Swindon Film Society logo for the best in world cinema

Data Protection Policy

  1. General Statement of Swindon Film Society’s Duties and Scope In order to operate, Swindon Film Society, referred to below as ‘The Society’, needs to gather, store and use certain information about it members and will take all reasonable steps to do so in accordance with this Policy.
  2. Data Controller The Data Controller for Swindon Film Society is the Society’s Committee. The Data Controller will endeavour to ensure that all personal data is processed in compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) which comes into force on 25 May 2018.
  3. The Principles The Society will, so far as is reasonably practicable, comply with the GDPR Principles to ensure all data is:
    • Fairly and lawfully processed
    • Processed for a lawful purpose
    • Adequate, relevant and not excessive
    • Accurate and up to date
    • Not kept for longer than necessary
    • Processed in accordance with the data subject’s rights
    • Secure
    • Not transferred to other countries without adequate protection
  4. Personal Data Personal data covers both facts about an individual where that data identifies an individual, for example, a member’s name, postal address and email address.
  5. Processing of Personal Data The Society will only collect and process data with consent, where lawful and where it is necessary for the legitimate purposes of the group.
  6. Rights of Access to Information Members and ex-members have right of access to information about their personal data held by the Society. Any request for the following will be actioned within fourteen days of the request being made:
    • to see any data stored about them;
    • that any inaccurate data held on them is updated;
    • to stop receiving any communications from the Society;
    • to have their data deleted from the Society’s records.
  7. Accuracy The Society asks members to inform us of any changes to their personal data, e.g. change of address or email. Any individual will be able to update their data at any point by contacting the Data Controller.
  8. Data Security The Society will ensure that data held by us is kept secure. Electronically-held data will be held within a password-protected and secure environment and physically-held data (e.g. membership forms or email sign-up sheets) will be stored securely. Any physically held data will be securely destroyed if no longer required.
  9. Retention of Data Members’ personal data will by default remain on the Society’s records for three years after an individual’s membership lapses, before being removed and erased. This data will be retained for the purpose of informing previous members about the Society’s programme by email and post.

Download Document