Photo © Firewolf 2019
Privacy Policy
This Privacy Policy is available as a pdf download.
1. Introduction.
The Gorsedd of Bards of Cor Gawr (Gorsedd Beirdd Côr y Cewri) takes your privacy seriously and is committed to ensuring that it is properly protected. This revised Privacy Policy has been drafted further to the requirements of the General Data Protection Regulation (GDPR) and is effective from 25 May 2018, when the GDPR came into force. For purposes of the GDPR, the Council of Elders of the Gorsedd are collectively the data controllers. The primary Data Processor is the Treasurer of the Gorsedd.
Any changes that we may make to this Privacy Policy in the future will be posted on our website (www.bards.org.uk), we recommend you check the site occasionally to ensure that you are aware of the most recent version of the Policy.
2. What is our legal basis for collecting, storing and using your data?
Organisations must have a valid lawful basis in order to process personal data. The Gorsedd has decided that the lawful basis for collecting, storing and processing its members' personal data should be consent provided by those members when applying for tickets to Gorsedd events, or when making financial donations towards the running costs of the Gorsedd.
3. When do we collect your personal data?
We collect your personal data when you:
complete application forms for events run by the Gorsedd;
if someone applies for tickets on your behalf;
when you make a financial donation or subscription membership via PayPal.
4. What personal data do we collect?
The Gorsedd collects the following information about its members:
Name (first and family names);
Postal address;
Email address;
Telephone number (landline - where provided);
Telephone number (mobile - where provided);
Car registration (where provided in support of disabled parking request);
Amount of subscription or donation paid and the date it was received (if paid via PayPal);
Cash donation amounts are recorded, but not necessarily the name of the benefactor.
For current members (see section 8, below) and where records exist, a history of subscription payments and methods of payment is maintained for past years. Payment records are also kept by PayPal in line with their Privacy Policy.
The information listed above is provided by the members themselves. Where someone has applied for tickets on your behalf, only your name is kept on record (linked to the original applicant).
5. Website and Cookies.
No personal data is kept on our website, nor do we use cookies on the site to either collect data or trace your movements on the site.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site for another, you should note that we do not have any control over that other website. We cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites, which are not governed by this Privacy Policy. You should exercise caution and look at the privacy statement applicable to the website in question.
6. How and why do we use your personal data?
The information listed in the first paragraph of section 4, above, is stored in a database of members that is maintained by the Gorsedd Treasurer and the Ticketing Officer for use in the administration of the Gorsedd. The database is used for internal record keeping and in other aspects of the administration of the Gorsedd.
We use this information to advise you on progress of your application for tickets and to send you pdf files of the tickets when they are issued for our events. We also use this information to contact you about future events we believe you may be interested in. Emails are sent direct from the Gorsedd, we do not use third party email systems to contact you at any time.
You may request to have your data removed at any time, either by using the website contact form, by direct email, or by responding to an email we have sent you. If you do request to be removed from our database, all contact details will be removed (although we may send you an email to confirm your request before removal). We will, however, keep a record of your name and the historic events you have attended.
7. How do we protect your personal data?
We know how much data security matters to all our members and other contacts. With this in mind we treat your data with the utmost care and take all appropriate steps to protect it. In order to prevent unauthorized access or disclosure, data is stored on a secured personal computer and backed up to a secure system.
8. How long will we keep your personal data?
Membership of the Gorsedd is by your request, either by event ticket application or by request via our website. We keep your personal data from the time of request until such time as you request us to remove it. In the event that an email address held for you becomes invalid (ie email to that address is returned as undeliverable), the email address is removed. In this event other data about you may be held for a further 12 months for comparison to future possible ticket applications from you using a new/revised email address.
9. With whom do we share your personal data?
Your data is only shared with English Heritage to support your request for disabled parking at the midsummer ceremony, and if you have been granted this. Your data is not shared with English Heritage for any other reason, unless legally required to do so as stated below.
We do not share your personal data with third parties, unless required to in order to comply with the law. For example, we can pass on details of people involved in fraud or other criminal activity to law enforcement agencies.
10. What are your rights over your personal data?
You have the right:
to withdraw any consent that you have previously provided - if you have given us your consent to use your personal data, you can change your mind at any time and withdraw that consent;
to request access to the personal data we hold about you, free of charge in most cases;
to request the correction of your personal data when incorrect, out of date or incomplete (see section 11, below);
to request that we stop using your personal data for contacting you through all or some of the following: surface mail, email, text messaging, telephone;
to request that we stop any consent-based processing of your personal data after you withdraw that consent;
to request that we delete all personal data relating to you (your “right to be forgotten”). You are welcome to contact us to request to exercise these rights. (See section 14, below, for contact details.)
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Policy. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
11. How can you amend the information that the Gorsedd holds about you or ensure that it stops storing and using your personal data altogether?
If you believe that any information we are holding on you is incorrect, out of date or incomplete, please contact us as soon as possible, either by using the website contact form, by direct email, or by responding to an email we have sent you. (We will, however, keep a record of your name and the historic events you have attended.)
12. How can you contact the Regulator?
If you feel that your data have not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO). You can contact the ICO by telephoning 0303 123 1113 or online at www.ico.org.uk/concerns.
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.
13. Any questions?
We hope that this Privacy Policy has been helpful in setting out the way we handle your personal data and your rights to control it. If you have any further questions or comments, please do get in touch with us.
14. Whom should you contact?
For any queries or requests in relation to the Gorsedd's Privacy Policy or the management of your personal data, please contact the Council of Elders either by using the website contact form, by direct email, or by responding to an email we have sent you.
This policy was created on 24th May 2018 and last updated on 6th October 2019.
~~~~~~~+O+~~~~~~~
The Gorsedd covers all its costs with the generosity of your donations, with the priests and organisers of the Gorsedd paying for all other expenses incurred not covered by those donations from their own pocket, as a service to the wider community. Donations are always welcome to help cover the cost of administration, website etc. If you feel able to help with some of these costs, we are always most grateful and appreciative of your generosity . You can donate by using the button below. Thank you!
~~~~~~~+O+~~~~~~~