Privacy Statement
The General Data Protection Regulations (GDPR) came into force during 2018. They broadly follow the principles of previous legislation but with some tightening. They are mainly aimed at protecting individual from large organisations, but they apply to any organisation or individual that handles ‘personal information’, which includes the Guild and all its Branches.
Guild operations were reviewed in the light of GDPR and as the basis for producing a data privacy policy that makes us compliant in a way that minimises the impact on the Guild’s ability to continue to communicate with, and provide services to, its members.
Much of the information held by the Guild can legally be used on the basis of ‘legitimate interest’, which does not require formal consent, and the policy is based on that. However, where slightly more than this minimum information is held it does rely on consent (either explicit, or often implicit).
The ‘light touch’ policy relies on the information passed to the Guild by branch officers and/or tower correspondents having been given willingly by the member or the member’s representative, with full awareness of how we will use it, and that it will be deleted should the member request it. Ongoing consent is assumed unless notified otherwise. A member’s information can be reviewed by the member or by the Guild Membership Secretary/an authorised Guild Administrator on the Guild membership system at any time.
- The policy and supporting documents are available from the links below.
- Data privacy policy– This is the top level policy.
- Data management processes– Details of how we operate (existing and new procedures, with a section on tidying up history).
- Legitimate interest assessment– GDPR requires this if we hold information on the basis of ‘legitimate interest’ rather than ‘consent’.
- MemberMojo is the membership database used by the Guild to administer membership. MemberMojo’s GDPR statement can be viewed Here