Data Protection Privacy Policy


Data Privacy Policy

The Privacy Policy of the Elmswell History Group (EHG) is to comply with the requirements of the Data Protection Act 1998, and the General Data Protection Regulation 2018.

The EHG collects personal data to record members of the group, to manage the collection of membership and entry fees, and to effect communication with members about programmes, events and visits of interest to the membership.

The EHG will operate procedures in accordance with the Data Protection Act 1998, and the General Data Protection Regulation 2018, i.e. personal data held by the EHG shall:

  1. be obtained and processed fairly and lawfully;
  2. be obtained only for one or more specified and lawful purposes and shall not be processed in any manner incompatible with that purpose or those purposesbe adequate, relevant, and not excessive in relation to the purpose or purposes for which they are processed;
  1. be accurate and, where necessary, kept up-to-date;
  2. be held no longer than is necessary for the purpose(s);
  3. be processed in accordance with the rights of the data subjects under the Act;
  4. be surrounded by proper security; and
  5. shall not be shared with third parties unless specific consent is obtained from each individual concerned.


The EHG and all committee members and others who process or use any personal information must ensure that they follow these principles at all times.

Responsibilities for ensuring the EHG’s full compliance with the Act are with:

  1. a) the Chairman and committee of the EHG – a committee member may be assigned to oversee compliance with the DPA 1998 and associated regulations;
  2. b) the Membership Secretary will assume the role of ‘Data Controller’ for the EHG and ensures that the process for processing personal data complied with all Data Protection regulations; and
  3. c) all committee members have a responsibility to comply fully with the requirements of the Data Protection Act.

Members’ and Visitors’ Consent

Consent to process personal data will be obtained from individuals each year when membership is renewed.  Non-member visitors will be asked for consent when entry fees are collected.     Consent can be withheld or withdrawn at any time.

Subject Access Request

Any person can request to see their own personal data held by the EHG.  Such requests (Subject Access Request) should be made to the EHG Secretary or any member of the Committee.  The Membership Secretary will be responsible for disclosing the relevant data to the subject requesting access.  Contact details are posted on the EHG Website,

Aggregate Data Analysis

The EHG may use aggregate (anonymised) data to calculate the number of members and visitors, and to manage the collection of fees, prepare the financial accounts of the group, and to assess the effectiveness of communications.

Data Sharing

The EHG do not intend to share the personal data with any outside person or organisation.  Specific consent will be sought from members if the committee wish to consider a request to share information outside the EHG.


The committee will regularly review the EHG privacy policy and update the membership on any changes made.

May 2018