Privacy Policy
Britannia Association Privacy Policy
- The Britannia Association holds personal data provided by members via membership applications when there is a justifiable need to do so and removes data when no longer required.
- The Britannia Association has robust security systems to protect data and information and will promptly inform anyone affected should any breach occur.
- The Britannia Association does not sell any membership information lists.
- The Britannia Association will not circulate personal information to any third parties without prior consent.
- The Britannia Association does not share data with outside agencies including other RN organisations, service charities or commercial organisations.
The data we hold
We currently hold data which is pertinent to the GDPR in three main areas:
Member data
- The Britannia Association holds details such as your name, address, contact number and email address, to maintain contact and ensure that you receive member services, including the annual Britannia Bulletin and electronic newsletters. We also hold service specific data regarding members training time at Britannia Royal Naval College, specialisation and military rank, type and duration of individual membership.
- If you elected to pay your subscription via Direct Debit we also hold your bank details.
- Members joining using the online Britannia Association payment provider please refer to their privacy policy.
- Any data you send over the internet is done so at your own risk – the internet is generally not completely secure, and we cannot guarantee the security of your data while it is in transit.
- Membership records are held in a secure ‘remote’ membership database, one which can only be accessed by authorised staff.
- Paper files are maintained in secure stowage.
- If your membership subscription lapses, we will hold your details for a year, in case you wish to rejoin and retain your old membership number.
Transactional data
- Details of any payments you make to the Britannia Association are held electronically and, in some cases, as hard copy.
- This includes records of membership fees paid and merchandise sales.
- Records of sales transactions are held for one year, in case we have to answer queries or offer refunds.
- All credit card details are immediately removed following any transaction.
Employee information
- We hold details and working records for our members of staff.
- This is accessible only to the Britannia Association Director and Trustees on request.
- Britannia Association staff and Trustees adhere to codes of conduct relating to the fact that all correspondence and address details held remain confidential, and all emails issued should contain a standard confidentiality notice.
Privacy
All members, by completing their application have effectively agreed to the use, exclusively by the Britannia Association, of their name, postal, email addresses and telephone number, to ensure they receive updates and news, including the annual Britannia Bulletin.
We fulfil the terms of the GDPR in having a lawful basis for processing this data which is held on our database for the duration of memberships.
In the case of lapsed membership, the data is held for a further a year to allow lapsed members to easily rejoin maintaining their original membership number.
Deceased members’ records are removed on notification.
You will see new privacy notices on any form requiring member input. These confirm that ‘personal data submitted may be stored electronically but will only be used in relation to the application to which it relates. Statutory obligations excepting, personal data will not be passed on to third parties without permission.’
Individuals rights
The GDPR includes the following rights for individuals:
- the right to be informed
- the right of access
- the right of rectification
- the right to erasure
- the right to restrict processing
- the right to data portability
- the right to object
- the right not to be subject to automated decision-making, including profiling.
We do not operate any data-profiling processes.
Upon request we’ll provide a member with the data that we hold on them – if requested, in electronic format. Individuals will have the right to have their personal data deleted where they believe it is being held without practical or lawful basis.
The Britannia Association has a nominated Data Protection Officer.
The Britannia Association Director will make any final decisions about the deletion or release of information.
We also acknowledge that individuals have a right to seek access to their information held on Britannia Association database.
Members accessible data lists are available through the secure, online login area.
We will comply with any such request within the new, statutory one-month period. However, we can refuse or charge for requests that are manifestly unfounded or excessive.
Breaches of data
Britannia Association systems, using remote off-site servers separated from direct member access, already fulfill the GDPR’s recommended ‘privacy by design’ approach. Should we become aware of any personal data breach, we will notify any member as rapidly and as feasibly possible.
The Britannia Association is well founded enjoying an established office within Britannia Royal Naval College. The Britannia Association is independent of both Britannia Royal Naval College and the Ministry of Defence. It answers to its Trustees under charity law and continues to grow from strength to strength meeting its charitable aims and objectives.
The Britannia Association is a registered Charity No. 1158111