Your personal data
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession.
The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
Who we are
The British Monarchist Society (and Foundation) is a membership-based organisation which seeks to bring people together through common interest with gatherings events and special benefits associated with membership. The Society possesses a strong advocation of education and works together with affiliates to further the teachings of the Crown in the Parliamentary Democracy in which we live.
By visiting this or any of our websites (also referred to as “sites”) you are accepting and consenting to the practices described in this policy.
The data controller is The Data Protection Officer assigned by the British Monarchist Society & Foundation of 223 Regent Street, 601 International House, Mayfair, Westminster, London, W1B 2QD. This means it decides how your personal data is processed and for what purposes.
How do we process your personal data
We comply with our obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for the following purposes:
- To enable us to provide a service for the benefit of the public as specified in our constitution;
- To administer membership records;
- To fundraise and promote the interests of the charity;
- To manage our employees and volunteers;
- To maintain our own accounts and records
- To inform you of news, events, activities and services running at British Monarchist Society & Foundation and our affiliates.
How long will you use my personal data for
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Details of retention periods for different aspects of your personal data are available in our retention policy and schedule that you can request a copy of by contacting us at firstname.lastname@example.org.
Information we may collect from you
We may collect and process the following data about you:
Information you give us
- You may give us information about you by filling in forms on our website or at any of our sites, purchasing tickets, membership or other products / services or by corresponding with us by telephone, email or otherwise.
- This includes information you provide when you subscribe to our newsletter, or place an order on one of our sites; when you report a problem with our site; or if you join one of our special public engagement programmes/activities/events.
- The information you may give us may include your name, email address, postal address and telephone number and financial and credit card information.
Information we collect about you on the British Monarchist Society & Foundation website
With regard to each of your visits to our site we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our offices.
Information we receive from other sources
- We may receive information about you if you use any of the other websites we operate or the other services we provide. There are certain third parties with whom we have to work closely (including, for example, business partners, professional advisers, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and we may receive information about you from them;
- If we are doing business with you or accepting a donation, we may have to conduct due diligence on you, for example where we are under a legal or regulatory requirement;
- We may combine information we receive from other sources with information you give to us and information we collect about you;
- We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
Uses made of the information
We use information held about you in the following ways:
Information you give to us:
- When using an online form:
- We ask for your details so we can respond in an appropriate way, for example when enquiring about a venue for hire or requesting materials.
- In accordance with your preferences, you may be contacted with relevant promotions, offers or information that you have expressed an interest in or that might be of interest to you. If you wish us to stop contacting you please email email@example.com.
- When signing up for e-mail updates:
- We ask for your details so we can add you to our email database and send you updates you’ve requested.
- This information will not be given to any third party, except to the extent and for the purpose we may be required to do so by any law, or where you have consented to it. If you wish us to stop contacting you please email firstname.lastname@example.org.
- When purchasing a ticket or other product online:
- We collect various personal details about you when you purchase tickets or other products and services (e.g. memberships, retail goods and image library content) online, including name, home address, billing address, telephone number, email etc.
- We use the information to process orders and to provide a more personalised service.
- Collecting these details allows our system to create a customer account for you in order that we can sell you such products and services.
- Having a record of your personal details also allows us to identify you if we need to contact you regarding your membership, event booking or other order, if you need to contact us to change your membership information, event booking or order, or to help identify you if collecting tickets for one of our events.
- We are also able to help if tickets or orders are lost by checking your personal details on the BMSF database.
- Additionally, our bank recommends that we take the billing address of people purchasing tickets to BMSF functions in advance as this can help to prevent fraudulent use of credit cards.
- The information we collect in this way will not be given to any third party, with the exemption of BMSF affiliates that provide direct services to our members through the membership card scheme: The Passport to Britannia. Your information will never be given to any other party that does not provide any direct benefit to our membership, unless to the extent and for the purpose we may be required to do so by any law.
- When filling in a form for or applying for memberships at one of our programmes or events:
- We ask for your details so we can fulfil your specific request in accordance with your preferences. This will be explained to you at the time and on the relevant form.
Information we collect about you:
We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer, or other device being used to access our site;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
Disclosure of your information
We may share personal information held about you in the following ways:
- Within the BMSF administration, for legitimate purposes only.
- We may share your information with selected third parties including:
- Suppliers, sub-contractors and business partners for the performance of any contract we enter into with you or them for the purposes of enhancing your membership experience.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
- We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If the BMSF or substantially all of its assets are acquired by a third party, in which case personal data held by it about its members will be one of the transferred assets.
Where we store your personal data
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of your personal data which we hold about you;
- The right to request that we correct any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for us to retain such data;
- The right to withdraw your consent to the processing at any time;
- The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller (known as the right to data portability);
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data;
- The right to lodge a complaint with the Information Commissioner’s Office.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Sensitive personal data -BMSF Employees
The Act defines ‘sensitive personal data’ as information about racial or ethnic origin, political opinions, religious beliefs or other similar beliefs, trade union membership, physical or mental health, sexual life, and criminal allegations, proceedings or convictions. In certain limited circumstances, we may legally collect and process sensitive personal data without requiring the explicit consent of an employee:
- We will process data about an employee’s health where it is necessary, for example, to record absence from work due to sickness, to pay statutory sick pay, to make appropriate referrals to the Occupational Health Service, and to make any necessary arrangements or adjustments to the workplace in the case of disability. This processing will not normally happen without the employee’s knowledge and, where necessary, consent.
- We will process data about, but not limited to, an employee’s racial and ethnic origin, their sexual orientation or their religious beliefs only where they have volunteered such data and only for the purpose of monitoring and upholding our equal opportunities policies and related provisions.
- Data about an employee’s criminal convictions will be held as necessary.
The cookies we use on our websites include:
- Session cookies, which are temporary cookies that remain in the cookie file of your browser until you leave the site; and
- Persistent cookies, which remain in the cookie file of your browser for much longer (though how long will depend on the lifetime of the specific cookie).
- Web analytics cookies:
We use Google Analytics) cookies on this website to collect information about how our visitors use and navigate this website so that we can continually work to add new features and improve your experience of it. The cookies collect information such as the number of visitors to the site, which pages they visited and whereabouts they came to the site from. This information is anonymous and cannot be used to identify you personally.
- Personalised advertising:
We use DoubleClick cookies to improve our advertising – for example, to improve reporting on advertising campaign performance, to avoid showing ads the user has already seen, or to enable us to display advertising that is more relevant to users. DoubleClick cookies contain no personally identifiable information.
- Third-party cookies:
During your visits to this website you may be delivered cookies by third-party websites. When you visit a page with content embedded from, for example, Facebook, Twitter, YouTube or Flickr, you may be presented with cookies from these websites.
- We have no control over the dissemination of these cookies.
You should check the third-party websites for more information about these.
- Technical cookies:
We use CFID and CFTOKEN on our ticketing pages to support the user session during the ticket purchase process.
How to manage cookies
You have the ability to accept or decline cookies by modifying the settings in your browser. However, you may not be able to use all the interactive features of our site if cookies are disabled. You may wish to visit www.aboutcookies.org which contains comprehensive information on how to modify the cookie settings on a wide variety of browsers. You will also find details on how to delete cookies from your computer as well as more general information about cookies. For information on how to do this on the browser of your mobile phone or tablet you will need to refer to your device manual. If you’d like to opt out of advertising cookies, please go to the Network Advertising Initiative website http://www.networkadvertising.org/ (opens in a new window – please note that we are not responsible for the content of external websites).