From the Surrey Beekeepers Association Website
General Data Protection Regulation 2018 (GDPR) Notice
When you joined your local beekeeping association you submitted information allowing us to register you with SBKA, BBKA and Bee Disease Insurance Ltd (BDI) and with BeeCraft Magazine and to allow us to keep in touch with you. We still hold that information for that purpose as you are still a member. In future, a notice will appear on our membership form for new and renewing members explaining how we use the information and notifying of their rights. We are sending this notice to all existing members too :-
“SBKA, through its Divisions, collects and uses your personal data in accordance with the GDPR. Our legal basis for processing this data is our legitimate Interest as a beekeeping association. We use the data for the administration of your membership, the communication of information and the organisation of events, training courses, assessments and exams. We may share it with BBKA, BDI, the BBKA examinations Board and BeeCraft for the purpose of administering your membership requests. We may also share it with HMRC to reclaim the tax if you have submitted a Gift Aid Declaration. More detailed information is on our privacy statement which can be found below.
Surrey Beekeepers Association Privacy Statement
1. What personal data does Surrey Beekeepers Association and its Divisions collect?
The data we routinely collect may include members’ names, addresses, email addresses, home and mobile telephone numbers; details of payments made to us (e.g. for membership, courses and training events, donations, apiary plot rentals); beekeeping qualifications; grid reference or postcode of apiary; number of hives; type of membership; Gift Aid authorisation; date of first becoming a SBKA member; British Beekeeping Association (BBKA) & BeeCraft magazine orders. We may also record the identity of Associate or family members and dates of birth if these are relevant to the membership and if they have been supplied to us. We collect this data directly from our members when they join the Association and add to it when information is provided to us and at annual renewal.
For some of our members we may have additional information such as committee memberships, apiary roles and responsibilities, beekeeping teaching qualifications, beekeeping examinations applied for and qualifications gained, entry into and prizes won at honey shows, Disclosure and Barring Service checks undertaken with the member’s knowledge and permission and special interests in e.g. microscopy, candle making, mead making, swarm collecting and attending shows and events on behalf of SBKA or its Divisions.
If members have applied to sit BBKA examinations, we will keep information relating to the date and category of examination; results; details of payments made to us; and any disability notified to us to be disclosed to the exam board.
If members request us to do so, and provide us with it, we will keep name and contact details of a next-of-kin to be contacted in the event of illness or injury to the member while at the apiary. This information will be kept at the apiary, handwritten into a book to be kept securely and used for no other purpose.
In respect of non-members we may also keep:
- name, address and contact details of people who have notified us that they have locations available for use by beekeepers for out apiaries. These details may be passed to interested beekeeper members but will not be used for other purposes.
- names of those who have reported swarms to us together with the date and location of the swarms. This is to enable us to monitor our swarm collecting and to enable us to trace the location of swarms, for example, for disease control purposes.
- name, address, contact details and details of payments made to us, of people who have made enquiries to SBKA or its Divisions or who have applied to join courses run by SBKA or its Divisions. This is to enable us to manage enquiries and administer and run SBKA and Division courses.
- name, address, contact details, details of payments made to us and any notified disability of non-members who apply to sit BBKA examinations.
2. What is this personal data used for?
The data is used
- for the administration of your membership; the communication of information, and the organisation of events and activities.
- to provide to the BBKA for their use as explained in the section below.
- to provide to the Bee Disease Insurance Scheme for the purposes of insuring your hives.
- to provide your data to BeeCraft for the purpose of delivery of the magazine.
- to provide your contact details to the National Bee Unit for the purposes of disease control if required.
- for the additional purposes set out above.
3. Who is your data shared with?
Your membership data is passed on to the BBKA of which you become a member when you join SBKA as a Full or Partner Member. Your request for BDI is passed on to them. Your request for a subscription to BeeCraft is sent on to them. We send your name, date of membership and details of payments made by you, to HMRC for the purpose of claiming tax back on gift aid donations if you have given us permission to do so. All such transmissions of membership data are done securely e.g. with password protected files entered onto password protected databases. If you have applied to take an examination for a beekeeping qualification your details will be shared with the exam board. Names, phone numbers and post code locations of volunteering Swarm Collectors are passed onto BBKA with the individual members’ consent. Your name, telephone number and/or email address may be passed to other members of your local Association when organising events and activities in which you have expressed an interest.
We regularly take photographs at beekeeping events. These photographs may be used on websites and newsletters and also in publicity for Division events and activities.
4. Where does this data come from?
Data for most of our members comes from them when they join or when they update their information either directly or via their local association records. We may add additional information as set out above.
5. How is your data stored?
This information is mainly stored in digital form on password protected computers and in the form of written documents stored at Officers’ addresses. Our membership databases are held locally e.g. in Microsoft products such as Excel and in email contact lists, and remotely on cloud based storage such as Google Docs and accessed via password protected computers.
6. Who is responsible for ensuring compliance with the relevant laws and regulations?
Under the GDPR (General Data Protection Regulation) we do not have a statutory requirement to have a Data Protection Officer. The Trustees of the SBKA Council are responsible for ensuring SBKA discharges its obligations under the GDPR. The contact person is the Divisional Membership Secretary who will report annually to the Council based on reports received from each Division in the form set out in the agreed pro-forma report.
7. Who has access to your data?
Committee Members of your Division may be granted access to members’ data in order for them to carry out their legitimate tasks for the organisation. Sub-contractors of SBKA may be given access to data for specific tasks such as sending mailings or processing payments (eg, Just Giving/Golden Giving or similar services). They will only be authorised by SBKA to use such data for specific purposes and are also subject to GDPR rules.
8. What is the legal basis for collecting this data?
Your Division collects personal data that is necessary for the purposes of its legitimate interests as a membership organisation that promotes the craft of beekeeping and advances the education of the public in the environmental and economic importance of bees. For some data, such as that relating to financial matters, the basis for its collection and retention is to comply with our legal obligations.
9. How you can check what data we have about you?
If you want to see the data we hold about you, you should contact your division membership secretary with a “Subject Access Request”. We are required to provide this to you within one month. There is not usually a fee for this, though we can charge a reasonable fee based on the administrative cost of providing the information if a request is manifestly unfounded or excessive, or for requests for further copies of the same information.
10. Does SBKA collect any “special” data?
The GDPR refers to sensitive personal data as “special categories of personal data”.
We do not record any such special category data unless you have asked us to note that you are sensitive to bee stings and carry an adrenalin pen or that you have other medical conditions or disabilities. In that case you will have given us your explicit consent under the GDPR to note your sensitivity or your condition or your disability and the details of your emergency contacts if appropriate.
11. How can you ask for data to be removed, limited or corrected?
You should write to your membership secretary asking for our records to be corrected or limited. We need to maintain your Association membership with your correct name but can do so with limited contact details. However, if you are to remain a member we do need to have at least one method of contacting you. You may choose not to receive information emails from SBKA, BBKA or your local Division or other third parties.
You do not need to provide us with your date of birth unless you wish to enter age-limited events (such as the International Meeting of Young Beekeepers) or gain any concessions based on age.
12. How long we keep your data for, and why?
We normally keep members’ data after they resign or their membership lapses in case they later wish to re-join and for historical records. However, we will delete any former member’s contact details entirely on request.
Notwithstanding such a request, some data, such as that relating to accounting and BDI, is required to be kept for the legally required period.
As SBKA is a charity claiming Gift Aid we are required to hold member details for up to seven years to comply with any future HMRC query.
13. What happens if a member dies?
We normally keep members’ information after they die as a matter of record that they have been SBKA members. This may be of historical note. If requested by their next-of-kin to delete it, we will do so on the same basis as when requested to remove data by a former member.
14. Effective Date and Review
- The GDPR Notice was approved for immediate publication by the SBKA Council on 9th August 2018.
- This policy will be reviewed annually by the SBKA Council at its October meeting.