General Data Protection Regulations (GDPR) – Guild Compliance
The Guild is required to comply with United Kingdom GDP Regulations and this Policy has been adopted by the Guild as part of its obligations.
Why we hold personal data
The Guild needs to retain and process certain personal data of its Members in order to maintain a register of current and former Members as required by law, to maintain its relationship with them and to conduct Guild business and activities.
By law, and in order that the Guild can hold and possess your personal data, you are required to give your affirmative consent to us.
What is personal data
Personal data is data which is any information that relates to an identified or identifiable living individual. Personal data of Guild Members which the Guild regards as core data includes
- Your full name and title (this includes current or former military ranks, and honours and awards, where this information was originally provided by Members)
- Your address (for the sending of mail to you, e.g., Despatches Magazine)
- Your email address(es) (to enable you to receive Weekly Updates and other communications from the Secretary, and emails from others for Guild business)
- Your ‘phone number(s) (so that the Secretary and others can contact you rapidly on Guild business if required)
- Your assigned Guild membership number
- Your assigned Accredited Member Badge number
- Your current and past membership status
- Details of moneys paid to the Guild in respect of membership fees
- Year of leaving the Guild, for ex-Members
- Any commercial affiliations, e.g., if you work for specific tour operators
Other personal data includes:
- Biographical and other information provided by you for the purposes of publishing them on the Guild’s website and other Guild publications
- Details of any monies paid by the Guild to you for services or goods supplied or monies reimbursed in accordance with the Constitution
- Any dietary or other special requirements you have provided the Guild to cater for your needs at Guild events
- Attendance records of those attending Guild events
- Details concerning complaints made against you and any Code proceedings taken in relation to you under the Guild’s Code of Conduct
We believe that this is the minimum data that we need to retain and process for Guild business purposes, and we do not expect to maintain any records of any other data beyond this.
Sharing of Data
We do not sell your personal data – such as your name and contact information – to third parties to use for their own marketing purposes and your data will not be shared with any other organisation for any purpose whatsoever without your consent except:
- to our third-party service providers who use this information to perform services for us, such as payment processors, hosting providers, auditors, advisors, consultants, publishers and service and support providers.
- where we are required to do so by law.
- where we believe it necessary to respond to claims asserted against us or, comply with legal process (e.g., subpoenas or warrants), enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation, and protect the rights, property or safety of the Guild or others.
- Your content, including your name, profile picture, profile information, and certain associated activity information which is on the Guild website and other Guild social media platforms and may be viewed publicly.
- an edited copy of the core data will reside in the Members’ area of the Guild website to allow Members to communicate with each other. It will contain name; email address; membership number; accreditation status; and broad geographic location only.
Your personal data will not otherwise be made available to the Guild membership.
Safeguarding personal data
The security of your information is important to us. The Guild has implemented safeguards to protect the information we collect. These safeguards include:
- Core data is kept under password protection, with additional copies for security and back-up purposes, with restricted access by Guild officials;
- Other personal data being held in confidential files with restricted or limited access by Guild officers and Members having a need for such access for purposes of the Guild; and
- Destruction, deletion and anonymising of copies of personal data when no longer necessary for Guild purposes.
Access to and amending your data
You are entitled to see the full data of your own personal data at no cost to you. This may be done by e-mail application to the Membership Secretary, who will reply at their earliest convenience.
You are entitled to challenge your own personal data, and have it corrected, if inaccurate, at no cost to you.
How long we hold data
The Guild, as a company, is required to maintain financial records for seven years after the business year ends. Because your membership fee is a financial transaction, we will retain your full personal data for that period after you leave the Guild, in case of any challenge from HMRC or another Government body. Because of the legal requirement we cannot delete your data during that period.
Once you have ceased to be a Member for seven full business years your personal data will be removed, and the remaining data anonymised.
Changes to this Policy