GENERAL DATA PROTECTION REGULATION (GDPR) 2018

In May 2018 significant changes to the Data Protection law will be introduced.  These changes mean that the Society will have responsibilities to safeguard your personal data i.e. your name, address, title, e-mail address and telephone number. The data we hold which is physical (completed paper membership applications) is kept securely at the home of the Membership Secretary.  Digital data (your name, address, e-mail address and telephone number (where provided) are also securely held by the Membership Secretary, with a back up copy held by the Secretary.

Your relationship with us: data protection

 There is a contractual relationship between you and the Exeter Local History Society whereby you pay your membership subscription to receive membership benefits.  We commit that:

• We will not share your details with any third party for marketing purposes. 
• We will only use your data to manage your membership and advise you of events and visits. We will not use this data for any other purpose.
• We only hold personal data that you provided in your membership application or have subsequently updated.
• Our privacy policy is displayed on our website where can also be seen an assurance that bookings via Eventbrite are fully covered by their own data protection policies.

Your relationship with us: communication preferences

 We use the personal information that you have provided to communicate with you about your membership.   For example:

• The Newsletter and other relevant messages e.g. news about talks and events, are sent out by e-mail or, in some cases, by post. 
•  
• Reminders about subscription renewal will also normally be sent out by e-mail, and by post to those without e-mail.

The legislation requires the Society to identify a Data Controller who determines the needs and means for processing personal data (in any format) and a Data Processor who processes data on behalf of the Data Controller.  These responsibilities will be fulfilled by the Membership Secretary (Data Controller) and the Secretary (Data Processor).

The legislation also introduces a number of individual rights such as:

• To enquire what data we hold and its accuracy
• To be informed of any data security breach; and
• The right to erase your data if your membership ceases.

You can ask about the data we hold on you, or change your preferred communication methods, at any time by contacting the Membership Secretary.

________________________________-

Members have queried the privacy controls provided by Eventbrite who organise all reservations for the Society's talks and walks.  Their assurance that they comply with the General Data Protection Regulation (GDPR) coming into force on 25 May 2018 follows.

Eventbrite is committed to maintain the highest level of security to protect personal data. In this effort, Eventbrite has implemented numerous security measures and monitors them on a daily basis. Eventbrite's information systems are protected by industry-standard firewalls and intrusion detection systems. In addition, regular vulnerability scans are performed, both automatically and manually by an internal and dedicated team of security experts. You can find out more about the robust security and privacy measures Eventbrite have implemented in the "Eventbrite Security and Safety Guide", available at www.eventbrite.com/security.