We respect your privacy and will not sell your personal data to any third party.
The Ramblers will use your details to tell you about our activities and mail you in accordance with your chosen mailing preferences, to administer your membership and to conduct analysis.
DPA Policy
The Head of ICT & Web services at Central Office is the Data Controller as defined by the Data Protection Act for the Ramblers as a whole.
Area / Group Membership Secretaries are the Data Controllers at Area and Group levels.
Area / Group Membership Secretaries are responsible ensuring any personal data is processed in accordance with the principles of the Data Protection Act.
For guidance on data protection Ramblers Volunteers should refer to Governance fact sheet G008.
Please also see the guidelines provided by the Information Commissioner's Office
Data Protection Act legislation requires organisations to take care over the personal information that they hold on individuals and to use it only for relevant communication.
Ramblers central office maintains a central database of information about members. This information is updated daily. All members who wish to notify the Ramblers of a change in their contact details are asked to do so directly through central office via forms at http://www.ramblers.org.uk/membership/
Individual Areas and Groups receive updates about members every month. On receipt of any updated information, Areas and Groups should discard previous records and replace them with the new information where appropriate.
There are some cases where Areas and Groups wish to store information about their members that is not recorded on the central database. In all such cases great care must be taken to secure and maintain any personal data held.
Typical examples may include a list of email addresses stored in Outlook, a list of members who do not wish to be contacted by email, a list of enquirers and other prospective members.
It is important that appropriate data retention periods are defined and adhered to.
Areas or Groups must never pass on information about members to other individuals or organisations without explicit consent being obtained.
Examples of this may include: a local charity wishing to get in touch with our members in the hope that it may recruit individuals for a sponsored walk or other event. It may also be a local business such as an outdoor shop looking to send advertising information out.
Under no circumstances should Areas or Groups pass on any personal data relating to members or prospective members to third parties without consent being obtained.
The Ramblers Data Protection policy
1 Purpose and scope of this policy
The Ramblers committed to protecting the rights and privacy of individuals in accordance with the Data Protection Act 1998, (DPA).
To fulfill its purpose and to meet its legal obligations to others The Ramblers needs to process personal data about its staff, members, volunteers, supporters and other individuals.
The Ramblers will actively seek to ensure that it processes such information according to the principles set out in the DPA.
To ensure that all staff, volunteers and others who process personal data on behalf of The Ramblers are doing so in accordance with these principles at all times The Ramblers has developed this policy in con-junction with a series of DPA guidelines and training materials.
2 Role of The Ramblers
The Ramblers is the data controller under the DPA and is ultimately responsible for implementation of the DPA.
The Ramblers has appointed a Data Protection Officer, who provides The Ramblers primary contact to the Information Commissioner. Responsibilities of the Data Protection Officer include:
a.) Ensuring the provision of appropriate DPA advisory, training and awareness services.
b.) DPA subject access data request handling
c.) Keeping the Senior Management Team (SMT) and CEO aware of relevant DPA issues.
3 Governance
This policy is one of several information management policies which support The Rambler’s strategic plan. It will be reviewed with other information compliance policies and guidelines on a rolling 3-year review cycle.
Divisional Directors and Team Leaders are responsible for ensuring that this policy is observed. If anyone considers that the policy has not been followed, they should raise the matter with the Data Protection Officer.
4 Rights of staff, members, volunteers and third parties
4.1 Rights to access personal data
All data subjects have the right to access the information held about them to ensure that it is correct and fairly held.
All requests to access personal data will be handled according to the DPA as detailed in The Ramblers Data Protection Subject Access policy.
4.2 Opt out rights
Explicit consent is not always required when processing personal data, for example, when processing for normal business purposes or when the data is already in the public domain.
However in such circumstances any person wishing to keep their details confidential should contact The Rambler’s Data Protection Officer in writing.
5 Responsibilities of staff, volunteers and third parties
5.1 Processing data on behalf of The Ramblers
Anyone processing personal data on behalf of The Ramblers is responsible for ensuring that the Data Protection Principles are observed.
More advice on compliance with DPA principles are provided in the guidelines described above. Detailed guidance is also available from the Office of the Information Commissioner and The Ramblers’s Data Protection Officer.
5.2 Staff and Volunteers
Staff and Volunteers who, as part of their responsibilities, process personal information about other people e.g. Members’ address details - must comply with this policy and the associated guidelines.
Staff who supervise volunteers who will be processing data as part of their activities should inform The Ramblers’s Data Protection Officer to ensure that the activity is covered by The Ramblers's registration with the Information Commissioner.
5.3 Third parties working for and on behalf of The Ramblers
Third parties, who handle personal data in connection with The Ramblers must comply with the DPA and details of any such processing should be subject to written agreements between The Ramblers and the third party. Such third parties include Mailing houses, Suppliers and Customers.
5.4 Third parties providing data to The Ramblers
Third parties providing data to The Ramblers must comply with the DPA - especially with regard to accuracy and the right to disclose any personal data.
6. Website privacy policy
see http://www.ramblers.org.uk/privacy.htm
Useful links:
Data Protection Guide - covers issues including choice, consent, transparency, security and public law. It should help public bodies, in particular, to understand the data protection standards that we expect those involved in information sharing to meet.
Information commissioners website http://www.ico.gov.uk/ and FAQs – for organisations -
The main principals of the Data Protection Act.
If you have any questions regarding the information on this page or wish to contact the Data Protection Officer please use the web feedback form below.
