What personal data does the Society of Indexers collect?
The data we routinely collect include names, addresses, telephone numbers and email addresses. We collect this data directly from members when they join, and from non-members purchasing products or booking events. We maintain a database (name and email addresses only) of organisations that may be interested in receiving information about indexing.
We also keep information relating to disciplinary matters and sanctions.
What is this personal data used for?
We use members’ data for membership and training course administration and the communication of information about SI events and activities. We use non-members’ data for the fulfilment of orders for items purchased or events booked, and for communicating information about indexing and the Society.
Who is your data shared with?
We do not pass any personal data on to any other organisations, apart from data necessary for the fulfilment of printed and online subscriptions to The Indexer and for access to the online training course. Data is transmitted in encrypted form. Personal information in the online Directory of Professional Indexers is publicly visible in order that members may be contacted by potential clients, but does not include postal addresses.
Where does the data come from?
Members’ data comes from them when they join the Society or when they update their profile information, either directly via their profile page on the Society’s website (accessed via >Account>Edit profile) or by contacting the SI office. Members with an entry in the online Directory of Professional Indexers may include additional data.
Data is also collected from non-members who purchase products, subscribe to The Indexer, or book events via the website. Data on individuals or companies that may be interested in indexing is obtained from publicly available sources and personal contact.
How is the data stored?
Information is mainly stored in digital form on the office computer and on the servers of Amity Web Solutions, on which the Society’s website is maintained. Online cloud back-up of encrypted data on the office computer is through Mozy International.
All information is stored in compliance with the General Data Protection Regulation (GDPR).
A limited amount of hardcopy information is stored in locked filing cabinets in the Society’s office at the Woodbourn Business Centre, 10 Jessell Street, Sheffield S9 3HY.
Who is responsible for ensuring compliance with the relevant laws and regulations?
Under the GDPR we do not have a statutory requirement to have a Data Protection Officer. The Membership Director, Secretary and Office Manager are responsible for ensuring that the Society of Indexers discharges its obligations under the GDPR. The Society is registered with the Information Commissioner’s Office as a data controller.
Who has access to personal data?
The Office Manager and a limited number of designated committee members with specific responsibilities have access to members’ data in order for them to carry out their legitimate tasks for the Society.
What is the legal basis for collecting the data?
The Society of Indexers collects personal data that is necessary for the purposes of its legitimate and contractual interests as a membership organisation and supplier of publications and services.
We maintain records related to directors to comply with Company Law.
For some data, such as that relating to financial matters, the basis for its collection and retention is to comply with our legal obligations.
Similarly, personnel data is kept in compliance with our legal obligations.
How you can check what data we have about you?
Membership records are available for members to review or update by logging in to the Society’s website via >Account>Edit Profile. Anyone unable to do this or requiring help should contact the office . Other individuals may contact the office to check what data we hold about them.
You can contact the office if you want to ask us to provide you with any other information we hold about you. We are required to provide this to you within one month.
There is not usually a fee for this, though we can charge a reasonable fee based on the administrative cost of providing the information if a request is manifestly unfounded or excessive, or for requests for further copies of the same information.
Does the Society of Indexers collect any ‘special’ data?
The GDPR refers to sensitive personal data as ‘special categories of personal data’. The only data of this kind that we collect relates to mobility and dietary issues at specific events in order that we can fulfil any special requirements.
How can you ask for data to be removed, limited or corrected?
Anyone entitled to have an entry in the Directory of Professional Indexers may choose not to appear in it. This option can be implemented by logging into your profile on the Society’s website via >Account>Profile. Similarly, if any information in your profile is incorrect you may correct it yourself or contact the office.
How long do we keep your data for, and why?
We normally keep members’ data after they resign or their membership lapses in case they later wish to re-join. However, we will delete any former member’s contact details entirely on request.
Underlying statistical data, such as training course pass rates, continue to be necessary in relation to the purpose for which they were originally collected and processed, but any such data are anonymised in any published statistics.
Historical lists of prizes and awards are required for archiving purposes and names cannot be removed from them. Such lists include personal names only.
Data relating to accounting or personnel matters are kept for the legally required period.
What happens if a member dies?
We normally keep members’ information after they die. If requested by their next-of-kin to delete such information we will do so on the same basis as when requested to remove data by a former member.