Privacy Policy

Scottish Campaign for National Parks: Privacy Policy

Background

SCNP is committed to processing data in accordance with its responsibilities under the EU General Data Protection Regulation (GDPR) 2018. The privacy of our members, supporters and others whose data we hold is important to SCNP. For the purposes of this legislation, SCNP is a Data Controller and the Committee appoints one of its members as the designated Data Administrator who has overall responsibility for ensuring that the organisation complies with the legislation.

Type/classes of data we hold

We process information which may include:

  • personal details (name, address, email, telephone etc.)

  • membership details

  • financial details

  • visual images

How we use data

We process personal data to enable us to:

  • provide a membership service to our members

  • further, our charitable purposes as specified in our constitution;

  • administer membership records;

  • fundraise and promote the interests of the charity;

  • manage volunteers and people we engage to work on our behalf;

  • maintain our own accounts and records.

Who is collecting data?

Members of the SCNP Committee, including office bearers, volunteers or people engage to work for SCNP may collect personal data during their course of their work via interactions with members, supporters and representatives of other organisations.

Legitimate interest

Under the new legislation SCNP believes we can rely on what is called ‘legitimate interest’ to process much of our personal data. In other words, we undertake to keep members and supporters informed of our work via publications and email alerts as we believe they would expect us to do so.  In addition to this members can pay their membership subscription by standing order.

Disclosing personal data

SCNP will never disclose personal data to anyone outside of SCNP except where we have consent or else are required to do so by law. Personal data [1]  is used solely to further the work of the organisation and is not used for any direct marketing purposes.  SCNP will not hold or process sensitive classes of information [2]  on its members or supporters.

Storage of data

All personal data held by SCNP is held securely and will be retained for no longer than is necessary to provide our services. SCNP will try to keep personal information as up to date as possible and requests that members and supporters contact the Membership Secretary if they believe any information is inaccurate.

Accessing personal data

Under the GDPR, individuals have the right to obtain:

  • confirmation that their data is being processed;

  • access to their personal data; and

  • other supplementary information

If members and supporters wish a copy of the personal information SCNP holds they can do so by contacting the Membership Secretary [3].

Rectifying information

 Individuals have the right to have inaccurate personal data rectified and this can be done by contacting the Membership Secretary [3] .

Right to Erasure

 Individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’ and this can be done by contacting the Membership Secretary [3] (The right is not absolute and only applies in certain circumstances, eg we are legally required to keep financial information relating to our accounts, such as membership payments, for 7 years).

Review

SCNP will keep its Data Protection Policy under annual review.

August 2018

[1] The GDPR classes names, addresses and contact details as “personal information”.

[2] Sensitive classes of information includes: Physical or mental health details, Racial or ethnic origin, Religious or other beliefs of a similar nature, Offences and alleged offences, Criminal proceedings, outcomes and sentences

[3] The SCNP Membership Secretary can be contacted at membership@scnp.org.uk or by post at SCNP, c/o APRS, Dolphin House, 4 Hunter Square, Edinburgh, EH1 1QW