to receive emails from us in future including emails with the Rides List and
Updates with changes or cancellations of Rides you need to opt in with a special
online form. This is additional to the Renew or Subscribe Form Go to
About this Policy
This policy explains
when and why we collect personal information about our members, how we use it
and how we keep it secure and your rights in relation to it.
We may collect, use
described when we collect data from you.
We reserve the right
this happens (but amendments will not be made retrospectively).
We will always comply
with the General Data Protection Regulation (GDPR) when dealing with your
personal data. Further details on the GDPR can be found at the website for the
Information Commissioner (www.ico.gov.uk). For the purposes of the GDPR, we will
be the “controller” of all personal data we hold about you.
Who are we?
2.1 We are CTC Bognor
Regis & Chichester Group (Part of Cycling UK)
be contacted at 10 Brooklands, Pagham, Bognor Regis, West Sussex, PO21 4QH,
email@example.com and 01243 267746
receive email and any subsequent unsubscribing only applies to this local group
and does not affect your Membership of National Cycling UK where applicable.
Note also that if your preferences on the National Club exclude the sending of
emails we will not be able to send you local updates or the Rides List.
information we collect and why.
Type of information
Legal basis of
address, telephone numbers, e-mail address(es).
Managing the Member’s
membership of the Group/ Subscription to Pedaller Magazine.
Group’s contract with the Member.
For the purposes of
our legitimate interests in operating the Group.
How we protect your personal data
4.1 We will not transfer your personal data outside the EU without your consent.
4.2 We have implemented generally accepted standards of technology and
operational security in order to protect personal data from loss, misuse, or
unauthorised alteration or destruction.
4.3 Please note however that where you are transmitting information to us over
the internet this can never be guaranteed to be 100% secure.
4.4 For any payments which we take from you online we will use a recognised
online secure payment system.
4.5 We will notify you promptly in the event of any breach of your personal data
which might expose you to serious risk.
Who else has access
to the information you provide us?
5.1 We will never
sell your personal data. We will not share your personal data with any third
parties without your prior consent (which you are free to withhold) except where
we are required to do so by law or as set out in the table above or in
paragraphs 5.2 and 5.3 below.
5.2 We may pass your
personal data to third parties who are service providers, agents and
subcontractors to us for the purposes of completing tasks and providing services
to you on our behalf (e.g. to process your subscription or renewal and send you
mailings). We do this for the purpose of our legitimate interests in operating
the Group and for performing our contract with you. However, we disclose only
the personal data that is necessary for the third party to deliver the service
and we have a contract in place that requires them to keep your information
secure and not to use it for their own purposes. It is possible that third
parties may themselves engage others (sub-processors) to process your data.
Where this is the case third parties will be required to have contractual
arrangements with their sub-processor(s) that ensure your information is kept
secure and not used for their own purposes.
5.3 We may also pass
your personal data to other members in a Membership List where you have
consented to this to enable members to readily contact other members. Your
consent to this is obtained every year when you renew. You should note that when
your data is passed on to an individual such as another member we have no
control over that individual and an individual is not subject to the GDPR. Any
erasure of your data can only apply to data we hold as an organization.
6. How long do we
keep your information?
6.1 We will hold your
personal data on our systems for as long as you are a member of the Group and
for as long afterwards as it is in the Groups’ legitimate interest to do so or
for as long as is necessary to comply with our legal obligations. We will review
your personal data every year to establish whether we are still entitled to
process it. If we decide that we are not entitled to do so, we will stop
processing your personal data except that we may retain your personal data in an
archived form in order to be able to comply with future legal obligations e.g.
compliance with tax requirements and exemptions, and the establishment, exercise
or defence of legal claims.
6.2 We securely
destroy all financial information once we have used it and no longer need it.
7. Your rights
7.1 You have rights
under the GDPR:
access your personal data
(b) to be
provided with information about how your personal data is processed
have your personal data corrected
have your personal data erased in certain circumstances
object to or restrict how your personal data is processed
have your personal data transferred to yourself or to another organisation in
7.2 You have the
right to take any complaints about how we process your personal data to the
Information Commissioner's Office
details, please address any questions, comments and requests regarding our data
processing practices to our Data Protection Manager at firstname.lastname@example.org