Cardiff Camera Club Data Protection Policy

Cardiff Camera Club takes it data protection responsibilities seriously partly because we value and respect the personal information entrusted to us, and partly to minimise the risk of identity theft.

Although the Club is exempt from registering with the Information Commissioners Data Protection Office we understand and respect members’ privacy concerns, and the need for all personal data to be securely kept so that it does not fall into the wrong hands.

The Club has therefore adopted the following policy.

  1. We will only ask for, and record, the minimum amount of personal information necessary for us to manage the club, now and in the future. This information may be stored as hard copy or electronically on the club computer – or both.
  2. We will delete it when requested to do so, or when we no longer need it.
  3. The personal data we hold will normally be confined to the following: full name, physical address, email address, contact phone number(s), when membership fees are paid, and relevant photographic qualifications and distinctions gained. This information will be securely kept in a member’s register.
  4. Where necessary we may also ask for, and retain, contact details for use in a medical emergency.
  5. In addition we will explain that it is necessary for us to keep historical records of images entered into past competitions, and that whenever permission is given for us to put an image on the club’s website we will attribute it to the named owner in order to minimise copyright theft. If you do not wish to be identified as the author it is your responsibility to say so.
  6. Whenever possible we will ensure that emails sent out en block to committee and/or club members will be sent under blind cover. However since we cannot be sure that this facility is available to every person who sends out multiple emails en bloc there maybe occasions when email addresses are revealed to the wider membership. If you do not wish this to happen you must indicate this on your application form.
  7. Members will be informed that our website is also intended to inform members of significant events occurring within in the club, and that we use it convey success (and other club information) in both internal and external competitions. This necessarily means that individual club members may be named unless they request we do not do so.
  8. We also stress the importance of members maintaining password integrity by not sharing any club website passwords that may be issued to them with anyone else.
  9. We will endeavour to ensure that members’ personal details and the members’ register are only retained on computer in encrypted or password protected files. Subject to these safeguards such information may be shared with specific committee members on a ‘need to know’ basis.
  10. We will also explain that whilst we do not harvest any personal information from the website third parties such as Amazon, Google and providers of Apps linked to our site may do so. These are normally referred to as cookies.
  11. We will always consider and address privacy risks when we are planning to use personal information we hold in new ways, such as when introducing new systems.
  12. We will be open with members about how we use their information and who we share it with.
  13. We will make it easy for individuals to access, correct any personal information, and make it easy for you to withdraw permission for it to be held, or used as described above – just tell us!
  14. We will make it a condition of membership (including renewal) that members be bound by:
    • the club’s Constitution,
    • its policy, procedures and rules including in particular its data protection policy.
  15. We will regularly review our practice and compliance with this policy