ODG Guild Header
Established January 17 1881
Data Protection LogoThe Data Protection Act (DPA)

There has been a Data Protection Act since 1984. It was introduced largely because of concern at the growth of computerised record keeping. The 1998 Act has been extended to cover all types of records which contain information about individuals. This includes information stored on microfiche or in paper-based files.

The Data Protection Act ensures that personal data relating to individuals is only used according to certain guidelines and that individuals have the right to see data that relates to them. Names held in the database are classified as being 'for research, historical or statistical purposes' (Section 33 of the Act). No other information is held.

As a no-profit making organisation there is no requirement for the Oxford Diocesan Guld of Church Bellringers to register with the Data Protection Commissioner. This does not however exempt the Data Controllers (in this case the Guild Webmaster, Guild Secretary, Guild Membership Secretary, Newsletter Editor and Guild Treasurer) from adhering to the eight principles of the act.

Information about you

If you are a Guild member, or if you have rung a quarter peal or peal in the Guild it is most likely that your name is in the site somewhere. Much of the archive information is taken from reports previously published in The Ringing World and other sources. Although this puts the information in the public domain, by holding it in an easily retrievable format, it comes within the scope of the DPA. You may also have been mentioned in the minutes of meetings or you may have taken part in some other activity. Under the DPA you have the right to ask what information is held by the Guild that relates to you. If you want to know, just contact the Guild Secretary. Everything is in one database, so you should be easy to find. The act stipulates that personal data should be accurate so if you find an error, let us know. Such corrections also improve the quality of the Archives as an educational resource.

Permissions to hold and process personal data

After some discussion within the Guild it has been decided that, while the Guild will strive to inform anyone whose personal data it holds is kept informed, it is not practically possible to obtain written consent from everyone whose name is mentioned in every document, minute, peal or quarter peal.

Notice is given here that individuals can expect their names may appear in some articles on this website once that information is published in the public domain.

The Oxford Diocesan Guild Archives have now been in operation for a number of years and have enjoyed the full support of the Guild membership. The delivery of information via the web and e-mail has received similar encouragement. There have been regular opportunities for members to voice any concerns during quarterly meetings and via the Guild Newsletter.



 

The basic guidelines of the Data Protection Act are:

  1. Personal data must be processed fairly and lawfully.
  2. Personal data must be obtained and used for specified and lawful purposes.
  3. Personal data must be adequate, relevant and not excessive.
  4. Personal data must be accurate and where necessary, kept up to date.
  5. Personal data must not be kept for longer than necessary.
  6. Personal data must be processed in accordance with the rights of data subjects.
  7. Personal data must be kept secure.
  8. Personal data must be properly protected when transferred overseas
  9. Some definition of terms used in the Data Protection Act

How these principles are applied to the information held by the Guild and contained within this web site.

1 Personal data must be processed fairly and lawfully.

The Oxford Diocesan Guild and its Branches only use personal data for the purposes listed in principle 2 below.

2 Personal data must only be obtained and used for specified and lawful purposes.

Firstly, it is required that data users tell individuals what "specified and lawful purposes" their data is to be used for.

In the case of the Oxford Diocesan Guild these have been identified as:

  • Reporting of performances that individuals take part in. Unless such performances are publicly published they are not officially recognised.
  • Checking that participants in performances are paid up members of the Guild.
  • Publishing contact details of tower correspondents. This is primarily for the use of ringers in arranging visits but is also valuable in case of emergency.
3 Personal data must be adequate, relevant and not excessive.

For most ringers, the data consists of:

Name, Performance, Membership year, Tower, Telephone Number, E-Mail address



For tower correspondents, this consists of:

Name, Tower, Address, Telephone Number, E-Mail address

No other data is needed for the normal running of the Guild and its branches.

4 Personal data must be accurate and where necessary, kept up to date.

For tower correspondents, details are published in the Guild Annual Report. However, a rolling record is also kept by Guild officers and is available on request. Corrections can be made to this at any time at the request of correspondents.

Membership and performance information is also published in the Annual Report and performances are also published in The Ringing World. The use of database technology allows corrections to be made to historical membership and performance records. By referring to this record via this web site, ringers can easily identify errors and get changes made according to principle 6 below. This helps to establish a better quality of record than has previously been possible.

5 Personal data must not be kept for longer than necessary.

Membership records have traditionally been retained indefinitely. This is to support the Guild rule that states that a member, having completed 50 years continuous membership, is subsequently entitled to free membership. Whilst this rule is subject to change the principal remains the same.

Performance data is also traditionally maintained indefinitely to allow complete records of performances in individual towers to be used for educational purposes. Also, for technical reasons, performances occasionally have to be withdrawn. This can occur years after the event.

6 Personal data must be processed in accordance with the rights of data subjects.

Data subjects have the following rights:

  • Inaccurate information is to be corrected or erased
    This web site and associated database makes this possible
  • A copy of their information must be provided on request
    This web site and associated database makes this possible
  • Data Subjects can opt out of direct marketing
    Any information used by The Guild will not be used for such purposes
  • Data Subjects are entitled to compensation for breach of the act.
7 Personal data must be kept secure.

For tower correspondents, personal address data is published in the Annual Report and is also available on request from Guild officers. In order to address principle 8, this information is not available via this web site.

All other information is already in the public domain.

8 Personal data must be properly protected when transferred overseas

For tower correspondents, address data is published in the Annual Report and is also available on request from Guild officers. This information is not available via this web site.

All other information is already in the public domain.




 Some definitions of terms in the Data Protection Act:

TERM USED

DEFINITION

Data Information that is either computerised, or it forms part of a manual record (for example a paper-based file or microfiche record.)
Personal Data Data which relate to a living individual, including expressions of opinion.
Processing A range of activities from collection to destruction, including the mere holding of personal data.
Data Subject An individual who is the subject of personal data.
Data Controller Was called "Data User." Whoever determines the purpose(s) for which data are to be processed.
Data Processor Any person, other than an employee of the Data Controller, that processes data on behalf of a Controller.
Data Protection Commissioner Was called "Data Protection Registrar." An appointed official responsible for enforcing the Data Protection Act.
Notification Was called "Registration." A register is maintained by the Commissioner containing details of Data Controllers' processing activities.
Return to the main FAQ page