The Windmill Singers
Making music since 1964

Calling All Singers

Our long-established choir invite anyone who would like to take part in a Spring concert of light-hearted music, to pop in to observe a Thursday evening rehearsal.
Join in or just listen - no auditions are necessary.

Windmill Singers – Data Protection Policy

In delivering its charitable purpose, The Windmill Singers process the personal data of its members, supporters, donors and the general public. This data is collected and used by the management committee of the choir and shall be handled in accordance with the General Data Protection Regulation (GDPR.). The Windmill Singers Data Protection Policy describes what data is collected, where it is stored, who can use it and how the rights of individuals are protected.

Individual choir members may collect and store personal information about other choir members, friends and other contacts which they use for their personal use, not directly associated with the management of the choir. Such data is not the subject of this policy.

What personal data is collected?

The choir collects the following information: name; address; phone number(s); email address(es) emergency contact information and any other information which might be necessary for the administration of the choir.

The choir does not collect sensitive personal information as defined in the GDPR. This includes data on ethnicity or racial origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, or data concerning health or sexual orientation.

Use of personal data

Personal data is collected and processed by the Windmill Singers management committee for the process of operating the choir, for the management of the choir’s activities, for fundraising, for marketing and for general communication.

The personal data shall be used in accordance with the permission to use the data given by individuals. The personal data shall not be used for any other purpose and shall not be provided to third parties without permission..

Personal data shall only be stored for the period for which it is required, for example for the duration of the membership tenure. Data which is no longer required, or which is out of date, will be deleted.

Where is the personal data stored and who has access to it?

Personal data is used by the Windmill Singers management committee. The Windmill Singers do not own any IT hardware for data processing. Personal data is stored primarily on the personal computers of members of the Windmill Singers management committee.

The following policies apply to the storage and sharing of this data

1.            Personal computers used to store or manage personal data shall be protected by a log in and password system. If the personal computer is used by others, access to the personal data should be protected by a password.

2.            Personal data shall not be copied to, or transferred to, a usb data stick or other portable storage system unless it is protected with a password.

3.            When using email distribution lists to communicate with choir members the Blind Copy function should be used so that individual members do not have access to other members email addresses.

4.            Personal data held in the website shall be password protected and is accessible only to members of the management committee. This access will be controlled by the choir’s website administrator.

5.            Wherever possible the committee will try to store information in electronic form. Personal data which is stored in paper records will be stored in a safe place. This could include a committee member’s home. If personal data is transported the information should be treated as confidential and kept in the committee member’s possession at all times.

6.            When a committee member leaves the committee all personal data they might hold (e.g. on a personal computer) should be deleted.

Permission to use the data

Prior to collecting personal data the permission of each member shall be sought to store their data. This is an opt in process and permission should not be assumed.

Rights of individuals

Individuals have the right to see what personal information has been stored. If a request to see personal information is received it will be coordinated by the choir’s data controller who will liaise with all other committee members to check any data that is being held locally and providing a response.

Individuals have the right to have their personal data removed from the choir’s records and for their data history to be deleted. If a request to delete data is received the choir’s data controller will liaise with the other committee members to check any data that is being held locally is deleted and confirming that this has been done to the person making the request.

Individuals have the right to have their personal information changed. If a request to change personal data is received the choir’s data controller will liaise with the other committee members to change any data that is being held locally and confirming to the person making the request that the changes have been made.

Registering with the Information Commissioners Office

The Windmill Singers are a charitable organisation which only collects information necessary for the running of the choir, to administer activities for the members of the choir or for people who have regular contact with the choir.  The Windmill Singers are therefore exempt from the registration requirements with the Information Commissioners Office.

Maintenance, Audit and Review

An initial audit has been carried out to ascertain what information is being stored and for what purpose. Such an audit will be repeated from time to time to ensure the band has an up to date record of data stored.

It is the responsibility of individual committee members to make sure that stored data is accurate and that data which is no longer required is deleted.

Individual choir members have a responsibility to ensure that they advise the choir of any changes that need to be made to the personal data the choir holds concerning them.

The management committee will review this policy every two years or sooner if necessary.

Data Compliance Officer - Yvonne Diment