STAFFORD SINGERS GDPR PRIVACY NOTICE

Back to The Stafford Singers Home Page

Last updated 17 July 2018




Stafford Singers GDPR Privacy Notice

Personal Information Processes & Guidelines

Stafford Singers will hold a database of names, membership details and contact details to be used solely for the purposes of running Stafford Singers and communicating with members about the choir and its events:

1) The choir's database of personal data will contain names and other membership details of current members, and also of past members of the choir (these details will be deleted 2 years after the member leaves the choir). All members are asked to complete a form with contact details, and to give written consent for this personal information to be used for Stafford Singers administration and publicity only. This is irrespective of whether or not they use computers (or any other means of transmitting digital data, such as laptops, tablets or mobile phones, etc.).
2) If a member leaves the choir, the data will be deleted after 2 years, or at request.
3) The master copy of the database will be held and managed by the Data Controller, a member of the Committee who has been nominated by the Committee specifically to undertake GDPR tasks on behalf of the choir.
4) The master copy of the database will have a Version Control system (Version Number and Date).
5) Copies of the database will be provided to members of the Committee who have a legitimate need to communicate with members on the database about events or issues related to the choir. Copies of the database will not be made available to non-committee members in any form.
6) The Data Controller will keep a record of the committee members who have a copy of the database and will send an update as needed, and specifically whenever contact details are deleted or corrected.
7) Committee members who have a copy of the database must: a) check regularly that they have the latest version of the database (see Version Control in paragraph 4 above); b) delete or destroy their copy of the database when they leave the Committee.
8) Emails which use the database as a source of email addresses must list all the recipients in the Bcc: (blind copy) section of the email address, so that recipients do not see all the email addresses. The Hide facility should also be used. The primary email address in the To: field should be the originator of the message, who has full responsibility for the message. This has the useful effect that the originator then receives a return copy of the message, indicating that it has been sent to the Bcc list.
9) Letters and emails for which the database is used as a source of addresses should include the text "Sent on behalf of Stafford Singers. If you wish to be removed from the Stafford Singers contact list, please email the Data Controller" or similar.



Back to Top


Send all comments, updates and queries for The Stafford Singers GDPR Privacy Notice Page to John Wilcock


Version: 01 17 July 2018 updated by John Wilcock