1 May 2018
Provisional Data protection statement for the Cambridge Society of Belgium
Data protection statement
This statement explains how the Cambridge Society of Belgium (“we” and “our”) handles and uses the personal data we collect about our members and our past, current and future supporters (“you” and “your”). Developing a better understanding of our members and supporters allows us to keep in touch with you, in order to keep you apprised of our activities and developments, to provide services to you, and to identify ways in which you can support us, inter alia, through donations or other forms of financial and non-financial support.
We are committed to protecting your personal information and being transparent about what information we hold.
Personal data that we hold
We may hold information relating to you from a number of sources. A significant proportion of the information we hold is that which you provide to us (for example, you may give us information by filling in forms on our website, or by corresponding with us by telephone, email or otherwise).
Most records contain:
- details of your education (e.g. your University, your College, the courses you have completed, dates of study)
- unique personal identifiers and biographical information (e.g. date of birth, professional occupation)
- your contact details (and we update these whenever you let us know that they have changed)
- details of your interactions with us, including:
- your membership and achievements with us
- your attendance at our events
- other contact with us or our partners (as listed below)
- details of benefits and services provided to you
- your relationships with other members or supporters
- details about your family (e.g. your marital status, the name of your partner or spouse)
- personal data provided by you for a specific purpose (e.g. disability and dietary preferences for event management purposes)
- your communication preferences, to help us provide tailored and relevant communications
- a history of your financial contributions made to us
We also record, where applicable, based on information which you provide to us and, in some cases, publicly available information (as listed below):
- your history of donations made to us
How we use your data
Your data is used by us for a number of interdependent purposes in support of alumni relations, supporter communications and fundraising. These include:
- inviting you to our events
- internal record keeping, including the management of any feedback or complaints
- administrative purposes (e.g. in order to administer an event you have registered for or attended or to process a donation you have made or)
- providing services
- sending you tailored proposals, appeals and requests for donations
Before seeking or accepting major donations we are required to conduct due diligence, including reviewing publicly available personal data relating to the donor’s criminal convictions and offences.
Communications to you may be sent by post, telephone or electronic means (principally by email), depending on the contact details we hold, the consent that you have provided, and the preferences expressed by you about the types of communications you wish to receive.
If you have concerns or queries about any of these purposes, or how we communicate with you, please contact us using the details listed below.
We may use automated or manual analyses to link data together to help us identify your potential for supporting us, to provide you with an improved experience, to send you communications which are relevant and timely, to identify volunteering opportunities or opportunities for providing support which may be of interest to you, and to avoid approaching you with opportunities which are not of interest. All of this enables us to raise more funds, sooner, and more cost-effectively, in support of our strategic objectives. We always seek to ensure that any opportunities we present are aligned with your interests, based on the research we conduct.
We will always respect a request by you to stop processing your personal data, and in addition your statutory rights are set out below.
When we share your data with others
We may share the above categories of data with the University and the Colleges to provide you with a coordinated approach. Any transmission of data to or from the University and Colleges is managed through agreed processes which comply with relevant data protection legislation. The University and each College has its own data protection statement and procedures.
How we protect your data
We ensure we have appropriate data sharing arrangements in place before sharing your personal data.
We do not sell your personal data to third parties under any circumstances.
We also facilitate communication between individual members, but in doing so we do not release personal contact details without prior permission.
Any transfers of your data overseas (outside of the European Economic Area), as set out above, are protected either by an ‘adequacy decision’ by the European Commission (declaring the recipient country as a ‘safe’ territory for personal data) or by standard contractual clauses adopted by the European Commission (which give obligations for the recipient to safeguard the data). Further information about the measures we use to protect data when being transferred internationally is available from us (via the contact details are set out below).
Your rights
You have the right to:
- ask us for access to, or rectification or erasure of your data
- restrict processing (pending correction or deletion)
- object to communications or direct marketing
- ask for the transfer of your data electronically to a third party (data portability)
You have the right to lodge a complaint with the Society
Further information
The legal basis for processing your personal data for the interdependent purposes set out above is that it is necessary for the pursuit of our legitimate interests. We always handle your personal data securely and minimise its use, and there is no overriding prejudice to you by using your personal information for these purposes. In addition, there is no statutory or contractual requirement for you to provide us with any personal data.
The controller for your personal data is the and we can be contacted at [email or postal address].
Please contact us if you have any concerns or questions about the above information or you wish to ask us not to process your personal data for particular purposes. Where you have specific requests relating to how we manage your data, we will endeavour to resolve these, but please note that there may be circumstances where we cannot comply with specific requests.
We will retain your data for a period of 5 years or until you request us to do otherwise. We will publish any changes we make to this data protection statement and notify you by other communication channels where appropriate.
Where you exercise your right to erasure, we will continue to maintain a core set of personal data (name, membership details, unique identification number and date of birth) to ensure we do not contact you inadvertently in future. We may also need to retain some financial records about you for statutory purposes (e.g. Gift Aid, anti-fraud and accounting matters).