General Data Protection Regulation Policy
Garforth Brass aims to ensure that all personal data collected about players and other individuals is collected, stored and processed in accordance with the General Data Protection Regulation (GDPR) and the expected provisions of the Data Protection Act 2018 (DPA 2018) as set out in the Data Protection Bill.
This policy applies to all personal data, regardless of whether it is in paper or electronic format, and explains what Personal Data Garforth Brass stores, how it uses that information and what rights members have.
The Garforth Brass GDPR Policy will be published on the Garforth Brass Website and all information will be deemed to cover both the Main Band and Training Band.
Personal Data – Definition and Use
Personal Data means data that is subject to GDPR, and includes information used for the purpose of allowing members of Garforth Brass to contact other members. A full list of Personal Data currently held by Garforth Brass is as follows:
- Name(s) of member
- Postal Address
- Telephone numbers (home, daytime and mobile)
- Email addresses
- Date of birth
- Subscription payments
- Gift Aid Declarations
- Instrument loan
- Consent to GDPR
- DBS status (where applicable)
- Medical information and allergy status
- Names, addresses and telephone numbers of emergency contacts
- Brass Band Players Ltd Registration Cards
Where Garforth Brass members are aged under 18 years old, Personal Data will be held (with consent) both for the member and, for safeguarding reasons, those of their parent or legal guardian.
All Personal Data shall be reviewed and updated where necessary at least every six months and any data no longer required shall be destroyed.
Garforth Brass stores and uses Personal Data (see section 2) solely for the purpose of legitimate use and administration of:
- Management of the band (contacts, subscriptions, newsletters, fundraising, Muzodo and the delivery of information from the committee)
- Organising events (contests, concerts, engagements, meetings and social gatherings)
Personal Data will not be shared with any other third parties.
Members are required to confirm agreement that Garforth Brass is authorised to:
- Store their Personal Data
- Maintain a soft/electronic copy of their Personal Data in a secure manner
Garforth Brass will collect Personal Data from new members on joining. All members will be asked to confirm agreement that their Personal Data can be stored at the time of joining.
Garforth Brass stores personal data in an electronic database which is password protected.
The committee has appointed Janet Lymath as its Data Protection Officer (DPO).
The Membership Database is only available to the Chairman, Treasurer, Secretary and Musical Director.
All paper copies of Personal Data will be kept securely (under lock and key) by the DPO.
Members’ financial data is not required for membership renewal.
Stored financial data is used solely for the purposes of reimbursing members for expenditure on behalf of Garforth Brass.
If a member resigns or leaves Garforth Brass for any reason their personal data will be kept for up to 6 months before being removed from the Membership Database, with the exception of their name and contact details which will be retained for archive purposes.
Should a member of the committee store Personal Data and subsequently leave the committee, they must ensure a copy of the data is provided to the Chairman and then destroy their copy.
Any person may request deletion of their Personal Data. The Chairman shall ensure that all requests are enacted upon within 14 days of receiving the request.
Members have the right, at any time, to see the information that Garforth Brass holds on them. A request should be made in writing to the Chairman. A member has the right to complain to the Information Commissioner’s Office (ICO) if they believe there is a problem with Garforth Brass’s handling of their data which cannot be resolved directly.
Details of the ICO can be found at https://ico.org.uk
Associated Consent Form
Consent forms associated with this policy can be found in appendix A.
This policy was last updated in July 2020.