Colonel Valentine Walton’s Regiment of Foote
(Referred to in this statement as ‘the Regiment’)
Privacy Statement
This statement sets out the ways in which the Regiment complies with the provisions of the Data Protection Act 2018.
Background
The Regiment exists to promote an interest and extend the knowledge of Britain during the Civil Wars that took place in the seventeenth century.
Identity of the Data Controller
The data controller is the Regiment which does not have a physical office. It can be contacted by email valentine.waltons@gmail.com
Purpose of, and legal basis for storing and processing information
The Regiment stores and processes individuals’ personal information on the basis of Legitimate Interest.
The information is processed in order to:
- Enable the Regiment to maintain an up to date membership list.
- Ensure that the Roundhead Association is aware, mainly for insurance purposes, of all members in good standing with the Regiment.
Legitimate Interests
The Regiment stores and processes personal information on the basis of legitimate interest. In addition, it provides members’ details to the Roundhead Association in order that all members attending events will be covered by the relevant insurance policies.
Categories of personal data being stored and processed
The only personal data being stored and processed by the Regiment are each member’s:
- names
- number of children and their ages (but not their names)
- postal address
- telephone numbers
- email address
Recipients of personal data
The Regiment does not share personal information with any outside organisation other than the Roundhead Association as explained above.
Within the Society, access to members’ information is restricted to the membership secretary, the commanding officer and the secretary.
Retention period
Members’ information within the membership database will be kept for no more than 18 months after a member’s membership has lapsed. Information necessary for financial record-keeping will be kept for 7 (seven) years.
Members’ rights
Members of the Association have a number of rights under GDPR. They may:
- Ask to see all information about them held by the Regiment. On receipt of such a request, and having verified the identity of the person making the request, the Regiment will provide that individual with the requested information without charge
- Ask the Regiment to correct any errors in their own record of which they become aware. On receipt of such a request, and having verified the identity of the person making the request, the Regiment will correct the information at the earliest opportunity
- Ask the Regiment to delete information about them held by the Society. On receipt of such a request, the Society shall seek to verify the identity of the person making the request and, once their identity is confirmed, delete the relevant information although it reserves the right to retain information required for specific purposes such as financial record-keeping
- Ask the Society to restrict its processing of their information. In the case of the Regiment this is most likely to be a request to stop sending information or the magazine. On receipt of such a request, the Society shall seek to verify the identity of the person making the request and, once their identity is confirmed, apply the requested restriction
- Complain to the Information Commissioner’s Office (ICO) if a member feels that the Society is failing to comply with the GDPR. The Society would ask that any such complaint be addressed to the Society itself in the first instance but members have the right to complain directly to the ICO. At the time of writing this notice, information on how to complain could be found here: https://ico.org.uk/concerns/
Conclusion For further information about this statement or any other aspect of the Society’s compliance with GDPR, please send an email to valentine.waltons@gmail.com
