Who we are
Our website address is: https://twmc.org.uk.
What personal data we collect and why we collect it
This site includes membership and event entry forms. As a club, we will need to hold some of your data as well as share some with other companies. This is done to allow us to function as a Club. A list of the companies that will be able to see your personal data are listed below:
- WordPress (This website)
- Google Analytics (Analytical data, number of page views etc.)
- PayPal (Payment)
- Royal Mail (Courier)
- Mail Chimp (Bulk emailing system. Only used if you have chosen to receive promotional material from us).
All of these companies in turn will also be regulated and adhere to the GDPR rules. Only relevant information is shared with these companies (e.g. all payments made through our website will be processed through PayPal). This company will have access to your card details in order to process your payment, but will not have access to other irrelevant data, such as occupation).
Cookies are small pieces of information that websites transfer to your computer hard drive and we use to enable our website to provide features such as automatic login, personalized greetings and storage of items in your Shopping Basket. Cookies can be turned off in your browser or you can be notified when you receive a cookie so you choose whether to accept it. The Help menu of your browser should contain information on how to do this. However, changing these settings may mean that you will not be able to take advantage of some of the advanced features on the site. If you do wish to remove cookies after a visit to the site, perhaps because you are using a shared computer, you can clear the cookies by clicking on the sign out link.
How long we retain your data
For users that register for membership or to enter an event your details are automatically deleted from the website after 14 months.
What rights you have over your data
You may obtain details of the personal information we hold on you. Also included in the GDPR you as a customer have a “Right to be forgotten”. This means that you will be able to make a request to us for your personal data to be erased. Please make your request via email to firstname.lastname@example.org.
Where we send your data
We do not store your financial details (credit or debit card numbers).
We take the protection of all of your personal data very seriously and have protocols in place to protect it from accidental and malicious leaking.
In the unlikely event that there is a breach of these protocols and we suspect that your personal data may have been compromised, we will inform you as soon as feasibly possible in order to allow you to take any necessary precautions.
This notification will include the following:
- The nature of the personal data breach
- Recommendations for you to mitigate potential adverse effects.
Under the new GDPR rules, we are now obligated to inform the Information Commissioners Office (ICO) of any data breaches with 72 hours of us becoming aware of it (wherever feasible). This is a new piece of legislation that was not previously required under the Data Protection Act (1998).