Clutha Archaeology Group Data Protection Policy
General Data Protection Regulations: Clutha Archaeology Group (C.A.G.)
1. Data Controller
The Data Controller is Clutha Archaeology Group (C.A.G.) Only the Secretary has been identified as handling data for the Data Controller. They are not Data Processors.
2. Data Collected
Data is collected from the Members at the point of their joining C.A.G. and Members will be asked to update this annually. Data collected will be the following:-
– Name
– Full postal address, including post code
– E- mail address
– Telephone number
3. Data Conditions
The data listed above are collected to enable C.A.G. to communicate with its members, generally by email, informing them of forthcoming events and activities, or other items of archaeological / historical / heritage interest. No data is passed to third parties.
4. Data Security
Data is held on a spreadsheet on a password-protected lap top in the possession of the Secretary. Paper data is not stored: membership joining forms or update of details forms will be deleted or shredded once the data has been transferred to the spread sheet. Electronic data is only held for as long as necessary, defined generally as being for the current membership year, and for one year after the last C.A.G. membership renewal was due. From time to time members ask for contact details of other members: these are referred to the member concerned and no details released without their permission. In the unlikely event of a data breach which might compromise any individual, this would be reported to the Management Committee and to the Information Commissioner’s Office (within 72 hours of the discovery of the data breach).
5. Right to be Informed / Right to be Forgotten
Subjects may at any time ask by phone, letter or email, to access their data, ask for it to be corrected, and/or for it to be removed from our files. We will comply within 30 days of such requests. If the request is for removal, the Group will firstly advise the member that, as a result of such action, they will no longer receive any communication from the Group and ask for confirmation of their request.
This statement and policy will be checked annually by the C.A.G. Management Committee to ensure it is, and remains, current.