BCS Privacy Notice

1. What is this guide for?

Whenever we need to collect any of your data, we will let you know at that point why we need to do so and what it will be used for, but this guide provides a useful overview of all of those situations and provides more detail on how we keep your data secure and up to date, how long we might hold it for, and what your rights are in relation to it.

Berkhamsted Choral Society (BCS) is committed to protecting your personal data and will use any personal or sensitive data we collect from you in line with the General Data Protection Regulations (GDPR). 

2. Who’s responsible for data the group collects?

BCS is a Data Controller under the GDPR. The BCS Data Protection Officer is the membership secretary who can be contacted at berkhamstedcssecretary@gmail.com.

3. What data do we collect and what do we use it for?

BCS collects data from choir members, employees and people who attend our events to help us plan, organise and run the day-to-day operations of the group (e.g. co-ordinating rehearsals or collecting subscription payments) and to promote and market the group’s activities (e.g. marketing mailing lists and photography/video capture).

3.1. Members: for administering membership

When you join BCS or during your membership with us, we may collect some of the following information on you:

Name
Email address
Phone number
Address
Voice part                    
Gift Aid Declarations

Bank details
Payment history
Photos/video footage
How you heard about the choir
Reason for leaving (if applicable and known)  

This data will be used by committee members to manage your membership with BCS and to organise and run our activities.

3.2. Event attendees: for processing and managing tickets for events

Where our events are ticketed, we need to collect data on the person booking (name and email) to allow access to the event and to send a confirmation of the reservation/purchase. This data will only be used for administering access to the event/s for which a booking has been made and will not be used to send marketing/promotional messages from the group unless consent has been given to receive these (see below).

3.3. Employees and contractors: for administration and legal/regulatory purposes

We may need (for administration or for legal/regulatory reasons) to collect personal or sensitive data on employees or contractors of the group. Where this is the case, we will explain what this is for at the point of collection.

3.4. Mailing list subscribers: for marketing and promotion

We offer people who attend our events the opportunity to sign up (consent) to receive information on how to join BCS and future events.

When an individual signs up to our marketing mailing list we will ask for a name and email address.

We will only send information that is related to the group (e.g. we will not use personal data to send out marketing messages from 3rd parties).

Anything we send you will include a clear option to withdraw your consent (e.g. to ‘opt out’ of future emails) and you can also do so at any time by contacting the Data Protection Officer – membership secretary.

4. Do we share your data with anyone else?

We will never pass your details on to third parties for marketing purposes.

We sometimes use third party services to process your data (e.g. Mailchimp). We will always make sure any third parties we use are reputable, secure, and process your data in accordance with your rights under GDPR.

5. Are there special measures for children’s data?

We do not knowingly collect or store any personal data about children under the age of 18.

6. How can you update your data?

You can contact us at any time at berkhamstedcssecretary@gmail.com to update or correct thedata we hold on you.

7. How long we will hold your data?

The BCS Data Retention Policy provides for a review of all data held on individuals at least every two years and for removal of data where we no longer have a legitimate reason to keep it.

Where you have withdrawn your consent for us to use your data for a particular purpose (e.g. unsubscribed from a mailing list) we may retain some of your data for up to two years in order to preserve a record of your consent having been withdrawn.

8. What rights do you have?

Under the GDPR, you have the following rights over your data and its use:

  • The right to be informed about what data we are collecting on you and how we will use it
  • The right of access – you can ask to see the data we hold on you
  • The right to rectification – you can ask that we update or correct your data
  • The right to object – you can ask that we stop using your data for a particular purpose
  • The right to erasure – you can ask us to delete the data we hold on you
  • The right to restrict processing – you can ask that we temporarily stop using your data while the reason for its use or its accuracy are investigated
  • Though unlikely to apply to the data we hold and process on you, you also have rights related to portability and automated decision making (including profiling)

All requests related to your rights should be made to the Data Protection Officer at berkhamstedcssecretary@gmail.com. We will respond within one month.

You can find out more about your rights on the Information Commission’s Office website

9. What will we do if anything changes?

If we make changes to our privacy statements or processes, we will post the changes here. Where the changes are significant, we may also choose to email individuals affected with the new details. Where required by law, will we ask for your consent to continue processing your data after these changes are made. 

BCS Policies