Preamble: These EU-wide regulations come into force from 25th May 2018. They constitute a significant increase in the privacy of the individual whose data it is, and to whom it belongs; and clarifies the responsibilities of the organisation to keep and use that information responsibly.
Data that the Society holds: We currently keep records, either electronically or on paper, of members’ names, postal and email addresses, and telephone numbers; payment of annual subscriptions (not including bank account sort codes and account numbers); and attendance of members and partners at Annual General and Scientific Meetings; These are required for the running of the Society, termed, legally, our ‘legitimate business’.The Society publishes, in the Proceedings and sometimes elsewhere, the papers presented at each Scientific Meeting. These will contain some identifying information about the authors, and sometimes of living individuals within the body of the paper. The Proceedings are a publication inthe public domain, appearing on our public website and are held in the British Library.The Society’s website may also contain personal identifying information and uses cookies to collect and report information on site activity .The Society’s archive contains agendas and minutes of previous Annual General Meetings and Council Meetings, earlier versions of the constitution and of membership lists, bank statements and accounts, and the Proceedings. There are also some documents and artefacts of historic interest.We may retain this information for only as long as it is necessary for the business of the Society.All personal information will be kept for:two years after a person ceases to be a member.Attendance at HAS Conferences will be kept for seven years (RCoA requirement for CPD recognition).All financial information will be held for eight years (HMRC requirement).Material in the archive may be held indefinitely.
Rights of members: To know what personal information we hold;To know what we will use it for, and what we will not use it for;To know for how long we will retain it;To see what information we hold about them;That they may correct it or delete it (though this may limit their access to the work of the Society).That it will not be used without their express consent to the uses notified;That they may withdraw consent at any time.
Responsibilities of the Society: Data must be kept securely.Personal data will be kept encrypted and password protected on computers protected by standard security software or drives not connected to the internet. In future, paper records not required for the Archive will be normally be scanned and shredded, (with the Hon. Secretary retaining paper copies of agendas and minutes of Annual General and Council Meetings).When data is shared between Officers and Council members, it will also be sent encrypted and password protected.Email correspondence to the membership will be sent as securely as current technology and the sensitivity of the information allows.The Society archive is kept securely physically.Any failure of security must be notified to the overseeing authority, the UK Information Commissioner’s Office, whatever the country of residence of the member.
Uses of Data: Member’s data to which you have consented that we may keep and use will be shared between the Officers of the Society and other Members of Council, who will use your data only for:The running of the Society;For communication with and between members;In the unlikely circumstance that we are legally obliged to declare it.We will not share your information with other organisations, though we may use it to communicate information from similar academic societies which we consider may have a shared interest in the aims of the Society.
Consent: Once this policy is amended or agreed at the 2018 AGM, you will be asked formally for your consent that the Society may retain and use retain your personal data during the course of your membership and for the aforementioned periods afterwards for :the running of the society’s business.communication from the Society on its activities and business.information from the Society of activities of other like-minded academic organisations which may be of interest.In the interim, the consent which you gave implicitly to the above under the 1995 Data Protection Directive is still relevant. It is also covered by the ‘legitimate interest’ clause in the GDPR.You will also be asked whether or not you agree that:Your name and town of residence may be published in the list of members from time to time in the hard copy publication of the Proceedings, and / or on the electronic version on the website.your email or postal address may be given to other individual members on request.
Special Circumstances: The Editor will confirm, in his notice to contributors, what personal identification will be included in each volume of the Proceedings, and where else it may be published. Submission of a paper will indicate consent.It is the responsibility of individual authors to obtain the consent from any living person of whom personal information is contained within the paper. In future, the Webmaster will ensure that he has permission from any individual whose personal information he wishes to place on the website. The Honorary Archivist will not release any personal information from the archive without the express consent of any individual involved.