British Astronomical Association
Supporting amateur astronomers since 1890

Secondary menu

Main menu

Home Forums General Discussion
Terms of use

GDPR - don't panic

4 posts / 0 new
Last post
meteorgw's picture
Offline
Last seen: 1 day 10 hours ago
Joined: 30/04/2014 - 12:10
GDPR - don't panic

At Lincoln Astronomical Society we recently received a lengthy document from the FAS with guidelines to follow regarding the new data protection regulations being implemented from 23 May. This is not as onerous as may appear at first sight and the document has been well thought out and gives good practical advice. However, research on the ICO website finds the following extract:

"We are a not-for-profit organisation - do I need to register?

You do not have to register if organisation was established for not-for-profit making purposes and does not make a profit or if your organisation makes a profit for its own purposes, as long as the profit is not used to enrich others. You must:

  • only process information necessary to establish or maintain membership or support; 
  • only process information necessary to provide or administer activities for people who are members of the organisation or have regular contact with it; 
  • only share the information with people and organisations necessary to carry out the organisation’s activities. Important - if individuals give you permission to share their information, this is OK (you can still answer ‘yes’); and
  • only keep the information while the individual is a member or supporter or as long as necessary for member/supporter administration"

I believe this means that the majority of astronomical societies will not need to register and therefore not fall under the new rules. If anyone knows otherwise I would be grateful if you could let us know. I am awaiting a reply from an email to the ICO.

callump's picture
Offline
Last seen: 11 hours 57 min ago
Joined: 03/01/2014 - 12:25
The law is the law

Hello Graham,

though probably most local societies will not need to register (and pay a fee to the ICO) it does not mean that you don't need to follow the regulations.  The regulations apply to all businesses and organisations that process personal data - whether electronic or on paper.

Registrations are just the way that the ICO is funded, and the exemptions for small clubs and the like are more or less the same as under the old law.

So I am afraid it is not a silver bullet.

Regards,
Callum

meteorgw's picture
Offline
Last seen: 1 day 10 hours ago
Joined: 30/04/2014 - 12:10
GDPR

Thanks Callum. I will update when the ICO reply to my enquiry.

garypoyner's picture
Offline
Last seen: 2 days 20 hours ago
Joined: 04/03/2014 - 15:40
GDPR

Indeed the guidelines have to be met, even for small groups like the Heart of England AS.  We have uploaded a privacy policy to our web page, and each member will be required to sign a new form of our own design regarding the data we keep on them, and to say that they have read and agree to the privacy policy.

We use CCTV cameras to cover the car park, and the data is kept on a PC.  Therefore we have to register and pay an annual sum to the ICO.  If you use CCTV and store the data, their is no escaping it.

Gary