Oread Mountaineering Club is committed to protecting and respecting your privacy.
Reference to we, our, us or the club in this policy are to the Oread Mountaineering Club.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we treat it.
Our Website
Our website is set up to provide members and the public with relevant information about the club.
Our website address is: https://oread.co.uk.
What personal data we collect and why we collect it:
- COMMENTS
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
- MEDIA
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
- COOKIES
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
- EMBEDDED CONTENT FROM OTHER SITES
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Information we may collect from members and why
Type of information | Purpose | Lawful basis |
Member’s name, address, telephone numbers, e-mail address(es). | Managing the member’s membership of the club. Creating and managing the club’s Membership Directory To allow the club’s newsletter and other club notices to be sent to the member. Passing to the British Mountaineering Council (BMC) for BMC club membership and the benefits thereof | To enable us to properly manage and administer your membership. Consent. We will seek member’s consent on their membership application form and each membership renewal form. The member may withdraw their consent at any time to tell us that they no longer wish their details to appear in the Membership Directory. Legitimate interest of running the club. Keeping members informed. Legitimate interests of the Club as we are affiliated to the BMC. |
Emergency contact details | Contacting next of kin in the event of an emergency | Protecting the member’s vital interests and those of their dependents |
Date of birth / age related information | Managing membership categories which are age related | For purposes of our legitimate interests in running the club |
Photographs and videos of members taking part in club activities | Putting on the club’s website and social media pages and use in club publications | Legitimate interest of running and promoting the club. |
How we protect members personal data
The data is stored in a secure file sharing facility. The information can be accessed by Committee members for internal record keeping and management of the services we provide to you.
The Membership Directory is supplied to full members of the club with instructions as to how the data can be used.
Who else has access to members personal data
We will never sell members personal data.
The information supplied to the BMC to enable club members to enjoy the benefits of BMC membership is subject to the BMC’s Privacy Policy which can be accessed here:- https://www.thebmc.co.uk/privacy
We may pass your personal data to third parties who are service providers, agents and subcontractors to us for the purposes of completing tasks and providing services to you on our behalf (e.g. to print newsletters and send you mailings). However, we disclose only the personal data that is necessary for the third party to deliver the service and we have a contract in place that requires them to keep your information secure and not use it for their own purposes.
How long do we keep members information
We will hold your personal data on our systems for as long as you are a member of the Club and for as long afterwards as is necessary for us to comply with our legal obligations. We will review your personal data every year to establish whether we are still entitled to process it. If we decide that we are not entitled to do so, we will stop processing your personal data except that we will retain your personal data in an archived form in order to be able to comply with future legal obligations and for contacting past members with information regarding club celebratory events, such as anniversary gatherings.
Your rights
You have rights under GDPR:
- To access your personal data
- To be provided with information about how your personal data is processed
- To have your data corrected
- To have your personal data erased in certain circumstances
- To object to or restrict how your personal data is processed
Changes to our Privacy Policy
We reserve the right to amend this Privacy Policy from time to time without prior notice. You are advised check the website for the current version.
This Policy was approved and adopted by the Committee on 08/06/2021