Association of Harrogate Apprentices (AOHA)

PRIVACY POLICY

How we will use your information when you give your data to Association of Harrogate Apprentices, sign up to a membership or subscription, or register with the AOHA Members Website.

This leaflet explains why we ask for your personal information, how we store and use it and who we may share it with, and what your rights are.

Why we ask for your personal information.

We want you to be part of our family after your career, and by joining our branch, AOHA.  We want to be able to contact you about events and branch information.  By consenting to us holding your information we can administer your membership and subscription to the branch.  By registering on this website, you agree for the AOHA  to hold your information for these purposes.

Who is your data shared with?

The data collected is shared with the officers of AOHA.  We are there to support you during your membership of the Association and you may receive information about membership and subscriptions that might be of interest.  A small amount of marketing is used, for the purpose of inviting you to attend events and supplying you with information of events that may be of interest. 

How we store your information.

The personal information you consent to give us is stored on our AOHA database.

This is a fully managed system and there are procedures and policies in place in order to keep your information protected from misuse in accordance with the General Data Protection Regulations.

Available Memberships

Membership of the association may be obtained by contacting the Hon Secretary and requesting a MEMBERSHIP Application Form

 

How long we keep your information for.

Your information is kept in accordance with our retention policy.  If you have a subscription and pay us money every year, then we will hold your data for 6 years after this service has stopped.  If you have consented for us to contact you about future events, then we will maintain your record until you tell us you would like us to delete it.

 

Your rights

You have the right to see the information that we hold on you at any time, by submitting a Subject Access Request (SAR) in writing by contacting the Data Protection Officer (DPO) on the contact details below.  You may also request to opt out of any of these services or have your details deleted from the database at any time, again by contacting the DPO in writing and letting us know what your preferences are.

AOHA Data protection Officer

Hon Secretary,

Or email:   secretary@aoha.org.uk

Our Data Controller is the Secretary of the Association of Harrogate Apprentices and you may contact him/her at any time if you feel your rights have been breached. 

 

When we ask you for information, we will keep to the law, including the Data Protection Act 1998.  For independent advice about data protection, privacy and data-sharing issues, you can contact the Information commissioner at:  Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.  Phone:  08456 30 60 60 or Fax:  01625 524510

Website:  http://www.ico.gov.uk

 

  

Notes for AOHA about General Data Protection Regulations (GDPR) 2018

  1. Prior to 25 May 2018, after this date, to be compliant, (or able to show good progress towards compliance).
  2. Check with Information Commissioners Office (ICO) https://ico.org.uk/global/contact-us/ to see if branch should register In general “small” Not For Profit (NFP) organisations do not have to, but must be able to show they are observing the principals of the GDPR.

Then:

  • ensure MOU is up to date.
  • observe Data Protection Rules & Regulations and be able to prove to ICO if necessary that they are being followed.
  • complete privacy policy (see example above).
  • complete process guide to show exactly how data is being processed and administered by branch including: processes of collection, storage, sharing (with whom/why and how protected) right up to destruction.  NB – Include auditing of info (to ensure it is current/relevant and necessary).
  • if it goes wrong and ICO respond to complaint they will be very thorough when they are required to react to breaches / complaints.
  • Compliance is an individual responsibility held by those collecting/processing the data.