Policy Statement on the EU. General Data Protection Regulations
1. Our commitment to your privacy
We are committed to keeping the personal details of our members, supporters and people who contact us for help or advice safe. This policy explains how and why we use your personal data, to ensure that you remain informed and in control of your information.
1.2 With the introduction of the new European General Data Protection Regulations, GDPR, implemented in May 2018, Somerset Badger Group (SBG), is defined as a “Data Controller” and nominated committee members are the “Data Processors”. We have appointed a committee member as a “Data Protection Officer” to ensure the group’s compliance.
1.3 This Data Protection Policy Statement, also on SBG’s Website*, sets out how we collect information, from whom and how we communicate with you and record and use your data. You can contact SBG’s Chairman or Data Protection Officer if you have any questions regarding your personal data or wish to alter any of our methods of communication with you.*
1.4 Where in our records, two or more members are named at the same address, this Data Protection Statement applies to each person separately.
1.5 Overall, we collect data from SBG Members, non-members and members of the General Public.
1.6 We will never sell your personal data. We will only share your personal data with organisations we work with where necessary and only when we have your permission. Some of your personal data may be shared with other members of SBG.
2. Data we collect and use
2.1. From Membership Forms to administer your SBG membership and send you relevant information:
• Full name, home address, email address, home and mobile telephone numbers and your requests for “Training” and possibly your relevant qualifications and past experience. All are questions we asked you for on your application form to join SBG, which in future will require your permission.
• We record Membership Subscription payment methods: Cash, Cheque or Standing Order (SO).
• Your Bank details are requested on your membership application form, only when you elect to pay SBG by Standing Order. The original form is passed to a Branch of your Bank to generate the SO. Two paper copies of the mandate are kept; one for SBG Treasurer and the second for the Membership Secretary and are held securely. All membership details will be destroyed when you cease to be a member of SBG.
• Please Note: SO Bank details are not recorded on any computer but we need to keep the “Annual payment SO’s” paper record, for 2 years to establish whether the second year’s payment has been actioned by your Bank.
• When joining SBG as a Family we have either the names of or the number of immediate family members. You should be aware that each named family member, has to be treated separately under the EU General Data Protection Regulations.
2.2. The information we collect via our website may include:
• Any personal details you knowingly provide via the “Badger Sightings, Setts or Persecutions” reporting forms or email; such as name, address, telephone number etc. This information is required so we know who the records are from and can keep in touch with you regarding your record or request for help. Please note we do not have access to any of your debit or credit card information.
• Although badger records are shared with Somerset Environmental Record Centre and others in order to help and protect badgers and their setts, all records are anonymised beforehand.
• A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
• We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
• Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
• You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
2.4 From the “Contact Us” facility via our website, direct emails or letters or via our 24/7
• If you have been directly involved as a responder to badger related problems or incidents that SBG reacts to, via the Helpline or other communication, we may need to pass your personal data to a third party e.g. Natural England, Police or Ecologists, in order to help resolve a problem or incident and especially when knowledge of your involvement is required.
• We may also need to pass your details onto a third party with the required expertise in order to help resolve your issue. Your consent will always be asked for before this information is passed to any third party.
3. Treatment of past records
3.1. Your personal data in any recorded format will be destroyed when you cease to be a member.
3.2. Chair’s annual reports, financial records, badger vaccination records and Incident logs relating to badger persecution and developments will all be retained for seven years. Sett records will not be destroyed.
3.3. All other information including email correspondence and postal correspondence, with the exception of those relating to issues mentioned at 3.1 and 3.2, will be destroyed after two years.
4. Your rights – under the GDPR are known as People’s Rights and consist of the following:
4.1. You may change your preferences on what information you wish to receive from SBG*
4.2. You can on request, obtain access or a copy of any personal information held by SBG*
4.3. On request, we will tell you how you can withdraw your consent for any of the items of personal data and information we hold on you by contacting the Chairman or the Data Protection Officer.*
4.4. Specifically the GDPR provides the following rights for individuals:
• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling. SBG does not use data either manually or automated to profile individuals.
5. Updating the policy
5.1. The SBG Committee with keep this policy under review to ensure that the group continues to comply with the latest legislation. Any revisions made to the policy will be notified to you and a copy of the revised policy made available.