May 2018
- Data Audit (GDPR
The Club currently holds data in a variety of forms and a full data audit has been undertaken to ascertain:
- what data is held
- where it is held
- the sources from which it is derived
- the uses to which it is put
- who has access to it
- what happens to it when it is no longer needed
- and is it necessary to hold it at all
The Club only collects Primary Data with respect to its members. That is data derived from its own personal contact with its members and not data bought or taken from outside sources. The only exception is the request for references for an applicant on joining.
Currently the data held by the Club are:
- The member database, containing personal data, means of communication, details of subscriptions, fees, details of motor vehicles and details of boats. Maintained by the Membership Secretary, with access by the Secretary, Treasurer and Mooring Committee Secretary. This data contains sensitive data only with respect to cadets and the names of members’ children.
- Accounting data, including club accounts, bank accounts, supplier lists, invoices and receipts, etc. Maintained by the Treasurer.
- Mooring and locker lists. Maintained by the Mooring Committee Secretary
- Child Protection Volunteer lists and Parent Consent Forms (the latter may contain sensitive information regarding children and young people) Maintained by John Burnell and Teresa Thorogood.
- Boat Owner lists. Derived from the Main Database and available for inspection by members at the Club.
- Launching and lift-out lists. Completed by members and available for inspection by members during periods of launching and lift-out.
- Waiting pontoon lists and dolphin booking lists. Completed by members to indicate availability of facilities.
- Lists compiled from time to time in connection with sailing activities and maintained by the Secretary of the Sailing Committee.
- Visitors book. On display in the Club to record the names and contact details of visitors to the Club.
- Video records derived from the CCTV cameras and temporarily held for the protection of the Club and its members.
- Data Protection Officer
An officer responsible for the implementation and adherence to the requirements of GDPR will be appointed. The most convenient arrangement is for the post of Data Protection Officer to be held by the Secretary. The DPO will be the contact for any member who has any concerns or requests connected with data retention by the Club.
- Collection of New Data
The collection of personal data will be:
- When a member joins the Club
- On annual renewal of membership
- At such times as members wish their records to be updated
- On joining and at membership renewal members are asked to affirm in writing that they agree to such data being used purely for Club purposes.
- A visitors’ book will be kept on display. It is sometimes necessary to refer back to visits (e.g. in case of property left behind and to check on number of visits made in the course of a year). A visitor may request that his name and address be kept out of public view on a separate piece of paper and stored securely.
- Applicants for membership will have their names and addresses displayed on the Club notice board for 2 weeks before acceptance for membership. Data supporting unsuccessful applications shall be destroyed as soon as the applicant has been informed of the Management Committee’s decision. However, in the case of refusal, note may be retained of names and reasons for refusal in case there is a subsequent re-application. It is Club policy to refrain from entering into disputes with unsuccessful candidates.
- Using Data
- Direct access to personal data will be restricted to Club Officers on a strictly need to know basis. Currently the Club database shall only be accessible to the Secretary, Membership Secretary, Treasurer and Mooring Committee Secretary. Limited access may be allowed to authorised external personnel where there is a legal requirement, e.g. Child Protection, cases of fraud, etc)
Hard copies of membership application forms will be retained throughout membership, and annual renewal forms will be retained during the year to which it applies. The reason is that these forms contain the member’s signed acceptance of Club rules, byelaws and confirmation that they have insurance on their boats.
- Boat ownership and mooring details will not be considered as personal data. It may be necessary for any Club member to have access to boat ownership details for safety reasons, but details shall be restricted to name and contact details only, so that an owner can be speedily contacted in an emergency. Boat ownership and mooring details are required by the Port Authority, whose data protection measures are beyond the Club’s control and they are therefore considered to be in the public domain. Hard copies of mooring lists will be used by the Mooring Committee Secretary and Mooring Master in the course of their day-to-day work.
- Macro data may be used for statistical purposes (eg membership report at the AGM) and published without the need for member’s permission.
- CCTV records may be used only for security purposes.
Storing Data
- Primary storage of data shall be on a secure server, inaccessible to all except authorised Club Officers and designated IT specialists under supervision. Members’ personal data is maintained under the principle of Legitimate Interest.
- The Club Secretary and Membership Secretary may keep current copies of the Member database for the day to day communication with members and administration of the Club. The Treasurer may also keep a current copy for accounting and budgetary purposes. The Mooring Committee Secretary may have access to the database to assist in allocating facilities.
(Alternative IT systems are being investigated to improve security, e.g. a secure server at the Club with remote access by authorised officers. This will mean that they no longer will have to store data on their personal computers. The server would then perform regular uploads to secure Cloud storage. It might also then be possible to allow other authorised members limited access to specified parts of the database for tasks like emailing details of sailing and social events. It has been suggested that Microsoft Exchange could solve many of our email problems) - The storage of personal data on portable media (eg Flash drives, CDs) must be protected by a secure password or Bitlocked
- CCTV records shall be stored securely and accessible only to authorised personnel. but may be made available to the police or other authorities in support of investigations or if requested for legal reasons.
- Data Retention Periods
- The retention of personal data for immediate use shall be restricted to the current membership year. However, the Club’s current accounting system is dependent on the member database and, since accounting records must be kept for a period of ten years, it is not currently practical to erase personal data completely.
- Ex-members’ full personal details will be removed 12 months after resignation. However, their names, membership start and end dates will be kept. This is to enable Club officers to assess ex-members who wish to rejoin
- In the event of the death of a member, his or her details will be completely removed. In the event of this being a joint membership, the surviving member’s details will be retained. There may be further implications when the rules on membership are revised. (Deceased persons are excluded from the provisions of GDPR, so the retention of archive material should not be affected. Also, on the death of a prominent member who has contributed to the heritage of the Club, the Club may decide that records of that member’s contribution be retained).
Following the death or resignation (as a member) of a Trustee his/her details should be retained. This is in view of the legal obligations of Trustees. - The Club reserves the right to hold Members’ personal data during their membership and use it purely for the operation of the Club. Members will be asked in writing to agree to this policy on joining the Club and at each subsequent renewal.
- Members may ask for certain details to be excluded from Club records and such requests shall be considered by authorised Officers.
- CCTV records will kept only as long as needed to deal with any possible incidents.
- Access to Data (Subject Access Requests)
- Members have the right of access to their own data held by the Club at any time.
- No outside organisation shall be allowed access to personal data for any reason, except when required for strictly legal purposes. Nor should personal data be used for purposes outside the normal administration of the Club. Members’ data may not be used for such purposes as marketing without the individual members’ permission.
- Individuals Rights
- Members may request changes to be made at any time to their records. Where such requests are reasonable, corrections shall be made immediately. Members may not have the right to remove any data necessary to the operation of the Club (eg membership fees)
- Members have the right to request that their names be removed from Club records immediately on resigning their membership.
- Members have the right to be excluded from certain types of communication (eg emails). Where this right is exercised, such members should stipulate the preferred method of communication.
- Members should inform the Membership Secretary of any changes to their membership details.
- Photography. No pictures of members or their families where names or personal details are attached may be published, exhibited or stored without the permission of the members concerned. When published, no detail other than the person’s name should accompany the picture (eg. It is not permissible to state the subject’s age or home locality)
Reference should also be made to the Club’s Safeguarding and Child Protection policy.
- Data Breaches
- The Club regards data breaches as disciplinary issues. Any officer or member who knowingly causes a breach of data confidentiality faces potential termination of membership.
- Any breaches noticed by members must be reported to the Data Protection Officer immediately.
- The Club will undertake to maintain full protective software security across its network. Any incidence concerning a breach of cyber security must be reported to the Data Protection Officer immediately.
SCHEDULE OF DATA HELD BY THE ORWELL YACHT CLUB | |||||||
Data | What data is held | Where is it held | Sources from which it is derived | The use to which it is put | Who has access | What happens when no longer needed | Is it necessary to hold it |
Master Membership Database | All member and boat data | With the Secretary and Membership Secretary | Application Forms and Renewal Forms | Required to operate the Club | Secretary, Membership Secretary, Treasurer, Mooring Committee Secretary | Most is expunged. Details of trustees are retained | Vital to operate the Club |
Accounting Data | Club accounts, bank statements, receipts, invoices, lists of suppliers | With the Treasurer | Normal accounting sources | Conducting the financial affairs of the Club | The Treasurer | Destroyed after statutory requirement | Vital to operate the Club. Statutory requirement |
Mooring and Locker Lists | Lists of boats and relevant moorings. List of locker and users | With the Mooring Committee Secretary | Membership database, physical moorings and lockers | Issuing moorings and lockers to members. To make annual return to ABP | Mooring Committee Secretary, Mooring Master | Destroyed | Vital to maintain moorings and lockers for members. |
Child Protection Volunteer lists and Parent Consent Forms | Lists of volunteers and their DBS records. Juniors details. Parent Consent Forms | With Child Safeguarding Officers | Direct from volunteers and parents | Safeguarding children and vulnerable individuals | As this is sensitive data, access is strictly controlled | Securely destroyed | Vital to protect children and vital individuals |
Boat Owner lists | Lists of boats and owners | Generally available in Clubhouse | Membership database | To contact members if their boats are at risk. | Total membership | Destroyed | Vital for safety of boats when afloat at Club moorings |
Launching and Lift Out lists | Lists of boats with schedules for launching and lift out | Generally available in Clubhouse | Members enter their own data | To schedule a programme for launching and lift out | Launching crews. Total membership | Destroyed | Important for organising launching and lift out |
Waiting pontoon lists and dolphin booking lists.
|
List of boats and owners | Generally available on Club noticeboard | Completed by members to indicate availability of facilities. | To book and manage spaces on waiting pontoons and dolphin | Total membership | Destroyed | Important to manage restricted facilities |
Lists compiled from time to time in connection with sailing activities | Sailors involved in sailing and racing activities, (may include Juniors) | With either Secretary of Sailing Committee or John Burnell | Maintained by the Secretary of the Sailing Committee and John Burnell | To administer the sailing and racing programme | Members of the Sailing Committee | Destroyed | Important to organise sailing and racing programme |
Lists compiled from time to time in connection with social events | Members buying tickets for events | With Social Secretary | Maintained by the Social Secretary | To administer social events | Members involved in arranging events | Destroyed | Important to organise social events |
Visitors book.
|
Visitors and guests to the Clun | On display in the Club | Completed by visitors | To record the names and contact details of visitors to the Club. | Total Membership | Maintained for at least a year | Desirable to be able to contact past visitors eg in case of left behind property |
CCTV | Video record of all users of exterior property | Recorder in Club office (locked) | Cameras at strategic points around Club property | Security | Selected members of Management Committee and Les Mason | Maintained for 3 months or longer if a security breach has occurred | Vital for site and property security |