fbpx

Privacy notice for the conference website for Rotary International District 1090

The district conference is organised by members of Rotary in District 1090 and it is therefore covered by the privacy notice as used for the district website www.rotary1090.org

District 1090 (“we”/”us”/”district”) promise to respect the confidentiality of any personal data you share with us, or that we have access to through the Data Management System (DMS), the RIBI Template System, Rotary International in Great Britain & Ireland (RIBI) (including The Rotary Foundation of the United Kingdom [RFUK]), or Rotary International (RI) (including The Rotary Foundation [TRF]), to keep it safe, and we will always take every effort to protect your privacy.

We pride ourselves on our honesty and openness and will always be clear how, when and why we collect and process your information; we promise we will never do anything with your details that you wouldn’t reasonably expect.

The statement below is specifically for the conference website since the nature of data collected is more restricted.

Members of the conference organising team may process personal data for the purposes of the conference. They will be bound by this notice.

We collect information in the following ways:

When you give it to us DIRECTLY

When you complete the form to register as a delegate to attend the conference, you will give us data about yourself and about others for whom you are also registering. When you submit an enquiry about attending the conference as an exhibitor you will give us data about yourself and colleagues.

We are responsible for your data at all times.

When you give it to us INDIRECTLY

We do not expect to receive any information shared with us by other independent organisations.

Via Social Media

Depending on your settings or the privacy notices for social media and messaging services like Facebook, WhatsApp, LinkedIn or Twitter, etc., you might give us permission to access information from those accounts or services.

 

Via information available publicly

This may include information found in places such as websites (club, district, action groups etc), Companies House and information that has been published in articles/newspapers.

What personal information we collect and how we use it

We will only ever capture the minimum amount of information that we need to in relation to your registration, enquiry or services we provide to you in the course of organising the conference and we promise to keep your information secure. The personal data we may collect includes:

  • Your name
  • Your contact details (address, email and telephone number as appropriate)
  • Details of the enquiry, service or product
  • Where it is appropriate, we may also ask for additional information, and this will be made clear to you at the time the personal information is requested.

How we will use your data

We will use your personal data for the legitimate interest of organising the district conference to be held in March 2022 these will include:

  • Provide you with the services, products or information you would reasonably expect to receive as part of your enquiry
  • Communicating organisational messages and information to conference delegates, speakers and exhibitors
  • Ensuring that we cater for dietary and access requirements as notified to us by delegates, speakers, exhibitors and other attendees.
  • In any other way we may describe when you provide the information
  • For any other purposes with your consent

Sensitive information

We do not collect any personal information on members classified as ‘sensitive’ under GDPR. For example, information about an individual’s: race; ethnic origin; politics; religion; trade union membership; genetics; biometrics (where used for ID purposes); health; sex life; or sexual orientation.

Under 18’s data

We do not collect information from under 18’s without the consent of their parent/guardian. We do not expect to have many delegates under 18 years. They may be with a parent or guardian, or they may attend as a member of Interact or Rotakids.

Data Sharing

1) Our service/host providers

In the course of our legitimate district conference activities, there may be a need for us to share, or give access to, your personal data to third parties that provide us with services or host our applications/software that you may access, for instance:

  • Cognito Forms – online registration form
  • King’s Centre, Keble College, Exeter Hall – venues for the conference. We will share information on dietary requirements and accessibility requirements, only as essential for each event over the conference weekend.

We will ensure that data processing agreements, compliant to GDPR, are in place before sharing with, or giving access to, your data with any of our service/host providers outside of the Rotary organisation.

2) Sharing within the Rotary organisation

Data collected for the purposes of the conference will not be used for any other purpose within Rotary International.

Data from the district website will be used to promote the conference, by members of the district conference team and the district executive team. This is therefore covered by the full privacy policy on the district website www.rotary1090.org

3) Sharing with third parties

We will never commercially sell your personal data to anyone else.

We will only ever share your personal data in other circumstances, not listed above, if we have your explicit and informed consent at the time of collection. However, we may need to disclose your details if required to by the police, other agencies, for example HMRC, regulatory bodies or our legal advisors.

How we keep your information safe and who has access to it

We ensure that there are appropriate physical and technical controls in place to protect your personal details and we work within good practice, for example, confidential paper records are securely stored, or securely disposed of as appropriate. The district and its members ensure that PCs/devices holding personal information on behalf of the district are protected with appropriate anti-virus and malware protection and this is routinely monitored by the district.

We undertake regular reviews of who has access to information that we hold to ensure that your personal information is only accessible by appropriate members, Rotary officers, Rotary staff and our service/host providers. We do comprehensive checks on the companies we use before we work with them and will ensure any contracts set out our expectations and requirements regarding how they manage the personal information they may have access to as part of providing those services.

We have a duty to report certain types of personal data breaches to the relevant supervisory authority, and where feasible, we will do this within 72 hours of becoming aware of the breach. If a breach is detected and likely to result in a high risk of adversely affecting you, we will inform you without undue delay.

Where we store your information

The district conference team members may hold your information in various ways depending on your relationship with us, for instance:

The district conference team and its members ensure that PCs/devices holding personal information on behalf of the district are protected with appropriate anti-virus and malware protection and this is routinely monitored by the district.

 

How long we retain your information and how we keep it up to date

We will only keep your information for as long as we need it to organise the March 2022 district conference. Registration data will be destroyed within 3 months of the conference unless that conflicts with the statutory timescales in the following paragraph.

There are statutory timescales on how long we should keep your information, for example,  financial records must be kept for 7 years, information associated with Health & Safety can be retained for up to three years after an event etc. We shall delete your information according to these statutory limits, or according to guidance issued by the Information Commissioner, or guidance issued at the time the personal information is collected.

Your rights

The General Data Protection Regulations gives you certain rights and these are listed below for your convenience, further clarification of your rights is available on the Information Commissioners website:

  • You have a right to be informed when your personal data is being collected, what is collected and how it will be used or shared.
  • You have a right of access to your personal data: the right of access allows you to be aware of and verify the lawfulness of the processing of your personal data. You can request a copy of the information which we hold on you. This information will be provided free of charge, unless the request is found to be manifestly unfounded or excessive then a reasonable fee will be charged. The application should be made in writing, by letter or email, and addressed to the district, contact details shown below, enclosing two proofs of identification. Applicants should be aware that where requests are manifestly unfounded or excessive, in particular because they are repetitive, the district can:
    • charge a reasonable fee taking into account the administrative costs of providing the information; or
    • refuse to respond.
  • You have a right in certain circumstances to have inaccurate personal data rectified, blocked (restrict processing), erased (right to be forgotten), or destroyed.
  • You have a right in certain circumstances to object to the processing of your personal data for such reasons as direct marketing, automated decision making, profiling; although we can confirm we make no decisions on you using an automated process.
  • You have a right in certain circumstances to data portability.

We collect and process your personal data through legitimate interests or because you have provided it to us to enable us to deliver a service to you. We will only process your personal data as you would reasonably expect us to. You can opt out of general member mailings at any time.

Finally, if you are unhappy with how we have processed your information, you have the right to lodge a complaint with the Office of the Information Commissioner, contact details below.

Changes to this privacy notice

We may change this privacy Notice from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our website or by notifying you directly.

Our contact details

Rotary District 1090 Data Controller

Email:  d1090.secretary@icloud.com

Complaints

If you are unhappy with how we have processed your personal information, please firstly contact the Rotary District 1090 Data Controller,  details above. If you are still unhappy you may contact the following:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire, SK9 5AF

Helpline: 0303 123 1113 (local rate) or ++44 1625 545 745

Cookies

Like most websites, we use “cookies” to help us make our site, and the way you use it, better. We do not store any personal data in the cookies that we use.

Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier – for example by automatically filling your name and address in text fields.

In addition, the type of device you’re using to access our website or apps and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, what your device settings are. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.

The type and quantity of information we collect and how we use it depends on why you are providing it. You should be able to control what cookies are placed on your device through your browser settings. Go to www.aboutcookies.org to find out more about cookies, including how to see what cookies have been set and how to manage and delete them.

We use Google Analytics to analyse the use of our websites by generating statistical and other information.

Details captured during your visit to our websites will include, but are not limited to, traffic data, location data, weblogs and other communication data and the resources you access. However, all data collected is anonymous and will not identify you as an individual.

Google, not the Association, stores this activity information. You can view Google’s privacy notice here.

To opt out of being tracked by Google Analytics across all websites visit their website here.

Accessibility

Every effort has been made to ensure that the pages of this website are fully accessible.