The Scottish Native Honey Bee Society is an inclusive organisation for those with an interest in the conservation, maintenance, breeding and study of the native Scottish honey bee. We take your privacy seriously and this privacy notice sets out how we will use your data, who we will share it with, how we keep it secure and your rights as a data subject.
What we need from you:
When you join as a member of the Scottish Native Honey Bee Society, or renew your membership (including if you are registering or renewing on behalf of a young person aged 18 or under), we will ask you for the following personal information:
- Contact details – name, address, email address, phone number.
- Payment details – your preferred method of payment. This is collected annually via a membership form which you can provide on paper or electronically. This may be your bank details (depending on how you have chosen to pay your membership fee). Note that participating banks will retain records also.
- Extra information for events; we will ask you for supplementary information when attending events. This is to ensure we meet the varying requirements of our members during those events and to enhance your experience including safety, welfare and catering. We cannot be held responsible should an unforeseen issue arise at a meeting or event due to undisclosed information.
Why we need your personal information – contractual purposes
We need to collect our members’ personal information so that we can manage your membership. We will use our members’ personal information to:
- Provide you with core member services, including electronic communications about events or beekeeping information in general. This may also involve contacting you in person by phone should an occasion arise.
- Set up your membership details enabling us to manage your membership and subscription status.
- Organise activities and manage risk and safety if you book on an event.
Why we need your personal information – legitimate purposes
We also process our members’ personal information in pursuit of our legitimate interests to:
- Engage with you on subjects relevant to our representative role, including obtaining your views in surveys, providing details of any beekeeping related special offers and discounts, informing you of events and requesting your involvement in any campaign activity.
- Promote performance and participation in beekeeping by offering apiary events, evening meetings and other possible training events.
- Raise awareness of beekeeping by capturing photos, videos or live-streaming at events. We will use this for promotion, education and development purposes, and it may be made available by social media aligned to our society such as Twitter and Facebook, or other associations we collaborate with, for example, SBA.
- Celebrate achievement in our craft by requesting nominations for members for awards (local, regional or national including those of other associations).
- Respond to your questions, comments, support needs, complaints or concerns.
Why we need your personal information – legal obligations
We are under a legal obligation to process certain personal information relating to our members for the purposes of complying with:
- The Charities and Trustee Investment (Scotland) Act 2005 (as amended) (‘the 2005 Act’);
- The Scottish Charitable Incorporated Organisations Regulations 2011;
- The Protection of Vulnerable Groups (Scotland) Act 2007 to check volunteers are able to undertake regulated work with children and vulnerable adults;
- The Equality Act 2010, which requires us to process personal information to make reasonable adjustments where necessary.
Other uses of your personal information
We may ask you if we can process your personal information for other purposes. Where we do so, we will provide you with an additional privacy notice explaining how we will use your information for these purposes. You can decline, refer to the section outlining your rights below.
Who we share your personal information with:
- We may be required to share personal information with statutory or regulatory authorities to comply with statutory obligations. Such organisations include the Health and Safety Executive, Disclosure Scotland, and Police Scotland for the purposes of safeguarding children or incident, NHS Scotland or any of their services in the case of any health-related emergency.
- We may also share personal information with professional and legal advisors for the purpose of obtaining advice.
How we protect your personal information
Your personal information is stored in our membership databases which are located on a secure Microsoft OneDrive cloud accessible by our Trustees. The secretary also maintains a hard copy, and an electronic copy on an encrypted memory stick.
We use software which stores and processes data outside the E.U. In such cases we use reputable organisations which have signed up to the “E.U.–U.S privacy shield” adopted on 12 July 2016, for example, Microsoft, MailChimp and Eventbrite.
E.U. based organisations must comply with the General Data Protection Regulations (GDPR) which came into force on 25 May 2018, for example, SurveyMonkey and Jisc (online questionnaire and data repositories). Your data is accessed only for the purposes set out above.
How long we keep your personal information
The SNHBS is a Scottish Charitable Incorporated Organisation which is overseen by the OSCR (Scottish Charities Regulator). The OSCR stipulates that our register of Members and Trustees must be kept for six years from the date membership ceased. We maintain full data for 24 months to manage membership and membership queries, thereafter, only your name, postcode prefix and the date your membership elapsed is retained (in the case of trustees or office bearers, post(s) held are also recorded). Your data will be erased after six years from the date membership ceased.
You have the right to, and are responsible for:
- Identifying any change to your personal details including communication preferences.
- Informing us of restrictions to the processing of your personal data for specific purposes, the details of which we will provide, within one month of you sending the request.
- Requesting that we correct your personal data if you believe it is inaccurate or incomplete.
- Requesting that we delete your personal information (this could void your membership if we have no way to identify or contact you for the purposes outlined above).
- Access the personal data that we hold about you through a “subject access request”.
We are required to respond to your requests within one month. You can also contact us in writing at email@example.com or via post at Margaret Packer (SNHBS), Graham Kerr Building, University of Glasgow, University Avenue, G12 8QQ.
If you are dissatisfied, you have a right to raise a complaint with the Information Commissioner’s Office.
1 July 2019