1. Privacy and Data Protection Statement
The Richmond Society respects the privacy of the data that we use to support your membership and keep you informed about our activities and achievements. This statement explains how we store and process the data that we collect about you.
2. Data Controller
The Richmond Society is comprised of a UK Charitable Incorporated Organisation, registration number 1169079 (“NewRic”) and a UK Charity, registration number 285805 (“OldRic”). Over time, all the Richmond Society’s operations will take place under NewRic, with OldRic becoming dormant.
The Richmond Society’s website is www.richmondsociety.org.uk. The society may be contacted by emailing firstname.lastname@example.org, or by writing to the Hon Secretary, The Richmond Society, 5 Kelvin Court, Marlborough Road, Richmond TW10 6DJ.
A member of the society’s Executive Committee (trustee) acts as Data Protection Officer for The Richmond Society. The Data Protection Officer can be contacted by emailing email@example.com, or via the Society’s Hon Secretary.
3. The Data that we Store
The Richmond Society holds only data that is relevant to your membership of the society. Specifically this consists of:
(a) the contact details that you have provided, consisting of name, address, telephone number(s), and email address(es).
(b) your membership type (for example single, household, life), the date and amount of your last payment including any donations made over and above the applicable membership rate, whether you are currently signed up to GiftAid and the date you signed, the date you joined, and the expiration date of your membership (if applicable).
(c) Registers of volunteer contact information.
(d) Signed Gift Aid declarations.
(e) Signed standing order instructions, including bank details, if applicable.
4. How we Store the Data
(a) Electronic records
The master copy of our membership data is held in encrypted form on a password protected PC, operated by the Society’s Membership Secretary or by the Society’s Data Protection Officer. Encrypted archives are distributed to the Society’s Chairman, Hon Secretary and Treasurer for backup purposes. Other members of the Society’s committees may occasionally have access to parts of the data, strictly on a time-limited “need to know” basis. All systems on which data is stored are maintained at the most recent patch/update level.
The electronic data about your membership is normally retained by the Society for two years after your membership ends. This is to ensure that you may easily renew your membership in that period.
(b) Paper records
Some of our records, such as membership forms and Gift Aid authorities, are also retained in paper format and are held securely by the Treasurer and by the Membership Secretary.
We may need to keep this paper-based information for a period of up to seven years after the end of the financial year in which the transaction occurred so that we can respond to any enquiries from HMRC about our income or applications for Gift Aid.
5. How we process your data
(a) We use the data to fulfil our contract with you to provide the services that you could reasonably expect as a member of the society:
(i) to send you any notifications to meet our legal obligations to you.
(ii) to manage your membership and remind you when your membership subscription is due.
(iii) to send you a quarterly newsletter by your chosen channel (paper or an emailed link) four times a year.
(iv) to advise you of local events or issues that cannot be covered by the quarterly newsletter, for example because they have arisen suddenly or need urgent action.
(v) to communicate with our volunteers.
(vi) to record details of bookings for events that we organise.
(b) We use the data in our and your legitimate interests to maximise participation in the society’s activities and to enable you to make the most of your membership of the society:
(vii) to remind you of upcoming society events and other information such as local events related to our objectives and public consultations, normally around ten times a year.
You may opt out of these reminders at any time, either by using the link provided in the reminder emails, or by a separate request to us.
The Richmond Society acts as Data Processor as well as Data Controller for almost all functions. The only exceptions to this are set out under Third Party Data Controllers below.
6. We do not share your data
The Richmond Society does not share any of its membership data with any other individuals or organisations, other than to fulfil your specific instructions or to deliver the specific functions set out under Third Party Data Controllers below.
Examples of fulfilling your specific instructions include forwarding your standing order instructions to your bank, and sharing your GiftAid declarations to HMRC if they require us to.
When you contact us, we will keep your information confidential and only disclose it to those with an express need to know. We will not disclose it outside the Society’s committees unless such a disclosure is strictly relevant to the information that you have provided. We will not pass your contact details to any third party unless you request us to do so.
7. Website Cookies
We do not set any cookies for public usage of The Richmond Society’s website. Nor do we collect information about you through your use of The Richmond Society’s website. The only information we receive is that which you expressly send us, for example by emailing us or submitting a comment.
8. Third Party Data Controllers
We use third parties as Data Processors for event ticketing approximately three times a year and for distributing a Chairman’s Email approximately ten times a year. Where we use Data Processors we provide them with only the minimum information they need to act on our behalf to fulfil the specific function required.
(a) Event ticketing: For electronic ticketing of events, we use Brown Paper Tickets (incorporated in Seattle WA, USA), and redirect you to their website. We do not provide them with any information about you: the only information that they will hold about you will be that which you provide when you buy a ticket through them.
Brown Paper Tickets do not share or sell event organiser or ticket buyer data to any other party. When you buy a ticket through them, they will inform us so that you can attend our event. They will not send you any marketing materials unless you ask for them. Once our event is over, you can request to have your personal data removed from their systems. Unless you request otherwise, the only communications that you will receive from Brown Paper Tickets will be about the specific event for which you purchased tickets.
(b) Chairman’s emails: To remind you of upcoming Richmond Society events and other information such as local events related to our objectives and public consultations, we use MailChimp (incorporated in Atlanta GA, USA) to send you emails approximately ten times a year.
The only information that we provide to MailChimp is a list of email addresses. No other information is provided to them.
MailChimp uses single pixel gifs, also called web beacons, in emails that they send to you on our behalf. We use the data from these to confirm that these emails are relevant to you, our members. We only use this information at an aggregate level.
To unsubscribe from these emails, you will be directed to a MailChimp web page. This will set cookies that are used to compile reports in an anonymous form to help MailChimp improve their website. These cookies are not shared with other parties or used for advertising.
You can also unsubscribe from these emails by sending firstname.lastname@example.org an email with the subject line “Unsubscribe from Chairman’s emails”. To do that, please click here.
You can find MailChimp’s Privacy statement here:
In this, emails that we send using MailChimp to you, our members, come under
Section 3, Privacy for Contacts.
9. Your Rights
Under GDPR, you have the following rights:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
You can find out details of what these rights cover and how to exercise them here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights
If you have a complaint or a query, please raise it with us first by emailing our Hon Secretary, email@example.com.
If appropriate, you can contact the regulator, the Information Commissioner via their website https://ico.org.uk/for-the-public/.
10. Privacy and Data Protection Statement Version
This Privacy Statement is dated 21 May 2018. The Richmond Society reserves the right to update it from time to time. If we do make substantive changes we will inform you via the Richmond Society Quarterly Newsletter, email, or post.