Index to the Document
- Background Information
- Who is Responsible for the Data Security
- What is required to comply with General Data Protection Regulations
- How we collect the information we hold
- What information do we hold about you
- What we do with personal information
- How we ensure the accuracy of the information
- How we ensure the security and privacy of the data
- Who do we share information with?
- What if you would like us not to contact you in the future?
- What if you would like your details removed from our records?
- Further Enquiries
The Réunion des Gastronomes holds personal data for, and communicates with, active and retired members of the Society.
The database is held by the General Secretary who is responsible for its accuracy, maintenance and communicating with members. Personal data is also processed by the Honorary Treasurer for the recovery of subscriptions and payments for events, and by members of the Committee for the purposes of communicating with members only.
Who is Responsible for the Data Security
The General Secretary of the Réunion des Gastronomes is designated as the organisation’s ‘Data Controller’. The Data Controller is responsible for ensuring the Réunion des Gastronomes and its data processors comply with the provisions of GDPR. The President of the Réunion des Gastronomes is designated as the Data Protection Officer.
What is required to comply with GDPR
Article 5 of GDPR requires that personal data shall be:
- a) processed lawfully, fairly and in a transparent manner in relation to individuals;
- b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research or statistical purposes shall not be considered to be incompatible with the initial purposes;
- c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
- f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Article 5(2) requires that:
A Data Controller shall be responsible for, and be able to demonstrate, compliance with the principles.
How we collect the information we hold
The Réunion des Gastronomes collects personal information from you through your membership forms and through any subsequent amendments you may wish to make by e-mail or post.
We also collect information automatically each time you visit the Réunion des Gastronomes website and/or make a booking for an event. This information, which records what parts of the website you visited, is only used as aggregate information, not as identifiable individual information. Information used for booking an event will be held for that purpose.
What information do we hold about you?
We hold basic contact details, title, name, initials, postal and email addresses and landline and mobile telephone numbers and place of employment. None of the data we hold would be classified as ‘Sensitive Personal Data’ as this generally relates to bank & medical details.
We also use the aggregate information about visitors’ site usage patterns to enable us to see how popular different parts of the website are with our visitors, helping us decide how best to further develop the website.
What we do with personal information
We use the personal information that you give us to keep a record of membership, attendance at events and to be able to contact individual members. The postal address is required so that we can send you hard copies of information when necessary. We will also use this data to contact you from time to time via email, telephone or postal mail to inform you of events and other items deemed to be of interest to members.
How we ensure the accuracy of the information
To ensure the accuracy of the information we hold we will from time to time request individual members to update the information we hold on them and confirm it is accurate. We also request and rely upon members to inform the General Secretary of any changes to their personal details by writing, emailing or telephoning the General Secretary.
Who do we share information with?
The Réunion des Gastronomes shares what information it holds about identifiable individual members with those who have a legitimate reason to have access to the data including Committee members. The Réunion des Gastronomes will not share any information we store about you with any other individuals or members without the express consent of the individual.
Upon joining the Réunion des Gastronomes, members agree that their personal details are included in the ‘Blue Book’ published in hard copy, and on the Members Area of the website unless specifically requested not to by the individual.
From time to time the Réunion des Gastronomes may engage external ‘Data Processors’ to carry out such work as printing and distributing hard copy information and to carry out necessary data cleansing to ensure the accuracy to the data.
The Réunion des Gastronomes has written agreements with any external ‘Data Processor’ given access to the information we hold, that requires them to comply with the DGPR and abide with the principles laid out in this document.
How we ensure the security and privacy of the data
The data is stored on a server and access to that part of the system where data is physically stored is via a User ID and Password login process. The number of personnel who have been issued with a User ID and Password is strictly limited to people who would have a valid requirement to process personal data.
The data file is encrypted and can only be opened and read by the input of a secure password. The number of personnel who have been issued with the password is strictly limited to people who would have a legitimate requirement to process personal data.
What if you would like us not to contact you in the future?
You can write, email or call us at the address below to request us not to contact you again in the future.
What if you would like your details removed from our records?
Once again, write, email or call us at the address below and we will, at your request, delete your details from our records.
Deceased Members’ Information
The Réunion des Gastronomes does retain limited person data of deceased members including name and date of death for historical purposes unless specifically requested otherwise.
If you have any further enquiries you can contact the General Secretary, who is the Data Controller, at:
Réunion des Gastronomes, 37 Barons Court Road, London W14 9DZ
Telephone: 020 7385 8857
For more information about General Data Protection Regulations and your rights visit the following site www.informationcommissioner.gov.uk