Privacy Policy

Nottinghamshire Fungi Group Data Protection Notification


Background

In the UK, data protection law was covered under the Data Protection Act 1998 (DPA 1998). However, a new EU data protection law called the General Data Protection Regulation (GDPR) has applied since 25 May 2018. This new law was deemed necessary to take into account technology changes over the last 20 years and to harmonise data protection law across Europe.


The following information sets out how we use your personal data as a member of the Nottinghamshire Fungi Group (NFG) and what rights the GDPR gives you in respect of your data. Personal data broadly means information that identifies (or which could, with other information that we hold, identify) a living individual.


How we use information about you


We, the NFG, have been required to handle personal information in compliance with the General Data Protection Regulation (GDPR) since 25 May 2018.

The NFG control your personal information for the purposes of applicable data protection legislation. We will only use your personal details in order to carry out the day to day running of the group.

We will only collect and use your personal information where:
 there is a legal obligation for us to do so;
 it is for our legitimate interest as a group;
 you have given us consent to do so


What information do we collect?

The only personal information that we collect from you is:
 your name
 your address
 your telephone number
 your email address


Who the information may be shared with
With your consent
The only other organisation that we would share your details (your name only) with is the Fungus Conservation Trust (FCT), as the name of the collector and the recorder are added to the details of each specimen record that is uploaded to the CATE 2 database. This database can be accessed by other members of the FCT.


Please note that your name could also be included on a foray report that might be uploaded to the NFG website (again, this can be viewed by the general public.

As already stated, your name would only be used in any of the above scenarios with your consent.


Without your consent
 Regulatory authorities
 Legal entities in the event of a criminal investigation
 Insurance purposes if necessary

This is not an exhaustive list but please be aware that for the NFG to share your details, under any circumstances, we must comply with the GDPR.


Retention of Data
One of the key principles of the GDPR is that personal data that we store and process shall be adequate, relevant and limited to what is necessary for the purpose that it was originally collected. Our standard policy is for information or data to be kept for only as long as necessary. We envisage this to be a maximum of two years after a member has left the group but it must be recognised that this might be extended for reasons beyond our control. It will then be disposed of in a managed and secure way.


Your Rights
You have a number of rights under GDPR. These include the right to:
 see the information we hold about you
 request personal data to be amended if it is inaccurate or incomplete
 request the deletion or removal of personal data where there is no compelling reason for its continued use
 block or restrict the processing of your personal data; and
 object to the processing of your personal data
 receive your personal data that we hold in a structured, commonly used format


If you wish to exercise any of your rights or wish to raise any issues in relation to data protection then please email nottsfungigroup@yahoo.com with your request.