Go to content

Data Protection Policy

About Us

Darlington Chrysanthemum and Dahlkia Society

Data Protection Policy

1. Introduction


The EU General Data Regulations(GDRP) comes into force on 25th May 2019.

These regulations place legal obligations on the Darlington Chrysanthemum and Dahlia Society in respect of personal data.

Darlington Chrysanthemum and Dahlia Societyis a data controller and must ensure that the obligations under the Data Protection Act 1998 and the General Data Protectionb Regulations 2018

2. Policy


This policy outlines what Data the Darlington Chrysanthemum and Dahlia Society holds and is used to ensure that any personal data is lawfully processed and transparent in its use and retention. The Society will appoint a Data Protection officer, who will be responsible for ensuring that the policy is implemented.



The information held by the Darlington Chrysanthemum and Dahlia Society is outlined in the data audit document.



Lawful basis for information processing.



Member data is processed to update the membership on shows and events run by the Society



Exhibitors data is held to distribite show schedules



All personal data obtained by the Darlington Chrysanthemum and Dahlia Society will remain private and will not be shared with other organisations or individuals unless prior consent has been given by the individual to whom the data relates.



An individual can obtain a copy of any personal information held by the society within one month of a request being made. Where it is identified that any personal data held by the Darlington Chrysanthemum and Dahlia Society is incorrect it shall be corrected within 30 days of being notified.



Where an individual request that their personal information is removed or they fail to renew their membership for three consecutive years then their details will be removed from ther membership database.



Data kept for financial records will be kept for 7 years.



Any data must be securely held and IT hardware password protected.  In the event of any data or IT hardware becomes lost or stolen then this must be reported to the Information Commissioners Ofiice (ICO)



Any home or laptop computers to conduct the society business should be adequatley protected by a virus or software package.



A review of this policy must take place on a regular and timely basis.

Back to content