Data Protection
The Data Protection Act (DPA)
There has been a Data Protection Act since 1984. It was introduced largely because of concern at the growth of computerised record keeping. The 1998 Act has been extended to cover all types of records which contain information about individuals. This includes information stored on microfiche or in paper-based files.
The Data Protection Act ensures that personal data relating to individuals is only used according to certain guidelines and that individuals have the right to see data that relates to them. Names held in the database are classified as being ‘for research, historical or statistical purposes’ (Section 33 of the Act). No other information is held.
As a no-profit making organisation there is no requirement for the Reading Branch to register with the Data Protection Commissioner. This does not however exempt the Data Controllers (in this case the Branch Webmaster, Secretary, Newsletter Editor and Treasurer) from adhering to the eight principles of the act.
Information about you
If you are a Reading Branch member, or if you have rung a quarter peal or peal in the branch it is most likely that your name is in the site somewhere. Much of the archive information is taken from reports previously published in The Ringing World and other sources. Although this puts the information in the public domain, by holding it in an easily retrievable format, it comes within the scope of the DPA. You may also have been mentioned in the minutes of meetings or you may have taken part in some other activity. Under the DPA you have the right to ask what information is held by the Reading Branch that relates to you. If you want to know, just contact the Branch Secretary. Everything is in one database, so you should be easy to find. The act stipulates that personal data should be accurate so if you find an error, let us know. Such corrections also improve the quality of the Archives as an educational resource.
Permissions to hold and process personal data
After some discussion within the Branch it has been decided that, while the Branch will strive to inform anyone whose personal data it holds is kept informed, it is not practically possible to obtain written consent from everyone whose name is mentioned in every document, minute, peal or quarter peal.
Notice is given here that individuals can expect their names may appear in some articles on this website once that information is published in the public domain.
The Reading Branch Archives have now been in operation for a number of years and have enjoyed the full support of the Branch membership. The delivery of information via the web and e-mail has received similar encouragement. There have been regular opportunities for members to voice any concerns during quarterly meetings and via the Branch Newsletter. To date only two members have expressed any views on the matter.
How these principles are applied to the information held by The Reading Branch and contained within this web site.
- 1 Personal data must be processed fairly and lawfully.
The Oxford Diocesan Guild and the Reading Branch only use personal data for the purposes listed in principle 2 below. - 2 Personal data must only be obtained and used for specified and lawful purposes.Firstly, it is required that data users tell individuals what “specified and lawful purposes” their data is to be used for.
In the case of the Oxford Diocesan Guild and the Reading Branch these have been identified as:
- Reporting of performances that individuals take part in. Unless such performances are publicly published they are not officially recognised.
- Checking that participants in performances are paid up members of the Guild.
- Publishing contact details of tower correspondents. This is primarily for the use of ringers in arranging visits but is also valuable in case of emergency.
- 3 Personal data must be adequate, relevant and not excessive.For most ringers, the data consists of:Name, Performance, Membership year, Tower, Telephone Number, E-Mail address
For tower correspondents, this consists of:Name, Tower, Address, Telephone Number, E-Mail addressNo other data is needed for the normal running of the Guild and its branches.
- 4 Personal data must be accurate and where necessary, kept up to date.
For tower correspondents, details are published in the Guild Annual Report. However, a rolling record is also kept by Guild officers and is available on request. Corrections can be made to this at any time at the request of correspondents.Membership and performance information is also published in the Annual Report and performances are also published in The Ringing World. The use of database technology allows corrections to be made to historical membership and performance records. By referring to this record via this web site, ringers can easily identify errors and get changes made according to principle 6 below. This helps to establish a better quality of record than has previously been possible. - 5 Personal data must not be kept for longer than necessary.
Membership records have traditionally been retained indefinitely. This is to support the Guild rule that states that a member, having completed 50 years continuous membership, is subsequently entitled to free membership.Performance data is also traditionally maintained indefinitely to allow complete records of performances in individual towers to be used for educational purposes. Also, for technical reasons, performances occasionally have to be withdrawn. This can occur years after the event. - 6 Personal data must be processed in accordance with the rights of data subjects.
Data subjects have the following rights:- Inaccurate information is to be corrected or erased
A copy of their information must be provided on request - Data Subjects can opt out of direct marketing
- Data Subjects are entitled to compensation for breach of the act.
- Inaccurate information is to be corrected or erased
- 7 Personal data must be kept secure.
For tower correspondents, personal address data is published in the Annual Report and is also available on request from Guild officers. In order to address principle 8, this information is not available via this web site.All other information is already in the public domain. - 8 Personal data must be properly protected when transferred overseas
For tower correspondents, address data is published in the Annual Report and is also available on request from Guild officers. This information is not available via this web site.
All other information is already in the public domain.
Some definitions of terms in the Data Protection Act:
TERM USED |
DEFINITION |
Data | Information that is either computerised, or it forms part of a manual record (for example a paper-based file or microfiche record.) |
Personal Data | Data which relate to a living individual, including expressions of opinion. |
Processing | A range of activities from collection to destruction, including the mere holding of personal data. |
Data Subject | An individual who is the subject of personal data. |
Data Controller | Was called “Data User.” Whoever determines the purpose(s) for which data are to be processed. |
Data Processor | Any person, other than an employee of the Data Controller, that processes data on behalf of a Controller. |
Data Protection Commissioner | Was called “Data Protection Registrar.” An appointed official responsible for enforcing the Data Protection Act. |
Notification | Was called “Registration.” A register is maintained by the Commissioner containing details of Data Controllers’ processing activities. |