Baslow Choir – Data Protection & Retention Policy (PDF)
General Data Protection Regulations (GDPR) – Summary How We Comply (PDF)
The General Data Protection Regulations (2018) apply to all personal information held or stored by an organisation, whether on paper or in a computer, and requires organisations to meet the principles of good practice, as stated in the Act and enforced by the Information Commissioner’s Office.
Baslow Choir holds basic personal information on all its members and associates on a secure computer system, for use in the efficient management of the choir, and this is shared securely with committee members. It does not hold any sensitive personal information, nor does it share that information with any other organisations or persons, except where required by law, to the extent required by such law (e.g., details of committee members, as charity trustees, must be provided to the Charities Commission). Where members have agreed to do so, some information (e.g. phone numbers and/or email addresses) may be shared with all members, to enable better communication about events, cancellations etc.
Data may only be held where either the individual has given his/her consent, or where it is necessary to pursue the legitimate interests of the Choir. Most information meets the second criterion (e.g. name, address, contact details, singing voice), and the rest meets the former (e.g., Gift Aid declarations).
Data is only used in connection with choir activities, including maintaining membership and subscription records, tracking choir property loaned to or stored by members, distribution of information about performances, meetings and social events.
The data currently held consists of the following items:
- Name and address
- Phone number
- Email address
- Singing voice (e.g. alto)
- Rehearsal attendance record
- Roles (e.g. librarian)
- Choir property held or stored
- Subscription record
- Donations record
- Gift Aid registration
Where data is obtained from the member concerned, the member is responsible for notifying the choir (via any committee member) of any changes. All data will be kept accurate, as far as reasonably practicable, and will be updated promptly when changes are necessary.
Data is compiled on a secure computer, and shared with committee members via a password-protected login. Personal data will not be published electronically or otherwise. Where members have so agreed, selected data may be shared openly between all members.
If a member leaves the choir, or is deemed to have done so by virtue of non-payment of the annual subscription, their records will continue to be held by the choir for a period of five years, unless the former member specifically requests otherwise. Similar rules apply to the records of friends, staff, emeritus members and associates. Gift Aid registrations must be kept for 7 years after the last tax year to which they apply.
Committee members and others who have access to the membership data must not disclose that data to any person or organisation outside Baslow Choir, except with the permission of the individual(s) concerned, or where required by law to do so (e.g Charities Commission Trustees).
Data will only be used for the purposes of the Choir, and will not be used for direct marketing by any other organisation.
Any member may ask for a copy of the personal data held on them by the Choir, and will be provided a printed record of that data within a month of requesting it.
This is a summary of the full GDPR policy, which is also published on the Choir’s website.