Swindon IVC Information Security Policy
This Document sets out the guidelines that members of the Swindon IVC (SIVC) should follow in order for the SIVC to comply as fully as it is possible for the club to do, with the Data Protection Act.
The Data Protection Act 1998 sets out rules to make sure personal information is handled properly, and that individuals have the right to know what information is held about them.
These include the following guidelines from the Data Protection Act:
- The person collecting the information must explain how it will be used.
- Information collected for one purpose cannot be used for something else without consent.
- You may collect only the information needed to process an application and not collect additional information.
- Information must be accurate and up to date.
- Personal Data should not be kept for longer than necessary.
- Information is processed in accordance with your rights.
- Technical and organisational security measures must be applied against unauthorised disclosure, accidental loss or destruction.
- Information must not be transferred outside the European Economic Area (EEA) without consent.
Swindon IVC members should therefore comply with the following guidelines:
The On line Enquiry Form, the Application for Temporary Membership, the Membership Form and the Membership Renewal Form will all carry a statement as to the purpose of the personal data collected. If any members have any forms which do not carry this statement please do not use and destroy as soon as possible.
For any enquiries and any temporary members that do not become full members information will be kept for no longer than 12 months from the enquiry date or the end of the temporary membership whichever is the latter.
The details of members who have left the club will only be kept for a period of 18 months after their membership has ceased.
Membership lists will be sent out to all full members by email or post at least once a quarter. The Membership List must be treated as confidential by all Members and as such Membership Lists must not be forwarded or given to any non Members of the SIVC. This includes temporary members who will be given a full membership list by the Membership Secretary when the offer of full membership is taken up.
Membership Lists will only include Full Name and Address of member plus disclosed Telephone Numbers and e-mail address. If a member does not wish their telephone or email address to be included in the Membership List, they must inform the Membership Secretary that they do not wish information to be disclosed. Dates of birth are used for internal SIVC and AIVC purposes only and will not be included on the Membership List.
Members should not keep membership lists that are more than 12 Months old. Old Membership lists must not be placed in rubbish bins, but must be shredded before being disposed of.
Emails containing the Membership List will contain a Data Protection statement to remind Members not to forward the information.
Members must not send Membership Lists outside the EEC.
When putting events in the Monthly programme care must be taken by the Editor, not to state the full name of the events organiser and only state the first name and where necessary the first initial of the surname (eg John S.). Home addresses must not be stated in the programme. My House or Johns House should be substituted. Members can consult the Membership list or the event organiser for the address.