Menu
header photo

National Pigeon Association

FOR ALL LOST PIGEON PLEASE PHONE JOHN HARRISON ON 07873 319958

GDPR COMPLIANCE STATEMENT

The NPA take your privacy very seriously and do all we can to keep your data safe. The introduction of GDPR comes into affect on 25/05/18

 

We are committed to compliance and all information we collect and store will be accordance to GDPR.


National Pigeon Association of Great Britain

PRIVACY NOTICE

The National Pigeon Association takes privacy very seriously. This notice explains how we use the personal information you provide to us for the purpose of facilitating your enquiry and membership, including how we share it with third parties.

How we collect information 

To comply with the law personal information must be collected and used fairly, stored safely and not disclosed unlawfully. 

We collect information from any application for membership, ring transfer or magazine subscription, from the completion of our online forms, messenger services or emails you send and any who advertise in our publication Fancy Pigeon World

We may obtain records of site statistics about your use of our website or Facebook page but this format does not identify any individual.

We do not use cookies.

How we use your personal information.

We will not us your personal information for marketing purposes.

We will only use your personal information for the following purposes:

  • To administer and manage our relationship with you, including-
  • To set up and maintain your Membership and Ring register facility.
  • To provide you with any relevant information appertaining to your membership, ring sales and transfers, lost bird repatriation and any other required for the running of the association.
  • To provide you with details of our products, services and promotions.
  • To notify you of changes to what we do.
  • For the purpose of recovery of a debt in case of non-payment.
  • To comply with applicable laws, rules and regulations.

In connection with these purposes, we may share your personal information with third parties that perform services on the Associations behalf, including printing, and fraud sharing organizations.

We may also disclose your personal information to third parties in other circumstances, in particular:

  • To provide show and breed club secretaries within the association for the purpose of circulating show schedules     
  • If we are under a duty to disclose or share your personal information to comply with any legal obligation, or to enforce or apply our rules, and other agreements.
  • To protect the rights and property of The National Pigeon Association and its members.
  • In response to a request from a governmental authority [including a regulator].

We will, were possible, endeavour to ensure those third parties have robust GDPR privacy policy in place.

We will never sell your personal data

Keeping in touch with you

From time to time we would also like to keep in touch with you, to provide details about the association’s activities. If you do not want to be contacted in this way, please contact us at secretary@nationalpigeonassociation.org and we will facilitate your request.

How we hold your data

Your data is stored electronically and in paper form within the EEU. Computers are password protected and data encrypted.

All data supplied in paper form is securely stored at the secretary’s premises.

When required Data will be deleted and/or destroyed securely.     

Your rights in relation to your personal information

You have various rights under data protection law regarding the processing of your personal information, including rights to:

  • Request access to personal information we hold about you and details of our processing of your personal information.
  • Request us to correct inaccurate personal information.
  • Request us to delete personal information in certain circumstances.
  • Receive your personal information in a format suitable for transmission to a third party.
  • Object to the processing of your personal information for direct marketing.
  • Object to any decision about you based solely on automated processing (including any profiling) that produces legal effects or otherwise significantly affects you.
  • Lodge a complaint with the UK Information Commissioners Office.

You can make a request to us in relation to these right at any time by contacting us at secretary@nationalpigeonassociation.org any information to which you are entitled will be provided within a reasonable timeframe, subject to exemptions stipulated in applicable data protection laws.

How long do we retain your personal information?

In the event of your membership lapsing we will keep your information for as long as we have rings registered to you name, up to a maximum of 10 years following the expiry of membership to enable lost birds to be re-patronized, any ring transfers dealt with in accordance to association rules.

How to contact us

If you have any queries about how we use your personal information you can contact us at any time via email at secretary@nationalpigeonassociation.org or by post to our secretary

The National Pigeon Association, P O Box 337, Abergele, LL18 9HN.

 Adopted  25 May 2018


National Pigeon Association of Great Britain

DATA PROTECTION POLICY

Operational from 25/05/18

Review Date 25/05/19

The National Pigeon Association of Great Britain (NPA) needs to gather and use certain information about individuals.

These include members, customers, suppliers, clubs, business contacts, employees and other people the Association has a relationship with or may need to contact.

This policy, in conjunction with the Associations Privacy Notice, outlines how this personal data must be collected, handled and stored to meet the company’s data protection standards and to comply with the law.

This data protection policy ensures that The National Pigeon Association

  • Complies with data protection law and follows good practice
  • Protects the rights of its members, secretaries, committee, officials, customers and other people the Association has a relationship with.
  • Is open about how it stores and processes individuals data
  • Protects itself from the risks of a data breach

The General Data Protection Regulations [GDPR] supersede previous Data Protection law in governing how organizations, including the NPA, must collect, handle and store personal information.  These rules apply regardless of whether data is stored electronically, on paper or on other materials.

How we collect information 

To comply with the law personal information must be collected and used fairly, stored safely and not disclosed unlawfully. 

We collect information from any application of membership, ring transfer or magazine subscription, from the completion of our online forms, messenger services or emails you send and any who advertise in our publication Fancy Pigeon World,

We may obtain records of site statistics about your use of our website or Facebook page but this format does not identify any individual.

We do not use cookies.

Information gathered must:

  • Be processed fairly and lawfully
  • Be obtained only for specific, lawful purposes
  • Be adequate, relevant and not excessive
  • Be accurate and kept up to date
  • Not be held for any longer than deemed necessary by current legislation
  • Processed in accordance with the rights of data subjects
  • Be protected in appropriate ways
  • Not be transferred outside the European Economic Area [EEA], unless that country or territory also ensures an adequate level of protection

This policy applies to:

  • All secretaries, elected officials and members of the NPA
  • All contractors, suppliers and other people working on behalf of the NPA

This policy applies to all data that the Association holds relating to identifiable individuals, including, but not exhaustively:

  • Name
  • Postal address
  • Telephone numbers
  • Email addresses
  • DoB [Juniors only]
  • Bank details

The policy helps to protect the NPA from data security risks, including but not exhaustively:

  • Breaches of confidentiality if information is given out inappropriately
  • Failing to offer choice, all individuals should be free to choose how the company uses data relating to them
  • Reputational damage if the Association suffers a serious security breach that requires reporting to the ICO

Everyone that works for or with the NPA has some responsibility for ensuring data is collected, stored and handled appropriately.  All individuals with access to personal data must ensure that it is handled and processed in line with this policy and data protection principles.

The following people have key areas of responsibility:

  • The National Committee is ultimately responsible for ensuring that the NPA meets its legal obligations
  • The General Secretary/Ring Secretary are responsible for

1) Keeping National Committee updated about data protection responsibilities

2) Reviewing all data protection procedures and related policies, in line with an   agreed schedule

3) Arranging data protection training and advice for the people covered by this policy

4) Handling data protection questions from members and anyone else covered by this policy

5) Dealing with requests from individuals to see the data the NPA holds about them

6) Checking and approving any contracts or agreements with third parties that may handle the Association’s sensitive data

7) Ensuring that the Association systems, services and equipment used for storing data meet acceptable security standards including performing regular checks and scans to ensure security hardware and software is functioning properly

GENERAL GUIDELINES

  • The only people able to access data covered by this policy are those who need it for their work
  • Data should not be shared informally.  When access to confidential information is required members/committee can request it from the General Secretary .
  • The NPA will provide training to all committee/secretaries and volunteers to help them understand their responsibilities when handling data
  • Committee, secretaries and volunteers should keep all data secure by taking sensible precautions and following the guidelines within this policy
  • Strong passwords must be used and they should never be shared
  • Personal data should not be disclosed to unauthorized people, either within the Association or externally
  • Secretaries/Committee should ensure the screens of their computers are locked when left unattended
  • Data must be encrypted before being transferred electronically, including by email
  • Personal data must never be transferred outside the EEA
  • Committee, secretaries and volunteers should not save copies of personal data to their own computers under any circumstances
  • Data should be regularly reviewed and updated if it is found to be out of date.  If no longer required it should be deleted or securely disposed of in line with the Disposal of Data Policy.
  • Members, subcontractors, volunteers should request help from the General Secretary  or National Committee if they are unsure of any aspect of data protection

DATA STORAGE – PAPER DOCUMENTS

  • When not required paper documents and files should be kept in a locked drawer or filing cabinet
  • Employees should make sure paper documents and printouts are not left where unauthorized people can see them.  Data printouts should be shredded and disposed of securely when no longer required

DATA STORAGE – ELECTRONIC DOCUMENTS

  • Data should be protected by strong passwords that are changed regularly and never shared between employees
  • Data stored on removable media [CD/DVD/USB Stick] should be kept locked away securely when not in use
  • Data should only be stored on designated drives and servers and should only be uploaded to an approved cloud computing service
  • Data should be backed up frequently and back-ups should be tested regularly in line with the Associations standard back-up procedure
  • All servers and computers containing data should be protected by approved security software and firewall

DISPOSAL OF DATA

Data will be securely disposed of in line with the following guidance:

  • Data will be checked annually for age and relevance
  • Data relating to HMRC regulations will be kept for the mandatory 7-years
  • Data relating to product warranties and guarantees will be kept for the relevant period of time to facilitate said warranties and guarantees
  • Data will be disposed of immediately and without prejudice if a data deletion request is received except in relation to current HMRC regulations
  • Members, Secretaries and volunteers personal data will be held for the duration of employment and for a period of 6-years following the end of employment in line with HMRC current regulations

The NPA aims to ensure that individuals are aware that their data is being processed and that they understand:

  • How the data is being used

  • How to exercise their rights

  • To facilitate this the Association has published a Privacy Notice that is available on the NPA website.  The notice applies to members of the public in their dealings with the NPA as well as employees of the Association.

    This policy maybe updated as required and will be published on our website