BCMH Data Protection Policy
The BCMH acknowledges its responsibilities under the Data Protection Act 1998 (the DTA), as the BCMH is an unincorporated association that processes personal information, as defined in section 5, (3), (c) of the Act and also its duties under the General Data Protection Regulation (the GDPR).
In relation to the BCMH’s specific responsibilities under the DTA and the GDPR, the BCMH will undertake to operate good data protection practice. References to Officers of the BCMH in this policy should be taken to include both the Officers as defined in the BCMH Constitution and members of the General Committee.
The BCMH will comply with the Act’s eight principles of good practice as follows.
Fairly and lawfully processed - In relation to fairness, by virtue of applying to join the BCMH, members are aware of what data will be held on them by the BCMH. The BCMH will not allow data it holds to be used other than 'legally' as defined in the Act.
Processed for limited purposes - Personal data is only obtained by the BCMH for specified and legal purposes. This data is only processed in a way that is consistent with these specified purposes. No data is collected without there being a specific and valid reason for doing so.
Adequate, relevant and not excessive - the BCMH membership form complies with this, as the BCMH only collects limited data that is clearly needed for a membership organisation. Membership application forms should not be added to by anyone but the applicant and under no circumstances should personal remarks be made by a BCMH officer on an application form. In the case of applicants who are denied membership, their application forms will be destroyed.
Accurate and up to date - the BCMH endeavours to keep all membership records up to date.
Processed in line with an individual’s rights - the BCMH acknowledges that members have the right to know what data the organisation holds on them and that members also have the right to have inaccurate information corrected. A formal request for such information under the Data Protection Act 1998 must be made in writing to the Secretary-General. The BCMH will not use members’ personal data for direct marketing purposes without the express permission of members.
Processed Securely - to comply with this provision of the Act, membership data is only available to specific officers of the BCMH and only those who need to have access to this information. The officers that handle membership data within the BCMH are; the Honorary Treasurer, the Membership Secretary, the Secretary-General, the JBCMH Editor, the Press Officer and the Webmaster. Access to the BCMH membership database is restricted by password. Officers working on the membership database will only do this on a secure computer. Any paper records will be held securely and not handled by anyone other than BCMH officers. The Data Controller of the BCMH, as per the requirements of the GDPR, is the Membership Secretary.
Not kept for longer than is necessary - once a member resigns, the BCMH will not continue to keep their contact details, which will be permanently deleted from the membership database, although a record of the names of those who have resigned will be kept.
Not transferred to other countries without adequate protection - No membership details will be passed outside of the UK without the express permission of any member to which this information pertains.
This policy will be made known to members of the BCMH via the BCMH website. Should any member believe that this policy is being misapplied, they should report their concerns in writing to the Membership Secretary who is the Data Controller as defined in the GDPR.
The GDPR consent form is below.
General Committee, British Commission for Military History, 21 April 2018.
GENERAL DATA PROTECTION REGULATIONS (GDPR) 2018 – BCMH DATA CONSENT FORM
The General Data Protection Regulation (GDPR) 2018 is in legal force from 25 May 2018. This requires every member of the BCMH to give positive consent to the storage of their personal data on the BCMH database.
- I hereby give my consent for my personal data to be stored and maintained on the BCMH database in accordance with the General Data Protection Regulations 2018.
- I further agree that my personal data will be used to enable the Officers and members of the BCMH Committee to contact members of the Commission, to administer the Commission, to collect Commission subscriptions, and to plan and conduct Commission events and battlefield tours. This may include by necessity passing personal details to third parties that are organising tours or visits on behalf of the BCMH if you will be participating in these events.
- Our Data Controller is Mary Brewer, the Membership Secretary, and she is responsible for all data collected and controlled by the BCMH. Any issues you wish to raise in connection with your data being processed by the BCMH should in the first instance be communicated to the Data Controller who can be contacted on the Membership Secretary’s email address mailto:firstname.lastname@example.org.
- Unless you request otherwise, all data collected about you by the BCMH will be retained for as long as you are a member. Once your membership ceases, all data collected by the BCMH about you will be destroyed.
- You have the legal right to complain to the Information Commissioner about how the BCMH controls or handles your data. The Information Commission can be contacted on https://ico.org.uk/concerns/.
If you do not agree to the terms of the BCMH’s data protection policy, please contact the Membership Secretary immediately.