Privacy Notice

1. This is the privacy notice of Rockhoppers Mountaineering Club. In this document, "we", "our", or "us" refer to Rockhoppers Mountaineering Club. This is a notice to inform you of our policy about all information that we record about you. It sets out the conditions under which we may process any information that we collect from you, or that you provide to us. It covers information that could identify you (“personal information”) and information that could not. In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information. This notice becomes effective on 25th May, 2018. Our notice complies with UK law accordingly implemented, including that required by the EU General Data Protection Regulation (GDPR). We may update this privacy notice from time to time as necessary.

2. We take the privacy of our members’ data seriously and will only use your personal information for club-related purposes, such as club administration, organising club trips and communicating with you about your membership. Only persons nominated by the committee will have access to the database.

3. As a BMC-affiliated club we will provide your name, contact details and date of birth to the BMC to administer your membership of the BMC including your combined liability insurance cover. The BMC will use your data to communicate with you about your membership. The BMC will contact you to invite you to create a ‘Member Profile’ which, amongst other things, allows you to set and amend your privacy settings. More information about how the BMC uses data can be found at http://www.thebmc.co.uk/privacy.

4. When you join the club, you provide your consent to us to process informationthat may be personal information.

5. Your name will be listed in the Members’ Directory, and, where you have given permission to do so, your email address will be listed.

6. Your name, email address and contact number will be visible on trip lists and to trip organiser(s) if you have signed up to the trip, and may be shared with trip participants via email.

7. We may aggregate data in a general way and use it to provide information, for example to monitor the number of members attending a trip.

8. Photographs and videos taken on club activities may be used on our website, newsletter or other promotional material.

9. We continue to process your information on this basis until you withdraw your consent or it can be reasonably assumed that your consent no longer exists.

10. You may withdraw your consent at any time by contacting the Membership Secretary. However, if you do so, you may not be able to remain in the club.

11. We may process information on the basis there is a legitimate interest, either to you or to us, of doing so. Where we process your information on this basis, we do so after having given careful consideration to whether you would expect us to process your data, and whether you would consider it reasonable to do so.

12. We may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.

13. Payment information is never taken by us or transferred to us either through our website or otherwise. We do not have access to it. At the point of payment, you may be transferred to a secure page on the website of one of our reputable payment service providers. That page may be branded to look like a page on our website, but it is not controlled by us.

14. When you agree to set up a direct debit arrangement, the information you give is directly to our service provider, GoCardless, for processing according to our instructions. We at no point see your bank account data.

15. Except as set out in this notice, we will not share or sell your data.

16. At any time you may review or update personally identifiable information that we hold about you, by signing in to your account on our website.

17. The club website is operated through third-party services. We shall take reasonable steps to ensure our suppliers conform to the requirements of GDPR and that your data is secure and protected.

18. Except as otherwise mentioned in this privacy notice, we keep your personal information only for as long as required by us for administration of your membership; to comply with the law, including for the period demanded by our tax authorities; or to support a claim or defence in court.

19. Your rights and our obligations to you in regards to the processing and control of your personal data can be read at http://knowyourprivacyrights.org.

20. If you wish us to remove personally identifiable information from our website, or have any complaint, you may contact the Membership Secretary through our website. You have a right to lodge a complaint with the Information Commissioner's Office. This can be done at https://ico.org.uk/concerns/.