STAFFORD SINGERS GDPR PRIVACY NOTICE
Last updated 17 July 2018
Stafford Singers GDPR Privacy Notice
Personal Information Processes & Guidelines
Stafford Singers will hold a database of names, membership details and contact details to be used
solely for the purposes of running Stafford Singers and communicating with members about the
choir and its events:
1) The choir's database of personal data will contain names and other membership details of current members,
and also of past members of the choir (these details will be deleted 2 years after the member leaves the choir).
All members are asked to complete a form with contact details, and to give written consent for this personal information
to be used for Stafford Singers administration and publicity only. This is irrespective of whether or not they use
computers (or any other means of transmitting digital data, such as laptops, tablets or mobile phones, etc.).
2) If a member leaves the choir, the data will be deleted after 2 years, or at request.
3) The master copy of the database will be held and managed by the Data Controller, a member of the Committee
who has been nominated by the Committee specifically to undertake GDPR tasks on behalf of the choir.
4) The master copy of the database will have a Version Control system (Version Number and Date).
5) Copies of the database will be provided to members of the Committee who have a legitimate need to communicate with
members on the database about events or issues related to the choir. Copies of the database will not be made available to
non-committee members in any form.
6) The Data Controller will keep a record of the committee members who have a copy of the database and will send an
update as needed, and specifically whenever contact details are deleted or corrected.
7) Committee members who have a copy of the database must: a) check regularly that they have the latest version of the
database (see Version Control in paragraph 4 above); b) delete or destroy their copy of the database when they leave the
8) Emails which use the database as a source of email addresses must list all the recipients in the Bcc: (blind copy)
section of the email address, so that recipients do not see all the email addresses. The Hide facility should also be used.
The primary email address in the To: field should be the originator of the message, who has full responsibility for the
message. This has the useful effect that the originator then receives a return copy of the message, indicating that it has
been sent to the Bcc list.
9) Letters and emails for which the database is used as a source of addresses should include the text "Sent on behalf
of Stafford Singers. If you wish to be removed from the Stafford Singers contact list, please email the Data Controller"
Send all comments, updates and queries for
The Stafford Singers GDPR Privacy Notice Page to John
17 July 2018 updated by John Wilcock