General Data Protection Regulations (GDPR) PRIVACY POLICY

The Royal British Legion Club (Wimborne) Limited respects your privacy, and we will only use your information in the way we describe in this policy. When using your information we aim to be fair, transparent, and to follow our obligations under UK data protection laws.  Your information is used for administering club membership and club activities.

The Clubs committee is the Data Controller for the purpose of both GPDR and the Data Protection Act 2018.  “The Controller determines the purposes and means of processing personal data and is responsible for, and must be able to demonstrate, compliance with the principles.”

The club secretary is data processors for the club. The processors are responsible for processing personal data on behalf of the Controller and are required to maintain records of personal data and processing activities.

Our contact for privacy and data is Julie Napier at the registered address of the club: The Royal British Legion Club (Wimborne) Limited, West Borough, Wimborne, Dorset BH21 1LT Email:

The club secretary is aware of the requirements and impacts of the “General Data Protection Regulations” and is familiar with the club’s policies. The committee must review the club’s data protection policy annually or as required and pass this on to all officers, committee and members of staff.

Information the club holds.
The club collects your information when you fill in paper forms, on line forms, membership applications, renewals, event entries etc. The club then holds your personal data in paper form and password protected IT systems.  All IT systems are secure and can only be accessed by authorised people who hold the necessary passwords. The club holds the following personal data of its current members, past members and non-member volunteers.

  • Name
  • Address
  • Date of birth
  • Telephone Numbers
  • Email addresses

Using your information.
The club uses your information to administer your club membership and provide you with member benefits.
We also use your information when you enter club events. We may publish some of your information in Newsletters, Club notice board, the Club Website and Facebook page which will be in the public domain.

When you give us information about another person, such as a child, parent, guardian, or emergency contact you should let that person know that you have given us the information.
To support your relationship with the Royal British Legion Club (Wimborne) Limited we may keep some of your personal data for up to five years.

Sharing your information
Personal data will not be shared or sold to any organisations or individuals.
Limited personal information (for example your name and town of residence) may be shared through publicity (for example a press information release prior to and/or following an event.

Your rights
Unless subject to an exemption [under the GDPR], you have the following rights with respect to your personal data: -

  • The right to request a copy of your personal data which the Club holds about you and a list of locations that data is held and shared with
  • The right to request that the Club corrects any personal data that is found to be inaccurate or out of date
  • You may ask us to stop using your information, and to delete it, although we only maintain a skeleton set of your information.  If you ask us to do this we will not be able to continue our contract with you
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing
  • The right to lodge a complaint with the Information Commissioners Office (

Subject access requests
All data and processing requests will be dealt with by the club secretary with a target to respond to any request within 30 days.

Lawful basis for processing personal data
The Royal British Legion Club (Wimborne) Limited considers “legitimate interests” [Article 6(1)(f)] as a lawful basis to process personal data. The Royal British Legion Club (Wimborne) Limited believes this basis is the most appropriate to enable the club to function and maintain its longstanding business model, keeping membership lists, sending newsletters, informing
members of club benefits, services, events, competitions, activities, by post, telephone and
email.  We have checked that the processing is necessary and that there is no less intrusive way to achieve the same result.  We are confident that the interests of individuals do not override those legitimate interests.  We only use individuals’ data in ways they would reasonably expect.

Data breaches
A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. Any data breaches will be investigated thoroughly, and once the breach details have been found the committee will decide what action to take.

This document was last updated on 5th September 2018


Print Print | Sitemap
© Wimborne Royal British Legion Webmaster