At U3AC the Trustees (members of Council), who are defined as the Data Controllers under the GDPR, take your privacy seriously. We will use your personal information only to administer your membership account for the delivery of the activities offered by the organisation. We do this on the basis of Legitimate Interests, which is that we use the personal data you provide to us in ways you would reasonably expect and which have a minimal privacy impact.
In order to manage the activities offered by U3AC, we ask you to provide limited personal data. We will not collect any personal data from you that we do not need in order to provide and oversee this service to you.
We have Data Protection procedures in place to oversee the effective and secure processing of your personal data.
Only members of our staff, based in the UK, process the personal data we hold. For the purposes of IT hosting and maintenance our database is located on servers within the European Union. No third parties have access to this database unless there is a legal requirement.
U3AC uses the secure e-mailing service Mailchimp to send out the weekly Bulletin. This service is hosted in the United States; members’ email addresses are provided to this service unless you tell us not to.
Course allocation is done by an automated process to ensure fairness.
We will publish tutor contact information only in agreement with the tutor’s wishes. To assist in the delivery of classes we will provide your contact information to your class tutor unless you tell us not to. Tutors will only share this data with other members of your class with your permission. Tutors will not share your data in any other circumstances.
We keep your personal data while you are a member of U3AC. If you leave U3AC, we will retain data that would enable you to re-join without incurring a joining fee. We will remove your data immediately if you request us to do so.
You can view your personal data by logging in to your account via the U3AC website. You can ask the U3AC Office to provide you with the details of your personal data on presentation of your membership card. If at any point you believe the information we process on you is incorrect you can request to have it corrected or deleted.
The GDPR provides the following 8 rights for individuals:
If you wish to raise a complaint about how we have handled your personal data, you can contact the U3AC Office in the first instance on email@example.com who will investigate the matter.
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
If you require further information please contact the U3AC Office on firstname.lastname@example.org.