The BSFA's GDPR Guidelines are as follows:

1.     The right to access – this means that individuals have the right to request access to their personal data and to ask how their data is used by the company after it has been gathered. The company must provide a copy of the personal data, free of charge and in electronic format if requested.

How the BSFA complies: Members can log into the system themselves and access their data as they wish. An email to membership@bsfa.co.uk, to Chair@bsfa.co.uk or Treasurer@bsfa.co.uk will provide you with the quickest access to this information. It can be downloaded from our system and sent to you via email.

Further, the BSFA representative will require any individual requesting this information to provide proof of identity before releasing any information to them.

The BSFA does not provide data to external sources. The BSFA will use your data to provide you with the service that you agreed/purchased with your membership fee.

2.     The right to be forgotten – if consumers are no longer customers, or if they withdraw their consent from a company to use their personal data, then they have the right to have their data deleted.

How the BSFA complies: Members can log into the system themselves and delete their data as they wish. An email to membership@bsfa.co.uk, to Chair@bsfa.co.uk or Treasurer@bsfa.co.uk will provide you with the quickest means to ensure this deletion occurs. These officers can remove your data from our system.

Further, the BSFA representative will require any individual requesting this action to provide proof of identity before releasing any information to them.

3.     The right to data portability – Individuals have a right to transfer their data from one service provider to another. And it must happen in a commonly used and machine readable format.

How the BSFA complies: Members can log into the system themselves and change/transfer their data as they wish. An email to membership@bsfa.co.uk, to Chair@bsfa.co.uk or Treasurer@bsfa.co.uk will provide you with the quickest access to this information. It can be downloaded from our system and sent to you via email for your use.

Further, the BSFA representative will require any individual requesting this information or action to provide proof of identity before releasing any information to them.

4.     The right to be informed – this covers any gathering of data by companies, and individuals must be informed before data is gathered. Consumers have to opt in for their data to be gathered, and consent must be freely given rather than implied.

As indicated previously, we do not share your membership data outside of the association.

5.     The right to have information corrected – this ensures that individuals can have their data updated if it is out of date or incomplete or incorrect.

How the BSFA complies: Members can log into the system themselves and change their data as they wish. Alternatively, an email to membership@bsfa.co.uk, to Chair@bsfa.co.uk or Treasurer@bsfa.co.uk will provide you with the access to this information and any changes can be made by the BSFA officer.

Further, the BSFA representative will require any individual requesting this information to provide proof of identity before releasing any information to them or amending records.

6.     The right to restrict processing – Individuals can request that their data is not used for processing. Their record can remain in place, but not be used.

How the BSFA complies: The BSFA does not provide data to external sources. The BSFA will use your data to provide you with the service that you agreed/purchased with your membership fee.

However, if (for example), an individual wishes to opt out of receiving the regular newsletter, members can log into the system themselves and change their profile to ensure this happens. 

Alternatively, an email to membership@bsfa.co.uk, to Chair@bsfa.co.uk or Treasurer@bsfa.co.uk will provide you with the access to this information and any changes can be made by the BSFA representative. The BSFA representative will require any individual requesting this information to provide proof of identity before amending these records.

7.     The right to object – this includes the right of individuals to stop the processing of their data for direct marketing. There are no exemptions to this rule, and any processing must stop as soon as the request is received. In addition, this right must be made clear to individuals at the very start of any communication.

How the BSFA complies: The BSFA does not provide data to external sources. The BSFA will use your data to provide you with the service that you agreed/purchased with your membership fee.

However, if (for example), an individual wishes to opt out of receiving the regular newsletter, members can log into the system themselves and change their profile to ensure this happens. 

Alternatively, an email to membership@bsfa.co.uk, to Chair@bsfa.co.uk or Treasurer@bsfa.co.uk will provide you with the access to this information and any changes can be made by the BSFA representative. The BSFA representative will require any individual requesting this information to provide proof of identity before amending these records.

8.     The right to be notified – If there has been a data breach which compromises an individual’s personal data, the individual has a right to be informed within 72 hours of first having become aware of the breach.

How the BSFA complies: Should this occur, we will contact all members via email and other means as soon as we possibly can. An email will come from the association Chair or where necessary, a letter will be sent to you.

This guidance will be updated in accordance with the best advice given by the ICO.  There website is available here.