We care about the privacy of the people who become Beatrix Potter Society Members or who visit our website www.beatrixpottersociety.org.uk, attend our conferences or meetings, subscribe to our e-newsletter, and view our Social Media sites. We are committed to maintaining the trust and confidence of our Members and visitors. Below you will find details about how we treat personal data.
We collect personal data directly from you when you sign up for membership or request a service. We limit our use of your information to that which allows us to find you as a named individual in order to provide the benefits of membership or the services that you have requested. Whenever we collect personal data from you, or through our website, we will make it clear that we are doing so and will explain how it will be used. This policy applies to any personal data that we collect. When you provide us with your data, you have given your consent for its use.
Newsletter Sign Up
We collect personal data (in in the form of your email address) when you subscribe to our e-newsletter, Pottering About. We use that data to provide you with news, to give you detailed information about events we, or others, may be organising in support of the activities of the Society, or to seek feedback on the services we are providing. We do not rent, sell or trade our subscriber email lists with other organisations and businesses. We do however use a third-party provider, Constant Contact, to deliver Pottering About to our worldwide members and contacts. We also gather statistics on email open rates and clicks using industry-standard technologies to help us check and improve our e-newsletter and social media sites.
Sharing of Personal Data
Your personal data will only be shared with Members and staff who need to see it in order to perform their functions/roles/responsibilities. This is in respect of the services you have requested (e.g. processing of your membership application) or the activities they are organising for you to take part in (e.g. meetings and conferences). The Society may also assess your attendance at these events or note your purchases from our online shopping pages in order to be able to improve our sales service to you. Where thought necessary by the Society, for instance in order to process a purchase order for our merchandise, your personal information may also be shared with other people and organisations outside the Society to the extent permitted or required by law. (E.g. to enable us to action the fulfilment of your purchase order through the services of a delivery agent like the Royal Mail, or a despatch agency like Task Fulfilment Ltd. At all times we seek the necessary assurances from these third-party agencies that their management of your personal data meets the necessary legal obligations of the GDPR.
Keeping Your Personal Information Safe
The Society take steps to protect the security of your personal information in accordance with our legal obligations in line with the General Data Protection Regulation (GDPR). However, we cannot guarantee the security of any transmission of personal information over the Internet. Communication sent over the Internet, such as emails, are not secure, although their security may be increased if they have been encrypted. Therefore, please do not submit personal information to us online unless you accept the security risks in so doing. Please also be aware that:
Recipients of your personal information may be located in countries or territories outside the European economic area which may not have data protection laws equivalent to those in the UK.
Online payments by credit or debit cards for some services provided by the Society (e.g. membership or merchandise purchase) are processed under contract using specialist third-party service providers. When a payment is processed by a service provider acting on our behalf, card details are collected over a secure line and protected by industry standard software which encrypts your information. Our service provider will use the information you provide to process your payment or to refund any monies due to you. Please refer to their terms and conditions for the relevant service for the details. Payments processed on behalf of the Society are managed in line with the Payment Card Industry Data Security Standard.
Retaining Your Personal Information
The Society, or its approved third-party agencies, will keep your details on record until we have completely dealt with your request, enquiry, or purchase and then for a reasonable period afterwards, in accordance with the GDPR and other applicable legislation. The Society may keep your details on record for as long as is necessary for the purposes for which it may use your personal information, as set out above. If the Society decides that holding your details is no longer necessary, we will securely delete/destroy your details.
Your rights in relation to your personal information
You are entitled to request:
copies of, and/or access to your personal information.
That your personal information be corrected where inaccurate or incomplete that your personal data be deleted (or that we stop using your personal data) where it is no longer necessary that we stop sending you communications (e.g. Pottering About)
In some cases, these rights are subject to certain conditions and limitations. If you would like more details about these rights, or to exercise any of your rights, please contact our Data Protection Officer at: Ivy House, One Hopkirk Close, Danbury, Chelmsford, Essex CM3 4PP Email: firstname.lastname@example.org
To help us find the personal information you are referring to, please include any details that will enable us to locate the relevant personal data.
To be sure that your personal information is not disclosed to an imposter, we may need you to provide us with proof of identity before any action is taken or personal information disclosed.
This document was approved by the Society’s committee on 18 May 2018.