Effective date: 15 April 2019
The Sailing and Cruising Association is an LGBT+ sailing & power boating members club with the aim of encouraging members, family and friends to get afloat and participate in sailing activities organised by the Club. We want to reassure you that we take the collection, use and retention of your personal information seriously and are committed to protecting each member’s privacy and personal data.
This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our services and the choices you have associated with that data.
The Sailing and Cruising Association is registered as a Data Controller with the Information Commissioner’s Office. Our registration number is ZA198554.
When registering for membership or events, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). This may include, but is not limited to:
If you make a payment online or purchase a product from us, your card information is not held by our membership service. It is collected by our third party payment processor ‘Stripe Payments Europe’ who specialises in the secure online processing of credit/debit card transactions.
Use of Data
We may use this information provided in the following ways:
We will never sell or rent your information to other parties. We may give access to third party service providers to carry out specific services or disclose information where required to do so by law.
Third Party Service Providers
We may employ third party companies and individuals to facilitate our services, to provide services on our behalf, to perform Club-related services or to assist us in analysing how our services are used.
These third parties may have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may disclose your personal data in the belief that such action is necessary to:
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
We have implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction.
For any payments which we take from you online we will use a recognised online secure payment system.
We will notify you promptly in the event of any breach of your personal data which might expose you to serious risk.
Transfer of Data Outside of the European Union
As part of the membership services offered to you by the Club, your information, including personal data, may be transferred to countries outside the European Union.
We use third party providers to provide certain aspects of services for the Club. Wild Apricot Inc provide membership system services and Stripe Payments Europe process secure online payments services. Wild Apricot is based in Canada, and the Wild Apricot service is hosted on the Amazon Web Services cloud hosting and storage service. Your data will be held in these data centres which are located in the USA. Stripe Payments Europe is based in Ireland and transfers data to Stripe Inc in the USA. Amazon Web Services (as a subsidiary of Amazon Inc) and Stripe Inc are both registered under the EU-US Privacy Shield. The European Commission has ruled that companies based in Canada and those registered under the EU-US Privacy Shield have what they term ‘adequate protection’. This means that your data is safeguarded and treated to the same level as it would be in the EU.
We will hold your personal data on our systems for as long as you remain a member of the Club. Should your membership lapse, we will retain your details for no longer than twelve months before deleting it from our systems, as set out in our data retention policy. If you subsequently choose to re-join, you will be required to provide the information again.
The majority of the information held is available on your profile page. You can request a copy of the data we hold about you by contacting the Secretary.
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct communications from us about our events and services, then you can select your choices by ticking the relevant boxes situated under the ‘Email Subscriptions’ tab on your profile page. However, unsubscribing from this will mean that you do not receive monthly updates on club activities, and will not receive notice of the AGM nor AGM papers and proxy voting forms.
If you have unsubscribed from email and wish to receive these papers you must contact the Secretary each year during the month of February in order to receive an email copy of the AGM Notice and Papers.
Updating your information
The accuracy of your information is important to us. If you need to update any information we hold about you please make the changes on your profile page. If the information field is ‘admin-only’, please contact the Membership Secretary who will correct it for you.
Setting the privacy levels of your information
The default privacy setting allows other logged-in members to view your name, telephone number, email and town/city. You can change your privacy settings at any time using the ‘Privacy’ tab on your profile page.
On 25 May 2018, the GDPR comes into force. You have the following rights under the GDPR:
If you have any questions on your rights, please contact the Secretary.
You have the right to take any complaints about how we process your personal data to the Information Commissioner at https://ico.org.uk/concerns/ or 0303 123 1113.