Our Privacy Policy

We, at ESFH, are committed to protecting your privacy. We will only use the information that we collect about you lawfully in accordance with the General Data Protection Regulation(GDPR) 2017.

We do not store any of our customer's financial details including debit or credit card data nor do we share customer details with any third parties.


Security, Privacy and Data Use Policy 

1.  Introduction
This policy outlines the way in which the Essex Society for Family History safeguards and uses its members’ personal data, in compliance with the General Data Protection Regulations 2018 (GDPR), as defined in sections 2, 3 & 4 below.

The personal data held by the Society consists of each member’s name, title, postal and email addresses and telephone number. It is provided by members on joining the Society to enable communication between the Society and its members.  Members consent to this use on signing the Application for Membership Form. Personal data is stored together with a membership number, membership subscription, dates of payment and renewal date.


2. The Society’s responsibilities for safeguarding personal data

The GDPR defines three individuals viz. Registrar, Data Controller and Data Processor, who are given responsibility for different aspects of the safeguarding of personal data.   The Society allocates two of these responsibilities to its existing post holders, as follows:

2.1 Registrar is the ESFH Membership Secretary, appointed by and responsible to the Executive Committee.

2.2
Data Controller is appointed by and responsible to the Executive Committee.

2.3 Data Processor is the contracted Internet Service Provider appointed by and responsible to the Webmaster with the approval of the Executive Committee.


3. Individual responsibilities for safeguarding data

3.1 The Data Controller

3.1.1   Regularly audits the data held by the Society and ensures that appropriate processes are documented and carried out, including the destruction of obsolete data.

3.1.2   Ensures that any decisions to change use of data are properly made and documented.

3.2 The Membership Secretary

3.2.1  Receives physical data in the form of completed application and gift aid forms.

3.2.2  Enters new members' data into the membership database before destroying the paper forms

3.2.2  Passes Gift Aid Declarations to the Treasurer.

3.3 The Webmaster

3.3.1 Appoints an internet service provider (ISP) to enable internet access, email service and data storage space, sufficient to accommodate the Society’s systems and data.

3.3.2 Commissions any software required and ensures adequate back up of all data.

3.3.3 The webmaster also installs and manages all digital data and enables data to be entered on-line by new applicants and existing members.

3.3.4  Is responsible for controlling access to the membership database and other administrative functions through a password system. Subject to the approval of the Executive Committee, individuals will be given access to specific areas of the server in order to carry out their duties.

3.3.5 Is responsible for controlling access to the ‘Members’ Area’ of the website that contains general genealogical information and individual members’ surname interests.

3.4 The Treasurer

3.4.1 Keeps all necessary financial records on a password protected personal computer

3.4.2 Arranges the scanning of completed Gift Aid forms to produce back up images that are stored on the secure server with other ESFH digital data.

3.4.3 Stores the paper Gift Aid forms, as required by HMR

3.5 The Internet Service Provider:

3.5.1 Ensures the security of the internet gateway and email servers.

3.5.2 Ensures the security of systems and data at all times.

3.5.3 Ensures secure backup of all ESFH material.


4.   General responsibilities for safeguarding data

Any member given access to personal data, by the Executive Committee, to carry out specific tasks is responsible for adhering to this policy at all times.

5.  The Society’s use of data

The GDPR defines the way data may be used.

The Society has a general responsibility for its relationship with its members:

5.1 There is a contractual relationship between members and Essex SFH whereby members pay an annual subscription to support the Aims of Society and the Society provides membership benefits i.e. website, journal, etc.

5.2 The Society will only use members’ data to manage their membership and related benefits, including the information provided for the purpose of organising events and visits.

5.3 The Society will keep records of any payment made by members to the Society for any reason during their membership. Payment records will be erased when membership ends except when Gift Aid declarations have been made. In these cases, records will be kept for seven years, after membership ends for possible inspection by HMRC.

5.4 When a member returns a Standing Order Mandate containing their bank account details, the Membership Secretary will add a membership number and forwards the mandate to the appropriate bank. No record of the account details is retained by the Society.

5.6 The Society will not share members’ details with any third party for marketing purposes.

5.7 The Society will not use personal data for any other purpose.

5.8 The Society holds only personal data, provided by the member in their application to become a member. These personal details may be updated by the member at any later time

5.9 The Society’s ‘Security, Privacy and Data Use Policy’ is displayed on its website.

5.10 The Society will not use its members’ personal data for any purpose other than as described in this Policy.

The Society has a responsibility for the way it communicates with its members:

5.11 The Society uses the personal data provided by its members to communicate with them about their membership and occasionally about Essex SFH work.

5.12 The Society sends out membership communications by email and by post.

5.13 Individual members may be contacted occasionally by telephone.

5.14 All members have a choice about how they receive the journal, The Historian, and membership subscriptions reflect this. Notification of the Annual General Meeting is given via the journal and website.

5.15 If a member has supplied an email address, the Society will use this as their preferred method of communication.

5.16 A member’s registered email address will be used as their user name for the Members’ Area of the website.

6.   Members’ rights

Individual members have certain rights under GDPR:

6.1 To enquire what data the Society holds and to check its accuracy.

6.2 To correct any inaccuracy or to change their preferred communication method at any time, either on line or by informing the Membership Secretary, in writing.

6.3 To be informed of any data security breach.

6.4 To withdraw their consent for ESFH to hold and process their data, so terminate their membership, at any time. Please note that the Society must retain personal data information after termination of membership, for a period of seven years, to meet legal requirements, such as required by HMRC relating to Gift Aid.


You are visitor number 1691997 since 15 February 2001