1. Introduction

The British Falconers’ Club (referred to as “the Club”, “we”, “us”, or “our”) is committed to protecting the privacy and security of our members’ personal data in compliance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. This policy outlines how we store, process, and safeguard personal data collected through our website, built using WordPress and MemberPress.

2. Data We Collect

As part of our membership services, we collect and process the following types of personal data:

• Identification Information: Name, address, email address, phone number, date of birth.
• Membership Information: Club membership status, start date, payment history.
• Payment Information: Transaction details for membership fees, but not full payment card details (processed via third-party payment gateways).
• Communication Data: Emails, inquiries, and communications with the Club.
• Website Usage Data: Information on how members interact with our website, including IP addresses and cookies, which are collected through WordPress.

3. Purpose of Data Processing

We collect personal data for the following purposes:

• Membership Management: Managing and administering membership accounts through MemberPress.
• Communication: Sending important updates, newsletters, event details, and other Club-related communications.
• Payment Processing: Handling membership payments through secure payment gateways.
• Website Functionality: Ensuring the smooth operation of our website and providing an optimized user experience.

4. Lawful Basis for Processing

We process personal data based on one or more of the following legal grounds:

• Consent: Where you have given clear consent for us to process your personal data.
• Contractual Necessity: Processing is necessary for the performance of your membership agreement.
• Legitimate Interests: Processing is necessary for the legitimate interests of the Club, such as improving services, ensuring security, and preventing fraud.

5. Data Storage and Security

We store personal data securely and take appropriate measures to protect it. The following describes our data storage practices:

• WordPress: Our website is built using WordPress, which stores personal data such as account and interaction information. We implement strong security measures, including encrypted communications (SSL), regular software updates, and firewall protection to safeguard personal data.

• MemberPress: MemberPress is the membership management tool we use to handle your membership data. MemberPress stores membership details, payment history, and account information within WordPress. We regularly update the software and ensure access is restricted to authorized personnel only.

• Third-Party Payment Processors: Payment data is processed via secure third-party gateways (such as PayPal or Stripe). We do not store full payment card details on our servers. These third-party processors comply with GDPR and PCI-DSS requirements.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. Specifically:

• Membership data will be retained for the duration of membership and for up to 7 years after the membership ends for legal and financial record-keeping purposes.
• Communication and website usage data will be retained as long as necessary to improve and support our services.

7. Data Sharing

We do not sell or share your personal data with third parties, except in the following cases:

• Service Providers: We may share data with third-party service providers such as payment processors, website hosting services, and email marketing platforms to perform functions on our behalf. These providers are contractually obligated to comply with GDPR and secure your data.
• Legal Obligations: We may disclose your data if required by law or to protect the rights, property, or safety of the Club and its members.

8. Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can ask us to correct inaccurate or incomplete data.
• Right to Erasure: You can request the deletion of your personal data under certain conditions.
• Right to Restrict Processing: You can request the restriction of data processing under specific circumstances.
• Right to Data Portability: You can request that your data be transferred to another service provider in a machine-readable format.
• Right to Object: You have the right to object to the processing of your personal data where processing is based on legitimate interests.

To exercise any of these rights, please contact us at [contact email].

9. Data Breaches

In the event of a data breach, we will take swift action to mitigate any harm and will notify affected individuals and the relevant supervisory authority (the Information Commissioner’s Office, ICO) where required by law.

10. Changes to This Policy

We may update this policy from time to time in response to changing legal, technical, or operational developments. Any changes will be posted on our website, and where appropriate, notified to members by email.

11. Contact Information

If you have any questions or concerns regarding this policy or the handling of your data, please contact us at:

The British Falconers’ Club
Email: admin@britishfalconersclub.co.uk

Address:
FAO: Club Secretary
The British Falconers’ Club
Westfield
Orpley Lane
Meeting Hill
North Walsham
Norfolk
NR28 9LS