Privacy Statement

Introduction

The Surrey Garden Design Group is committed to giving you control over your personal data and keeping it safe.

This privacy statement applies to personal data provided to us, both by you and by third parties.
When collecting and using personal data, our policy is to be transparent about why and how we process personal data. We will never transmit information that can identify you to any third party for marketing purposes.


Who we are

The Surrey Garden Design Group is a not for profit organisation.

The SGDG is the ‘data controller’ of the personal data we collect about you and is subject to the Data Protection Act 1998, and, when it takes effect on 25 May 2018, the General Data Protection Regulation (the GDPR).

Our email address is secretary@sgdg.org.uk

Our website is www.sgdg.org.uk

If you have any questions about our privacy policy or information we hold about you or if you wish to exercise any of your rights under applicable law, please contact us by email.


The information we collect

We collect your name, address, email address and contact telephone number. No data about you is transferred or processed outside of the UK

We collect your personal data when you fill in a membership form for an initial application for membership or on renewal. It may also be when you take part in SGDG organised events or activities, such as event evenings and visits to gardens and nurseries.

The website and third parties (Google Analytics, Facebook) may collect information regarding your visit (pages visited, clicks on links), to enhance and improve your experience in our website. The information we collect about your website visits is aggregated, unable to identify you to target marketing campaigns. The privacy policy of these third parties is subject to their own Privacy policy.


How we use the information

Email
We email you with event reminders and any other information and correspondence necessary to fulfill our obligations to organize the group.

Address
Your address is used to send you the latest copy of Groundcover if we haven’t been able to hand it to you in person, or to send you for example special tickets to events or any other documents.

Telephone number
Your telephone number will only be used in a rare matter of urgency or if we are unable to contact you in any other way.

This information might be shared internally and authorized trustees may have access to it.
No credit or debit card information is stored on our systems, irrespective of how the payment is being processed.


The information we share

No information related to you is shared with third parties for further processing or use inside or outside the UK.


Data security

All the information is stored on secure servers. The transfer of data outside of our internal systems is done on secure channels. All our Data Processors are UK established companies and they have similar Privacy policies in place in order to ensure data security.

However, other organisations we work closely with, are not normally involved in data processing, but may come in contact with it in the course of system servicing, breakdowns, updates etc.

We have put in place appropriate internal security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.


How long we keep your personal information

We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, if there is no legal, accounting, or reporting requirements to retain it for a longer period.


Your rights

You have the right to access, change or have the data about you removed from our systems in accordance with the General Data Protection Regulation (GDPR) of 2018. You may request a copy of the data we’re holding about you and information about the way we process it. You have the right to withdraw consent at any time.

The right to be forgotten
You may request to have all your data stored with us deleted. However, due to legal requirements, data related to financial transactions are kept on record for a period of 5 years. At your request, this data can be anonymized.

The right to be informed
You are entitled to be informed on how we process the data about you, for how long we’re storing information about you in a plain and simple language.

The right to access
Under GDPR, you have the right to access your personal data, confirm that your data is being processed, for free.

Right to rectification
Inaccurate or incomplete data must be rectified.

How to complain
If you are unhappy with how we collect and use your data, please tell us first. You also have the right to complain to the ICO (Information Commissioner’s Office), whose website can be found at www.ico.org.uk


Changes to this Privacy Statement

Any changes we make to our privacy statement in the future will be posted on the privacy statement page of our website and, where appropriate, notified to you by e-mail or otherwise.