WELWYN GARDEN CITY PHOTOGRAPHIC CLUB
Christ Church. Tewin Rd, Welwyn Garden City
Data Protection (Privacy) Policy
The General Data Protection Regulations (GDPR) came into effect on Friday on the 25th of May 2018, and they seek to protect the personal data held by an organisation and make sure it is managed securely.
Under the rules people have the right to see, change and delete their data, e.g. “the right to be forgotten”, where this does not conflict with other applicable laws.
This legislation applies to WGC Photographic Club and guidance on this has been issued by the EAF.
Anyone our club holds hold information on must be able to easily understand the type of data we collect on them and the purposes for which we collect it.
The club is required to have a written Data Protection Policy (aka Privacy Notice) and this will be published on the club’s website where everyone can access it. This document is that Policy.
Who we are
The Welwyn Garden City Photographic Club was established in 1937 as a non-profit making group of like-minded people who meet regularly to share a common interest in Photography. We are part of an affiliated group of clubs under the jurisdiction of the EAF (East Anglian Federation of Photo Clubs).
Our club is committed to maintaining the trust and confidence of the people we communicate with – these being either existing members of the club, past members, or potential future members.
Types of Data we collect
When you access our website certain technical information is collected (see addendum).
When you become a member of our club (or renew your club membership) you complete a simple website form giving your name, address, phone number and email address. This entitles you to membership for one season.
After your membership payment is processed, this information is manually stored in a private database consisting solely of our members. At some point thereafter we request that an identity photo is taken of you which is also stored in that database.
A condition of membership is that you give your consent for that information to be stored by us while you continue to be a member. This is made clear on the renewal form. We need this information be able to contact you – mostly by email, occasionally by phone but rarely if ever by post. We need your home address as additional proof of your identity and to contact someone in case of emergency.
Your email address is also placed on a contact list in our email account. We generally communicate to all our members and potential members using a global “Announce” address group which contains all the emails in the contact list.
No recipient of an Announce can see the email address of anyone else. They just see the word “Announce Mailing List” in the “To” field. Any recipient of an Announce cannot reply to the others who have received the same email because the mailing list contacts are suppressed.
During the course of your membership, you may upload digital photographic images that you have made via our website in order to enter competitions. In doing so you give us consent to use those images for the specific competition you have entered. These competitions are held in private with only members of the club present and any visitors we have invited.
Occasionally you may choose to enter digital images into external competitions. Your images are only sent to the people running the competition with just your name attached. You have consented to this by asking to enter the image in the competition.
Our website is our club’s window to the world and is accessible to the general public. There are no log-ins required. By special arrangement members may post information to the site.
When you upload a competition image you can also opt to have that image displayed on the website as part of a rolling showcase of member’s work. This would then be displayed should your image score highly in that competition.
Deletion of Data
Your information in the membership database is retained until the end of the season, and then for one month after the beginning of the following season. This is to allow time for you to renew your membership. If you do not renew before this time, then all your data in the membership database is deleted including your photo id.
If you cease to be a paid member, your email address will continue to be in the email contact list, so you will continue to receive Announce emails. This is so that you can keep up with what the club is doing and hopefully encourage you to re-apply for membership in the future.
Each “Announce” sent from our email account contains an “Unsubscribe” option. If you reply to this then your address will be removed from the contact list and you will receive no further global emails. In fact, any person receiving an “Announce” has the option to “Unsubscribe”.
Any digital image you uploaded to the club for competition purposes will be retained by the club unless you specifically ask for the images to be deleted. They are not deleted if you leave the club or after a set period of time.
If you wish for all your data to be deleted please contact the data controller (see Access to your personal information)
Sharing of Data
We do not share any of your personal information with other organisations, or other photographic clubs. Only if you elect to enter an external competition will your image and your name be sent outside the club to that organisation.
If required by law to share your information we are obliged to comply.
Keeping you data secure
All your personal information can only be accessed by Committee members of the WGC Photo Club. The Committee members are formally elected at an AGM held each year.
Each year when the Committee members change, the IT secretary changes who has access to the personal information.
All committee members have access to the membership information and the email contact list.
Only the IT secretary and their deputy have log-in access to the website, and only they and the competition secretaries have access to the uploaded competition images. Only the IT secretary, their deputy and the external competitions secretary have access to other stored copies of the uploaded competition images.
Some committee members have access to the club laptop where the competition images are also stored.
Only the Membership Secretary has access to the locally maintained copy of the membership database.
All information is password protected . Access to the master copy of the membership information can only be granted by the IT Secretary.
The website login is for administration and maintenance purposes only, and the site contains no significant personal information and is also password protected.
These passwords are changed each year after the AGM or earlier if necessary.
The Membership Secretary’s personal computer is password protected.
Access to your personal information
You are entitled to request a copy of the personal information that we hold, and ask for it to be amended or deleted.
Email your request to our data protection officer (Data Controller):
We will endeavor to respond to you within one calendar month.
This Policy was formulated in time for the 25th May 2018 introduction of GDPR. It will be reviewed after one year of operation unless issues arise which require it to be amended sooner.
Where to find this policy:
Addendum: Generic User Access to the Club Website
User anonymity and personal information
Log files are maintained and analysed of all requests made on the web servers supporting our website. These log files do not capture personal information but do capture the user’s IP address, which is automatically recognised by our web servers.
Aggregated analysis of these log files is used to monitor website usage. This analysis allows us to measure, for example, the overall popularity of the site and typical user paths through the site.
Except as stated already, our club will make no attempt to identify individual users. You should be aware, however, that access to web pages will generally create log entries in the systems of your own ISP or network service provider. These entities may be in a position to identify the client computer equipment used to access a page. Such monitoring would be done by the provider of your network services and is beyond the responsibility or control of our club.
The club will make no attempt to track or identify individual users, except where there is a reasonable suspicion that unauthorised access to systems is being attempted. In the case of all users, we reserve the right to attempt to identify and track any individual who is reasonably suspected of trying to gain unauthorised access to computer systems or resources operating as part of our web services.
As a condition of use of this site, all users automatically give permission for the club to use its access logs to attempt to track users who are reasonably suspected of gaining or attempting to gain unauthorised access.
All log file information collected by the club is kept secure and no access to raw log files is given to any third party.
This website does not store any information that would, on its own, allow us to identify individual users of this service without their permission. Any cookies that may be used by this website are used either solely on a short basis or to maintain user preferences. Cookies are not shared with any third parties.