As a membership organisation the Province processes, retains and shares personal data of members for the purposes set out in the Data Protection Notice. Where the Province employs or contracts with a member it may also process, retain and share personal data of that member for all lawful purposes related to that employment or contractual relationship. The Province shall not collect or store personal data of members for any other purposes.
2. Appointment of a Data Controller
The Provincial Grand Scribe E is a Data Controller, who will oversee compliance with data protection law and will act as a point of contact for members and the Information Commissioner’s Office (the “ICO”). In addition, the Provincial Grand Chapter of Worcestershire, the United Grand Lodge of England, and the Supreme Grand Chapter will also be Data Controllers from time to time. The Provincial Grand Scribe E shall have a direct line of communication with the Most Excellent Grand Superintendent and shall have, or shall undergo training to ensure that he has, knowledge of data protection law and practices.
3. Members’ data rights
A member may request that the Provincial Grand Scribe E:
- provides him with a copy of all personal data that the Province holds about him. The Provincial Grand Scribe E shall promptly provide a copy of all information required to be disclosed by law.
- rectifies any incorrect personal data held by the Province about him. The Provincial Grand Scribe E shall promptly consider such a request and respond to it in accordance with the law.
- stop the Province from some or all of its processing of his personal data. The Provincial Grand Scribe E shall promptly consider such an objection and respond to it in accordance with the law.
4. Deletion of personal data
A member may resign from all Chapters in the Province at any time. The Province will retain such data as may be required should he wish to rejoin a Chapter or seek support from Masonic charities in the future. He may however ask for his personal data (held as set out in the Data Protection Notice) to be deleted even though this may prejudice any future request made by him.
5. Sharing data with third parties
As a membership organisation the Province shares:
- personal data of its members with the United Grand Lodge of England; and
- personal data of its members with the Provincial Grand Lodge of Worcestershire; and
- personal data of members of each Chapter in the Province with that Chapter; and
- personal data of members with Provincial Grand Chapter of Worcestershire Charity Fund (reg no 1166195). as required by the Book of Constitutions or bodies it sanctions from time to time. It will not share personal data of members for any other reason unless it has the consent of the relevant member.
6. Data Protection Notice
The Province shall publish a Data Protection Notice so that it is available to members. The Notice shall comply with the requirements of data protection law and among other things shall inform members how their personal data will be used by the Province and how they may contact the Provincial Grand Scribe E, as a Data Controller for the Province.
7. Data security
The Province shall periodically review the security of its records and processing activities and shall take appropriate steps to ensure the confidentiality, integrity and availability of personal data that it holds.
8. Registration with ICO
The Province shall maintain its annual registration with the ICO.
9. Reporting breaches to the Responsible Officer
Actual or potential breaches of this policy, or of data protection law by the Province, shall be reported immediately to the Provincial Grand Scribe E. Breaches shall be reported if required by the Provincial Grand Scribe E to the ICO or to the member(s) whose data is affected. Normally the Provincial Grand Scribe E shall not report breaches without prior consultation with the Most Excellent Grand Superintendent.