This Policy applies to the operation of the Midland Rover Owners’ Club Ltd. (MROC), and sets out its requirement to gather data for membership and club activity purposes. It contains details of how personal data will be gathered, stored and managed in line with the data protection principles, and the General Data Protection Regulation (GDPR). The Policy is reviewed on an ongoing basis by MROC Committee to ensure compliance. The MROC Privacy Notice is also part of this Policy.
This Policy exists to ensure that MROC:
Complies with data protection law and follows good practice
Protects the rights of members
Is open about how it stores and processes members data
Protects itself from the risks of a data breach
MROC has completed a Legitimate Interest Assessment and has determined that the lawful basis for holding and processing data on members is Legitimate Interest, is the best fit for our purpose, and that MROC is a Data Controller. The club’s Committee is responsible for this policy and the contact is the Club Secretary, whose contact details are available via the current MROC website and regular journals.
The MROC Committee is responsible for ensuring the club remains compliant with data protection requirements, and can evidence that it is. Data protection, those who have access to data, and the type of data will be reviewed. New Committee members will be informed of how data protection is managed and the reasons.
Members will only be asked to provide information that is relevant for membership and club activity purposes. The forms used to request personal information will contain a Privacy Notice to explain why the data is collected, and how it will be used. The MROC Committee will seek to ensure that member information is only used appropriately, and includes:
Communicating with members about MROC events, activities, membership, renewals etc;
Sending members issues of the club magazine;
Appropriate engagement and operation with the Association of Land Rover Clubs (ALRC).
Appropriate and suitable operation of the club’s 4x4 Response function.
MROC has a responsibility to ensure members’ information is kept up to date, and members are asked to advise of any changes.
MROC does store members’ personal information relevant to the appropriate operation of the club. With responsibility for the secure holding and processing of data, and the consequences of loss, theft or unlawful processing, the following will apply:
Only those on Committee with the need to communicate with members will be granted access to data.
Members’ personal data stored on all electronic devices will be protected by password, as will data shared between Committee, with emergency services (for 4x4 Response operations only), and with other nominated club members to enable them to fulfil their respective official club duties on behalf of MROC.
Members’ personal information stored in paper format will be filed securely and appropriately destroyed at the appropriate time.