Privacy Policy / GDPR Statement

General Data Protection Regulations 2018 (GDPR) – Effective August 2018


The Society, CNWSRSS, in compliance with General Data Protection Regulations, is committed to protecting your personal information and respecting your privacy. The Society holds personal data  only to satisfy any legitimate legal, accounting or reporting requirements. This personal data will be  kept updated, and will be erased if you cease to be a member. It will not be shared with any third parties.

This Statement may be updated and any updates will be posted on our website at

The contact details for the General Secretary CNWSRSSW are as follows:


We will comply with data protection law. This says that the personal information we hold about you must be:

1. Used lawfully, fairly and in a transparent way.

2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.

3. Relevant to the purposes we have told you about and limited only to those purposes.

4. Accurate and kept up to date.

5. Kept only as long as necessary for the purposes we have told you about.

6. Kept securely.

It is important that we tell you your rights that you have as a data subject under the General Data Protection Regulation – these are set out below.

The GDPR provides the following rights (subject to some exemptions.)

  1. The right to request access to the personal data that we hold about you
  2. The right to request ratification of the personal data the we hold about you
  3. The right to request erasure of the personal data that we hold about you
  4. The right to request restriction of processing data about you
  5. The right to object to processing
  6. The right to data portability


Please address these to the General Secretary if at any time you believe the information we process on you is incorrect, incomplete or out of date. Please let us know and we will make sure that your data is corrected.

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioners Office (ICO) full contact details for which can be found at

How we will use information about you.

We will only use your personal information when the law allows us to.

Most commonly, we will use your personal information in the following circumstances:

1. Where we need to perform the contract we have entered into with you.

2. Where we need to comply with a legal obligation.

3. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

    We may also use your personal information in the following situations, which are likely to be rare:

  1. Where we need to protect your interests (or someone else's interests).
  2. Where it is needed in the public interest [or for official purposes].

We will generally process your personal data for contractual necessity in providing membership services and events. We may also use personal information for additional relevant and related purposes where you might reasonably expect us to do so, where the benefits of doing so are not outweighed by your own interests or fundamental rights or freedoms. The law calls this the Legitimate Interests” condition for processing. This may include:

-To maintain our records and other administrative purposes, including updating your details and preferences.

-To assist with queries, complaints and dispute resolution;

- In communications related to membership

- To uphold our club constitution and taking action in cases where there is a breach of the Club rules or Codes of Ethics.

Where our processing of personal data is based on your having given consent, you have the right as a data subject to withdraw that consent at any time. If you wish to invoke this right, please notify the Secretary using the contact details set out above.

You have the right to lodge a complaint with a supervisory authority. In the United Kingdom, the supervisory authority is the Office of the Information Commissioner, full contact details for which can be found at

Recipients of Data

We may use service providers to help us provide you with our services. Personal data may be transferred to such service provider, who act for or on our behalf, for further processing in accordance with the purpose(s) for which the data were originally collected or may otherwise be lawfully processed.

Such third parties have contracted with us as data processors under the requirements in the GDPR. They are contractually bound to only use personal data for the agreed purpose(s). Relevant persons working for these third parties will have access to your personal data under the terms of the data processor contract, but only to the extent necessary to perform their services for us.

These data processors agree to implement reasonable contractual and technical protections, to keep your data confidential, not sell your personal data to third parties and to not disclose your personal data to third parties except as may be required by law, as permitted by us or as stated in this Privacy Policy.

In appropriate circumstances we may disclose data to authorised bodies as required by law.

Your Rights

By becoming a member of the CNWSRSS you are agreeing to the Society using the data you provide to advise members of events and activities organised by the Society on behalf of its members.

At any time, you may apply in writing or by email to the CNWSRSS General Secretary requesting:

  1. What information is held in your name - this information to be supplied within 40 days of the date of request being made
  2. That any part of the information held in your name be deleted or amended.

The Society will only hold your information for the duration of your membership (except in circumstances detailed in other areas of this Policy).

Contact details

Please contact the General Secretary above if you have any questions or concerns about personal data and privacy matters