The Business Forum Mid Devon (the Forum) is committed to safeguarding the privacy of our members and website users and to maintain compliance with the:
General Data Protection Regulation (GDPR) – 2018
The Data Protection Act (DPA) – 1998
Privacy & Electronic Communications Regulations – 2003
We recognise that the GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.
Forum Purpose: To act as the voice of the business sector in Mid Devon
Encourage local businesses to expand and new businesses to open in Mid Devon, thereby creating additional employment opportunities
Enable local businesses to get to know one-another and help one another by working and trading together
The Forum recognise the principles of data collection and retention in that records are maintained:
- Lawfully, fairly and transparently
- Personal Data is only collected for the specified, explicit and legitimate purpose of membership information and communications
- Information is only collected that is necessary for the purpose of identification of members and for sending communications regarding events
- We will ensure that any data collected and collated is accurate
- Membership details will be stored for duration of membership and deleted from system 6 months post membership (to allow for late applications)
- On a password protected data base with restricted access
Information Commissioners Office
3rd Party suppliers
Forum Lawful Base: Consent
We accept requests for membership on an electronic application form which details that information on events and newsletters will be sent. A clear and unequivocal consent to receiving such information from the potential member is obtained on the membership application.
To allow the Forum to function as an membership organisation in the Mid Devon area we manage a website and maintain a secure data base of members.
Automated membership data is collected and collated through a secure db managed by Roundash. Paper records are created for signing-in attendees at events, subsequently uploaded into the Forum electronic booking system, and the paper copy destroyed.
On the membership application we ask for: Name, Company name, contact details. The form is in pdf format which can be downloaded. This pdf contains a field for consent to receiving email communications. Renewal forms will carry the same opt-in
After someone has filled out an electronic or paper based form, they are sent an email asking them to complete the opt-in process. Using a reCAPTCHA form, we can capture the details of their opt-in statement. This way we can see:
- The date
- IP address
- Consent statement
This way we have a provable account of what each contact has given consent to saved in our system.
On annual membership renewal, each member will be asked for a declaration of consent to continue to receive communications.
We will always include an opt-out option in any communications with current members.
Registration for events are taken on line. A field on the registration form provides a choice for the attendee to have their name included on the attendee list which will be distributed on the evening.
Name Badges: Provided at the event and collected at the end. In the event of an Attendee not wishing to be included in the attendee list, we will adhere to their wishes and their badge will not be in plain sight.
A sign in sheet will be issued – signatures are collected to evidence attendance and for H & S purposes. Post event the attendees will be recorded on the Data base and paper records will be destroyed.
Forum Speakers: An agreement giving consent to inclusion on attendee list and details on the event promotion
Our marketing takes the form of traditional and social media methods to attract new members and to invite members to bi-monthly meetings.
Traditional marketing is conducted through:
- Trade Shows
- Press releases
Social Media marketing is conducted through:
Marketing Communications are channelled through:
- Mail Chimp email service
Email communications will always carry an automated opt out clause plus a prompt to remind members that they can exercise this option at the bottom of the Mail Chimp communication.
Emails using normal email software will not be sent to multiple addressees either in the address box or through carbon copies (CC’s)