Privacy Notice
The Grampian Club takes your privacy seriously. We are a “controller” of the personal information that you provide to us and this privacy notice sets out how, why and for how long we will use your personal data, as well as who it is shared with. It also explains your legal rights as a data subject and how to exercise them.
What we need from you
When you register as a member of The Grampian Club or renew your membership, we may ask you for some or all of the following personal information:
- Contact details – e.g. name, address, email address and phone number.
- Participation details – other clubs, existing Mountaineering Scotland membership number
If you do not provide us with all of the personal information that we need this may affect our ability to offer you our membership services and benefits.
Why we need your personal information – contractual purposes
We need to collect our members’ information so that we can manage your relationship with us. We may use our members’ personal information to:
- Provide you with core member services, including confirmation of membership, membership card, end of year renewal.
- Set up a website user account enabling you to access member only areas of the website including access to the Club Newsletter.
- Organise club activities and manage risk and safety if you attend a Day, Weekend or Climbing Meet.
- Register your membership with the representative body, Mountaineering Scotland, to provide you with insurance cover, magazine subscription and other benefits they offer to members of clubs, including access to courses and competitions.
Why we need your personal information – legitimate purposes
We also process our members’ personal information in pursuit of our legitimate interests to:
- Provide you with news and updates about the activity of the club, opportunities to get involved in club meets, training, general meetings or other events.
- Raise awareness of the club’s activities by capturing photos, videos, or live streaming at events. We will use this for promotional purposes.
- Respond to and investigate your questions, comments, support needs, complaints, concerns or allegations.
Other uses of your personal information
We may ask you if we can process your personal information for other purposes. Where we do so, we will provide you with an additional privacy notice explaining how we will use your information for these purposes.
Who we share your personal information with
When we register your membership with Mountaineering Scotland we pass on your personal data and Mountaineering Scotland become a controller of your personal data. Mountaineering Scotland provides full details of how it uses your personal data in its own privacy notice (www.mountaineering.scot/privacy-notice) and will not use it for any other purpose.
We may be required to share personal information with statutory or regulatory authorities to comply with statutory obligations. Such organisations include the Health & Safety Executive, Disclosure Scotland, and Police Scotland for the purposes of safeguarding children. We may also share personal information with professional and legal advisors for the purpose of obtaining advice.
Third party suppliers with access to members’ personal data
The Grampian Club may use third party suppliers to provide services. These suppliers may process personal data on our behalf as “processors” and are subject to contractual conditions to only process that personal information under our instructions and protect it.
In the event that we share personal information with external third parties, we only share such information strictly required for the specific purposes and take reasonable steps to ensure recipients shall only process the disclosed personal information in accordance with those purposes.
- MTC Media Ltd. who host our club website
How we protect your personal information
Your personal information is accessed by our Membership Secretary, Secretary, Treasurer, Day Meet Secretaries, Weekend Meet Secretaries, Cottage Custodian, Hut Custodian, and Web Custodians only for the purposes set out above. It is stored by our club in electronic and paper records. Electronic records consist of a Membership Database, Club Website listings and excel spreadsheets which are all password protected. Essential paper copies of application forms, membership lists and member contact details are kept securely in their homes by Club Officers. The Club does not ask for, or maintain details of, member’s banking details. Your personal data is transferred to Mountaineering Scotland by inputting it directly into a password-protected database or emailed via a password-protected spreadsheet.
In addition we would bring to attention the following:
- To be able to organise and facilitate Day Meets the Grampian Club needs to be able to circulate by email, to all members and guests who have booked on a particular Day Meet, a list showing the routes and the members booked on each route. Such a list would include only the minimum information required, but would consist of member’s names, telephone numbers and a limited number of email addresses. It would not be practical to password protect such lists. This also applies to Weekend Meets.
- In its monthly Newsletter to members the Grampian Club regularly reports the names of members who have participated in recent Day or Weekend Meets. The Newsletter also reports the names of new and resigning members. The names of new and resigning members is also reported at the Club’s Council Meetings and the Club’s Annual General Meetings, and is recorded in the minutes of each.
- The monthly Newsletter to members as a norm provides personal contact data for Grampian Club Officers and function organisers including name, address, telephone number and email address for use by members.
- The Club’s Annual Bulletin contains very limited personal data, providing the names of new members, resigning members, life members and honorary members. A copy of the Bulletin is sent to each club member every year.
- The Club may use images, etc, to publicise the club’s activities in the Grampian Club’s Newsletter and Bulletin, and on the Club Website.
How long we keep your personal information
We only keep your personal information for as long as necessary to provide you with membership services. Unless you ask us not to, and except as noted below, we will review and delete your personal information where you have not renewed your membership with us for 4 years. Exception: the club will maintain a record of all member names along with their date of joining/leaving for the purpose of maintaining a complete record of membership over the years.
You have a right to:
- Change your communication preferences or restrict the processing of your personal data for specific purposes.
- Request that we correct your personal data if you believe it is inaccurate or incomplete.
- Request that we delete your personal information from electronic media, but only where this is not a part of the Club’s documented history. This includes, but may not be exclusive to: Meeting minutes, Newsletters, Bulletins, Content placed in the Club’s Archive, Membership records, Meet records.
- Access the personal data that we hold about you through a “subject access request”.
You can contact us at http://grampianclub.org.uk/contact-us, or by writing to the Grampian Club Secretary whose address can be found on the front page of the Club Newsletter.
If you are dissatisfied, you have a right to raise a complaint with the Information Commissioner’s Office at www.ico.org.uk.