management of the band (Contacts, Subscriptions, Delivery of information from the Committee, Newsletters, 100 Club, and Fundraising);
b) Organising events (Contests, Engagements, Meetings and social gatherings).
Personal Data will not be shared with any other third parties.
Members are required to confirm agreement that the BSB is authorised to…
a) Store their Personal Data; and
b) Maintain a soft/electronic copy of Personal Data in a secure manner. This soft/electronic copy will be updated periodically throughout the membership Year with the Personal Data of new members and, for example, with new contact details for existing members.
The BSB will collect Personal Data from new members on joining. All members will be asked to confirm agreement that their Personal Data can be stored at the time of joining.
3. Membership Database
The BSB stores Personal Data in a Membership Database which is password protected.
The band has appointed a Data Protection Officer (DPO).
The Membership Database is only available to specifically named members of the Committee: this list will be held by the Secretary.
All paper copies of Personal Data will be kept securely (under lock & key).
4. Financial Data
Members’ Financial Data is not required to be provided for Membership Renewal.
Stored Financial Data is used solely for the administration of The BSB for purposes of reimbursing members for expenditure on behalf of the BSB (e.g. fees, miscellaneous purchases, agreed costs).
Financial data is stored securely in the BSB’s bank’s online list of Payees and is only available to the Treasurer, Chairman and Secretary.
5. Personal Data – Definition and Use
Personal Data means data that is subject to GDPR, and includes information used for the purpose of allowing members of the BSB to be able to contact other members.
A full list of Personal Data currently held by the BSB is as follows…
a) Name(s) of member
b) Postal Address
c) Telephone Contact Number (home, daytime , mobile)
d) E Mail Address
e) Instrument(s) played with the BSB
f) Subscription method (DD or other)
g) 100 Club member (Yes/No)
h) Consent to GDPR
NB. For BSB members aged under 18 years old, Personal Data will be held (with consent) both for the member and, for safeguarding reasons, those of their parent or guardian.
6. Legacy Data
If a member resigns or leaves The BSB for any reason their Personal Data will be kept for up to 6 months before being removed from the Membership Database, with the exception of their name and contact details which will be retained for archive purposes.
7. Your Rights
Members have the right, at any time, to see the information that the BSB holds on them. A request should be made in writing to the Secretary. A member has the right to complain to the Information Commissioners’s Office (ICO) if they believe there is a problem with the BSB’s handling of their data which cannot be resolved directly.
Details of the ICO are at https://ico.org.uk/
8. Associated Consent Form
The following Consent Form should be read in conjunction with this BSB GDPR Policy Document:
Bath Spa Band – GDPR Consent Form (31 August 2018)
Please pass all questions and enquiries regarding GDPR to:
Jonathan Rowe, Membership Secretary and Data Protection Officer, Bath Spa Band
Email: email@example.com; Telephone: 07795 967905