Data protection policy
Compliance with the General Data Protection Regulation (GDPR)
The Harmonium Singers collects personal data for the purpose of relevant communication with its members. This data consists of name, address, telephone number(s) and email address. This data is not shared with the membership or with a third-party. Email communication with members is normally from the Co-ordinator, who anonymises email addresses by using only the ‘bcc’ field (except within the Committee where shared responses are required). Collection and maintenance of personal data is handled by the choir’s Co-ordinator, who acts as Data Controller. We define relevant communication as essential information relating to repertoire, rehearsals and performances, and non-essential information which may be of direct interest to the majority of members. Choir members are urged not to share any contact details they may have of other members without their express permission.
Names of members are used in concert programmes and on the choir’s website. Members from time to time appear in photographs and video recordings but are not named, apart from the musical director and any instrumentalists or soloists, subject to agreement.
A publicity mailing list of contacts at local newspapers and magazines is maintained for the purposes of promoting the choir and its events. Mailings use the ‘bcc’ field to avoid distribution of email addresses.
Data Retention Policy
The Harmonium Singers retains the name, address, telephone number(s) and email address of individuals for the duration of membership. An archive consisting of only the names of past members is retained indefinitely. An archive of concert programmes is retained indefinitely, which may contain the names of members at the time. No other personal contact details are retained when membership of the choir ceases.
Role of the Data Controller
The Data Controller maintains an up-to-date list of member contact details, ensuring that all members have signed the Consent Form and that personal details of former members are deleted, apart from name. The Data Controller is available and contactable to handle any requests from members for access or changes.