General Data Protection Regulation (GDPR) is a new European law that comes into effect on 25th May 2018. It introduces enhanced responsibilities on organisations operating in Europe that collect personal data.
Here are the main points of our GDPR compliance:
We are GDPR compliant
- Sruthi is GDPR compliant.
- You can read our privacy statement below.
All data we collect is owned by Sruthi.
We don’t share your data with anyone and if you want us to delete any data, all you need to do is to send an email to firstname.lastname@example.org
We store all personal data and databases in the EU on a google drive that can be accessed by only restricted executive members.
The categories of users’ information that we hold include:
- personal identifiers and contacts (such as name, email, contact details and address) of members and guests of our events.
- images of functions that we organise i.e. annual days, AGM day
- Brief bio data of members and authors in our annual publication
Why we collect and use members’ information
We use members’ data to:
- enable us to contact the members with information about upcoming events
- enable us to contact the members with updates from the Executive Committee on general matters relating to Sruthi Organisation
- reply to any feedback we receive from members and the guests who attend our events
Collecting users’ information
- We collect members’ information via email or paper form when they join the organisation.
- We collect the guests’ information via the feedback form on the website or a paper form on the day of the event.
- Members information is used to contact the members for Sruthi related matters only.
- The guests’ information is used to reply to any concerns or feedbacks raised by them and to send them information about our programmes.
Storing users’ data
We hold data securely until requested removal of the data or when the members become non-members and wish to delete their information from our system.
Who we share users’ information with
We do not share your details with anyone.
Why we regularly share users’ information
We do not share information about our members or guests with anyone without consent unless the law and our policies allow us to do so.
Requesting access to your personal data
Under data protection legislation, members and guests have the right to request access to information about them that we hold. To make a request for your personal information contact
You also have the right to:
- to ask us for access to information about you that we hold
- to have your personal data rectified, if it is inaccurate or incomplete
- to request the deletion or removal of personal data where there is no compelling reason for its continued processing
- to restrict our processing of your personal data (i.e. permitting its storage but no further processing)
- to object to direct marketing (including profiling) and processing for the purposes of scientific/historical research and statistics
- not to be subject to decisions based purely on automated processing where it produces a legal or similarly significant effect on you
If you have a concern or complaint about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/
We may need to update this privacy notice periodically, so we recommend that you revisit this information from time to time. This version was last updated on 10 June 2019
If you would like to discuss anything in this privacy notice, please contact: email@example.com