Data Protection advice for Group Leaders and Group Contacts
This page provides information on how LALG handles personal data, and a statement of conformance to the regulations (known as GDPR) governing this subject. In addition you can view the LALG Cookie policy.
Data Collection and Use
Personal information should be collected and used lawfully and fairly. ‘Fair’ means that that individual should know who has their information and what it will be used for. Information collected for one purpose should not be used for another. So if someone gives you information for LALG purposes you should not use it for anything else – for example to promote a business, event, charity or political party.
The key things you need to know:
New data protection legislation was introduced in May 2018. The definition of what is personal data remains the same and includes anything that can identify an individual: contact details, membership number or photos.
We can only collect data which we have a valid reason for having, and for which we have the owner’s consent to using. Sometimes explicit consent is not needed because it is obvious. Under the ‘contract’ that members have with LALG we do not need their consent to communicate with them but even so we have to provide clear and simple information about how their data will be stored and used.
We must keep data safe, see Information Security. If it is online it should be password protected. If it is a paper record, it should be kept private and when possible locked away.
When we no longer need the data, for example when a member has left the group or after an event we should safely destroy it.
So how does this apply to you as a Group Contact?
As a Group Contact you probably have a list of members in the group. Make sure you only have data that you have a valid reason for having. For example, if you will never email members don’t collect email addresses.
If you meet in each other’s houses you will need to collect addresses. Consider whether you should send a list to everyone in the group or just put the details for the next venue on the call up.
You should tell group members that you will abide by LALG's privacy statement. If they prefer a paper copy they should contact the LALG Secretary via the contact details on the website or in the newsletter.
If you intend to use the data for anything other than running your group you will need the explicit permission of the member? For example, you can only take and store an image such as a photograph or video if you have the explicit consent of the member(s) involved.
You need to review how safely you are storing the data you hold. Take steps to avoid data going to anyone else. This includes within the group: so when emailing several members, use the bcc facility unless you have explicit permission to share those email addresses within the group.
Any data that you no longer need should be destroyed safely and securely. This also applies if you step down as Group Contact.
Summary Statements
For Members - It is best practice to add a footnote to any email, booking form, or leaflet saying:
'I will safely store your name, phone number and email address and will only use them to manage the group’s activities and to contact you about group events.' (Note: Add address if you use this to contact people or meet at each other’s houses).
'If you give me your consent I will add your phone number /email address, address to my mailing list for other communications which might be of interest to you. You can withdraw your consent at any point by contacting me.'
(Only if relevant to your group) 'If you give me your consent I will take photographs/videos of group activities which might be used on public sites such as the LALG website or LALG Facebook page for promotional activities.'
'The full LALG Privacy Notice can be found on the LALG website (www.lalg.org.uk) by clicking on LALG Privacy Statement at the bottom of any page.'
For Non Members - Sometimes people who are not members of LALG join us at events or activities. If we collect data from them, we should also tell them how that data will be used.
For example, on an email or booking form:
'I will safely store your name, phone number, email address, address (delete as applicable) and will only use them to manage the LALG event/activity (add details).
The principles outlined in the LALG privacy notice apply and can be found on the LALG website (www.lalg.org.uk) by clicking on LALG Privacy Statement at the bottom of any page.'
If relevant you can add:
'If you give me your permission I will store your details and use them to send you future information about LALG events/activities.'