A new data privacy law is being introduced tomorrow, 25 May 2018. The General Data Protection Regulation (GDPR) applies to all organisations and businesses that gather or hold data of individuals in the European Economic Area (EEA).

Your confidence and trust in the Commonwealth Association’s system is important to us. For this reason, we want you to know that we have updated our Privacy Policy to explain how we collect, store and handle your personal data.

1. INTRODUCTION

The Commonwealth Association is accredited to the Commonwealth Secretariat. Its current postal address is 29 Eskdale Avenue, Chesham, Buckinghamshire, HP5 3AX, UK.

How to contact us:

The Honorary Secretary of The Commonwealth Association is the Data Controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).

Our official contact email address is info@comassoc.org.

2. WHAT INFORMATION DO WE COLLECT ABOUT YOU?

The only data we collect is from ex-staff of Commonwealth organisations who wish to become members of our voluntary, non-profit association.

When you signed up for membership, we asked you for contact details for our membership register, employment details with Commonwealth organisations to establish eligibility for membership of a staff alumni organisation, employment or status at time of application, other work experience since leaving the the Commonwealth organisation, and information on your professional or social interests. Our Privacy Information policy was explained on the application form that this information was to facilitate networking and social contact among former colleagues.

The application forms were filled out by you and posted or emailed to us as attachments.

3. HOW WE USE YOUR PERSONAL DATA

We keep your personal data in physical file folders (the original application forms) and also in an electronic spreadsheet, which may show your subscription status, including arrears in subscriptions. This data is under the control of the Association’s Data Collector and also available to the Membership Secretary and the Treasurer for administration purposes. Members’ names (minus any other personal details) are available to other Executive Committee members on request.

In addition, we currently keep only your email addresses separately in a Googlegroup for ease of communicating with members as a group on ‘statutory’ matters, such as Annual General Meetings, messages from the Executive Committee etc. The sole Manager of the Googlegroup is the Association’s Hon. Secretary (Data Collector). The Googlegroup is also used to send members information on matters of Commonwealth concern and on other matters of interest. We also allow members to use this Googlegroup to email the group about similar matters. We have a strict policy on usage of the group in this way, with no personal, abusive, party political or commercial messages being allowed. In setting up this Googlegroup, we were fulfilling our Association’s aim of facilitating communication between members on Commonwealth matters.

In the past, the Association kept a Members’ Directory, containing personal data, in a password-protected part of the Association’s web-site. This has been removed because of doubts over whether the data could be properly protected, and also for technical reasons. The personal details of all members are therefore currently unavailable to members.

4. DISCLOSURES OF YOUR PERSONAL DATA

The Association does not give out or lend all or any part of its data in any way to any other members or non-members. Any information sent to our Association from a non-member which is deemed worthy of circulating is forwarded through the Googlegroup and personal details are this preserved.

5. DATA SECURITY

The Association has put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those office bearers who need to know such data for administration purposes

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

6. DATA RETENTION

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

The personal details of members who request to resign from membership or those who have deceased are removed from all our lists together with their data. For historical purposes only, the Association will retain their names and dates of membership as a record. Members who simply wish to opt out of receiving emails through the Googlegroup facility can unsubscribe via an Unsubscribe link at the bottom of each Googlegroup email. The Association does warn members who unsubscribe in this way, that they will be in danger of not receiving its ‘statutory’ information.

Commonwealth Association members do not have to do anything in response to this email, but we hope you read our Privacy Policy carefully and are assured your personal data is safe with us.