Privacy Policy

General Data Protection Regulations 2016

Privacy Notice

Definitions

‘FRARS’ means the Flight Refuelling Amateur Radio Society, a private members club.

The ‘GDPR’ means Regulation (EU) 2016/679 (General Data Protection Regulation).

The terms ‘Personal Data’, ‘Data Controller’ and ‘Data Subject’ are used in this document as they are defined in the GDPR.

Data Controller

FRARS is the Data Controller of all Personal Data that is stored by FRARS.

What Personal Data FRARS holds.

FRARS stores the following categories of Personal Data:

Website login account information – user name, email address, login records
Electronic Mail – email address, name
Web site logs – IP address, time, URL visited
Member Relationship Management – email address, name, mailing address, phone number(s), date of birth
FRARS Licence Authorized users – Amateur Radio Call sign
All this data is held either by explicit permission from the individual, or for performance of a members membership of FRARS, or compliance with legal obligations.

This Personal Data is subject to the rights listed below.

What FRARS uses Personal Data for

FRARS uses Personal Data for the following purposes:

  • To provide membership services related to membership of FRARS.
  • To comply with laws and regulations

Who Has Access to this Personal Data?

The FRARS Committee, service providers and legal or other professional advisers to FRARS may be given access to Personal Data held by FRARS. This is required to fulfill FRARS obligations of support to its membership and support to users of FRARS services.

FRARS may provide Personal Data to Government authorities, regulatory authorities, law enforcement bodies, for the purposes of compliance with legal requirements, or for the exercise or defence of legal claims.

Security of Personal Data

FRARS has strict security procedures for storing Personal Data to protect it against loss or damage. All Personal Data stored by FRARS is protected by TLS (Transport Layer Security) / (SSL) Secure Sockets Layer to the same level used by most banking and financial institutions, and database encryption.

FRARS may disclose Personal Data to its agents or subcontractors for the purposes set out in this privacy policy. We require all our agents and subcontractors to have appropriate technical and operational security measures in place to protect your personal data, in line with United Kingdom and EU legislation.

FRARS does not transfer Personal Data outside the European Economic Area (EEA), nor does it permit its agents or subcontractors to do so.

FRARS does not store or process Childrens Members Data without either

  • The explicit consent of the Child (Age 13 or Over) or
  • The explicit consent of the Parent or Legal Guardian of the Child.

Retention of Data

FRARS deletes web site login records, WWW logs and email logs after 6 months.

FRARS maintains (encrypted) backups of all data systems and maintains these backups for no more than 13 months.

Rights to Your Personal Data

Data Subjects have the following rights in relation to Personal Data stored by FRARS:

Right of access – You have the right to request a copy of the data that we hold about you.

Right of rectification – You have the right to request FRARS to correct any inaccurate or incomplete Personal Data that FRARS holds about you.

Right to be forgotten – In many situations, you have the right for your personal data to be deleted from our records. There may be situations where FRARS is unable to comply with an erasure request, in particular where FRARS is required to continue to hold certain Personal Data due to legal obligations or where holding the Personal Data is necessary for the exercise or defence of legal claims, or where it is impossible or unreasonably difficult to remove your personal data.

Right of restriction – This means that your personal data may, with the exception of storage, only be processed with your consent for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person or for reasons of public interest of the EU or of an EU Member State.

Right of portability – You have the right to receive your personal data in structured, commonly used and machine-readable formats, or have the data we hold about you transferred to another data controller.

Right to object – You have the right to object to the processing of your Personal Data in certain circumstances. You also have the absolute right to stop your data from being used for direct marketing.

Right to object to automated processing  You have the right not to be subject to decisions based solely on automated processing, including profiling.

Right to judicial remedy – You have the right to an effective judicial remedy where you consider that your rights under the GDPR have been infringed as a result of the processing of your personal data in non-compliance with the GDPR.

Our Privacy Policy may be updated from time to time. Any changes to our policy will be communicated to you either by e-mail or a notice on our website.

Contact information

All communications concerning privacy related issues should be sent by electronic mail to or by post to

Flight Refuelling Amateur Radio Society,
Merley Park Road,

Broadstone,
Wimborne,
Dorset BH21 3DA,
United Kingdom.

Please make sure any postal communication is marked Private and Confidential for the Attention of the Data Protection Officer.

FRARS will respond to and, where appropriate, act on privacy-related communications within one calendar month.

This privacy policy was last updated on 1st November 2018.