General Data Protection Regulations
The European General Data Protection Regulation (GDPR) is Europe's new framework for data protection laws – it replaces the previous 1995 data protection directive, which current UK law is based upon. To ensure the laws overseeing our personal data are fit for purpose, European regulators have created a series of new rules. The result is the mutually agreed GDPR, which will come into force on May 25, 2018. It will change how businesses, public sector organisations, clubs and societies can handle the information of their customers/members.
The RNEBS cares about your privacy. For this reason, we collect and use personal data only as it might be needed for us to deliver to you the defined benefits and publications (collectively, our “Services”).
Your personal data includes information such as:
Date of birth
Other data collected that could directly or indirectly identify you.
If at any time you have questions about our practices or any of your rights described below, you may contact the Data Protection Officer (DPO) and our dedicated team that supports this office by contacting via the Contact page on the RNEBS website.
By completing a membership application you are deemed to have given your consent for the Society to hold and use your personal data to deliver our Services to you and your nominee. You have the right to ask us what data we hold about you, to amend this data or to have it deleted from our records.
What information do we collect.
We only collect information that you actually give to us when;
You become a Society Member
Change contact details
Change your nominee
We minimise the data we collect and limit its use and purpose to only that;
for which we have been given permission
as necessary to deliver our Services to you
as we might be required or permitted for legal compliance or other lawful purposes. These uses include data that is aggregated or statistical data about how our Services are delivered to Society members. This aggregated or statistical data is derived from personal data we have available but does not form personal data.
Sharing with trusted third parties.
We do not share or make available your personal data with any other third parties. The only exception is the provision of a mailing list to the printers who produce and distribute the Society publications.
Communicating with you.
We may contact you regarding the Services that we deliver to you. This will generally be via the RNEBS website of the Society publications such as the Bulletin.
We will not contact you with offers for additional services we think you’ll find valuable or where allowed based upon legitimate interests.
You do not need to provide consent as a condition to receive our services. These contacts may include:
Text (SMS) messages
We do not operate a subscription preference service but you can contact the DPO via the Contact page with respect to receiving communications from the Society.
Transfer of personal data abroad.
The Society only operates from the United Kingdom and as such does not transfer your personal data abroad.
Compliance with legal, regulatory and law enforcement requests.
The Society will cooperate with government and law enforcement officials to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal processes to protect Society assets and members rights, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical.
To the extent we are legally permitted to do so, we will take reasonable steps to notify you in the event that we are required to provide your personal information to third parties as part of any legal processes.
The RNEBS is responsible for the processing of personal data it receives. The Society may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
How you can access, update or delete your data.
You can inform the General Manager of changes to your contact details or nominee in the usual manner, by letter, by email or via the website.
You can access your data by contacting the DPO via the Contact page and requesting a copy of the data we hold about you.
If you contact the DPO to make a request to delete your personal data and that data is necessary for our Services to be delivered to you or your nominee, then the request will be honoured. However, this will mean that the RNEBS will no longer provide you or your nominees with any Services and you will cease to become a member of the Society.
How we secure, store and retain your data.
The RNEBS follows generally accepted standards to store and protect the personal data we collect, both during transmission and once received and stored, including utilisation of encryption where appropriate.
We retain personal data only for as long as necessary to provide the Services you have requested and thereafter for a variety of legitimate legal or business purposes. These might include retention periods that are;
mandated by law, contract or similar obligations applicable to our business operations
for preserving, resolving, defending or enforcing our legal/contractual rights
needed to maintain adequate and accurate business and financial records
If you have any questions about the security or retention of your personal data, you can contact the DPO via the Contact page.
Our Services are available to those over the age of 18. Our Services are not targeted to, intended to be consumed by or designed to entice individuals under the age of 18. If you know of or have reason to believe anyone under the age of 18 has provided us with any personal data, please contact us via the Contact page.