The General Data Protection Regulation (GDPR) becomes law on 25 May 2018, and it requires that organisations holding information on individuals by which they can be personally identified must either be able to justify having a ‘legitimate interest’, or must obtain consent to keep such information. WCF has contact with various groups of people, and our policy is as follows.
Members: we have a ‘legitimate interest’ in holding data on members, with whom we have a contract that requires us to keep them informed of events, publications, and changes to the organization.
Non-members: we have a ‘legitimate interest’ in holding data on individuals who have expressed interest in our work, e.g. by attending an event. We will continue to keep them informed of events, publications and changes unless they ask to be erased from our list, and they will be given an opportunity to request this in every communication. Any individual added to the database after 25.5.18 will be asked for their consent to be added.
Other organisations: we only contact those organisations whose details are in the public domain, so there is no requirement to seek their consent.
Erasure: Any individual can request erasure from WCF’s database at any time by clicking the link (provided in communications and on our web site) or by emailing us. However, it must be noted that the law requires us to retain such details but inactivate them for communication purposes.
Third parties: any third parties collecting details that are passed to WCF (for example, Eventbrite) will be asked by WCF to supply their policy on GDPR issues.
Protection of information: personal information is kept private and held securely. Under no circumstances will WCF sell or give individual data to anyone for marketing or other purposes not directly related to WCF’s activities.
We hope you will be interested in WCF’s activities and be willing to receive occasional emails from us. To give your consent to receiving our communications please enter your details here.