What is this personal data used for?
We use members’ data for the administration of your membership; the communication of information, the distribution of our publications and the organisation of events. We may provide your name and address to a printer for the sole purpose of sending out your Newsletters and Transactions.
Who is your data shared with?
Your personal data is not passed on by us to organisations other than those indicated above.
Where does this data come from?
Data for most of our members comes from them when they join ESAH or when they update their information.
How is your data stored?
This information is mainly stored in digital form on computers. Any information that is stored remotely is stored in compliance with the General Data Protection Regulation (“GDPR”).
Who is responsible for ensuring compliance with the relevant laws and regulations?
Under the GDPR we do not have a statutory requirement to have a Data Protection Officer. The person who is responsible for ensuring the Society discharges its obligations under the GDPR is the Honorary Membership Secretary.
Who has access to your data?
Members of the Executive Council of ESAH have access to members’ data in order for them to carry out their legitimate tasks for the organisation.
Sub-contractors of ESAH may be given access to data for specific tasks, such as sending mailings. They are not free to use it for any other purpose.
What is the legal basis for collecting this data?
ESAH collects personal data that is necessary for the purposes of its “legitimate interests” as a membership organisation.
For some data, such as that relating to financial matters, the basis for its collection and retention is to comply with our legal obligations.
How you can check what data we have about you?
If you want to see the basic membership data we hold about you, you should contact the Honorary Membership Secretary.
You can contact us with a “Subject Access Request” if you want to ask us to provide you with any other information we hold about you. If you are interested in any particular aspects, specifying them will help us to provide you with what you need quickly and efficiently. We are required to provide this to you within one month.
There is not usually a fee for this, though we can charge a reasonable fee based on the administrative cost of providing the information if a request is manifestly unfounded or excessive, or for requests for further copies of the same information.
Does ESAH collect any “special” data?
The GDPR refers to sensitive personal data as “special categories of personal data”. We do not record any such special data.
How can you ask for data to be removed, limited or corrected?
- There are various ways in which you can limit how your data is used.
You could maintain your membership with your correct name but with limited contact details. However, we do need to have at least one method of contacting you. You could for example simply maintain an up-to-date email address, but of course this would limit what we are able to provide you with in the way of written information, so you would not be able to get the Newsletters and Transactions in printed form or any other benefits that require a mailing address.
- You may choose not to receive information emails from ESAH
- Any of these options can be implemented by contacting the Honorary Membership Secretary.
How long we keep your data for, and why?
We normally keep members’ data after they resign or their membership lapses in case they later wish to re-join. However, we will delete any former member’s contact details on request.
Other data, such as that relating to accounting or personnel matters, is kept for the legally required period.
What happens if a member dies?
We normally keep members’ information after they die. If requested by their next-of- kin to delete it we will do so on the same basis as when requested to remove data by a former member.
Can you download your data to use it elsewhere?
You cannot download your data to use it elsewhere.