We may collect personal data about you, including for example your name, any name that you may have had at school, the school you attended, your years at school, your home address and if you have supplied it to us your phone numbers and email address.

If we are running an event that you are personally attending, then we may collect more sensitive data such as dietary requirements or access needs if applicable.

Examples of the sources of data we collect about you:

• Membership application form
• Other application forms for events
• When you talk to us on the telephone, personally or communicate with us via social media or website
• In emails and letters
• When you use our website
• Cookies
• Payment and transactional data

GDPR law says that we can only use your personal information if we have a proper reason to do so. This includes sharing your data with third parties.

We may process your personal data for the following purposes, if relevant;

• Administer your membership with the Moseleians Association
• Responding to your enquiries
• Provide you with information about memorabilia we are offering as an association
• Notify you about changes to our terms and conditions
• Communicate with you about events, updates to your membership and other activities we are involved in as an alumni association and believe you would be interested in
• Tailor your experience on our website
• Communicate with you via social media
• Respond to complaints and seek to resolve them

We process this data on the basis of our legitimate interest to run the Moseleians Association in an efficient and proper way for the benefit of our members. This includes managing our financial position, planning, audit, communications and business capability. We also process your personal data where required to comply with laws and regulations that apply to us.

Data is stored on a secure server to prevent unauthorised access. No data held by the Moseleians Association will be supplied outside the European Economic Area (EEA) other than to companies that are signed up to the Privacy Shield. https://www.privacyshield.gov

There are various lengths of time that data is kept for depending on need and other laws that we adhere to. You have the right to be forgotten within our database as long as there isn't an over-riding legitimate need.

Unless we explain otherwise to you, we'll hold your personal information based on the following retention periods for personal data:

• Membership records - for as long as we have reasonable membership needs
• Events - for as long as we have reasonable membership needs
• When you place an order, we’ll keep the personal data you give us for as long as we have reasonable business needs so we can comply with our legal and contractual obligations.

We will treat your personal information as private and confidential, but may disclose it outside of the Moseleians Association if:

• You consent
• Needed by third parties to help manage your records (such as our IT suppliers who run our website).
• HM Revenue and Customs or other statutory authorities who require it
• The Law or the public interest permits and requires it
• Required by us or others to investigate or prevent crime

We sometimes share your personal data with trusted third parties. For example, payment handling and delivery couriers.

Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:

• We provide only the information they need to perform their specific services.
• They may only use your data for the exact purposes we specify in our contract with them.

Examples of the kind of third parties we work with are:

• IT companies who support our website and other business systems.
• PayPal for handling website payments
• Operational companies such as delivery couriers who deliver our Gazette magazine and memorabilia items purchased online.
• Direct marketing companies such as Mail Chimp who help us manage our electronic communications with you.

We do not share data with third parties for their own purposes.

You have the right to ask us to provide you with access to and rectification or erasure of your personal data. Providing you with this information is free of charge, but charges may apply for excessive requests. You have the right to ask us to provide you or a third party with the personal data you have provided to us in an electronic format.

You have the right to object to certain purposes for processing, in particular general information email messages.

If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Compliance Officer who will investigate the matter further.

If you wish to stop us from providing you with information via email then you can opt out at any time by ticking the appropriate unsubscribe box within an email or contacting our membership secretary directly.

Should you be unhappy with our processing of your personal data, you have a right to complain to the Information Commissioner's Office, which is the regulator for data protection.

Any changes we make to this policy in the future will be communicated to you via email, letter, The Moseleian Gazette or Moseleians Association website. The full notice (as it currently stands) is available on our website (www.moseleians.co.uk) as well as available on request by contacting the Membership Secretary or Data Compliance Officer.

In the event that we believe there is a serious breach to our systems or data we will inform the Information Commissioner's Office within 72 hours and will inform the affected members as soon as practically possible there afterwards.