General Data Protection Register Policy Statement

General Data Protection Register Policy Statement

The General Data Protection Regulation (EU) or GDPR is a regulation in EU Law designed to give individuals control over their personal data and how it is used by organisations. It was designed to protect the way in which data is being used by large organisations but now, even small organisations are having to comply.

Western Power Electricity Historical Society comes under this umbrella and these very brief notes detail how the Society will conform to the minimum requirements of the law.

The basic information that is stored for every current member of the Society is as follows:

• Name and Address
• Telephone Number
• Email Address

The data will only be used for the purposes of operating the Society’s business. It will not be shared with, or sold to third parties.

The data will always be stored in a way that prevents unauthorised third party access.

The data will be managed by the Membership Secretary.

When, for whatever reason, a member leaves the Society ALL of the details stated above records will be permanently deleted from the Society’s files. However, authorships etc. associated with the Society’s records will continue to be shown.

A member may request a copy of their personal data at any time. The request must be made in writing.

A member can request a change to their data at any time. Again, the request must be made in writing.

Each member will be required to complete a form detailing their agreement to the use and storage of the data and a copy of the form is attached as an Appendix to this document. It should be noted that the form also includes a possible agreement covering the use of personal photographs by the Society though they will not form a part of the Membership Record.

November 2019