MARLOW - MAIDENHEAD PASSENGERS' ASSOCIATION MMPA Logo
home join! news information maps history gallery contact links

General Data Protection Regulation (GDPR)

Go straight to consent form.

Introduction

The General Data Protection Regulation came into force on 25th May 2018. Under the regulation we are required to:

  • tell you what data we hold on you;
  • obtain your consent to hold such data;
  • take reasonable precautions to secure your data;
  • provide you with a copy of such data on request;
  • allow you to change or delete any data we hold on you;
  • delete personal data that are no longer required.

You will of course realise that if you ask us to delete all your data, we then will not be able to send you newsletters, timetables, membership reminders or any ad hoc messages.

What Data We Hold

The data we hold fall into two categories: the membership database and membership accounts.

The database holds the following data:

  • your contact details (name, postal address and email address if applicable);
  • membership number and type, year of joining (if known);
  • post code (copy for sorting and filtering), local station code;
  • date of last renewal and payment type (PayPal, cash, cheque or automated);
  • whether you require printed timetables.

The membership account shows all payment details for the year, including payment type and cheque details if applicable. The account is sent to the Treasurer by email and used to reconcile the bank and PayPal statements. The Treasurer supplies details of automated payments (online banking, standing orders, etc.) to the Membership Secretary. Year end accounts are held for a number of years in accordance with normal practice.

Security

The database is held on a personal computer which is behind two firewalls which both block incoming requests. It is not currently encrypted. Regular backups are made to a separate device.

No personal data are stored on the web server or in the ‘cloud’. However data entered on web forms are transmitted to the Membership Secretary by email. Mail to our domain (mmpa.org.uk) is forwarded by our host’s mail server to the recipient.

We do not pass personal data to any third party, and will not do so unless compelled by law.

Email distribution of newsletters etc. will not show the addresses of all recipients. Messages will either be sent individually (including mail-merge) or to undisclosed recipients (i.e. BCC).

Access

You are entitled to request a copy of the current data we hold on you.

You may also request that any or all such data are amended or deleted.

Requests should be sent by email to membership@mmpa.org.uk.

Please be aware that although we can delete or amend all current data it will not be feasible to update all archived backup copies.

Use of Data

Your contact details are used primarily to send you newsletters, membership reminders and ad hoc communications.

We do not in general send out marketing material. There may be occasions when a train operator makes a special offer that is beneficial to members, and this could be communicated via the newsletter or direct email.

We do not in general carry out any processing of personal data. The only exception is that we may occasionally produce counts of the number of members using each of our local stations.

Consent

Please complete and submit the form below to indicate your consent to MMPA holding your data. This only needs to be done once.

 I consent to the Marlow - Maidenhead Passengers’ Association holding my contact and payment details. I understand that I can withdraw this consent at any time.

First name or initials: Membership number: *
Last name: Postcode:
E-mail address:
   the form or  all data.
 * leave blank if you can't remember. All other fields are required.


Valid HTML 4.0!   Best with Any Browser   Mastered on RISC OS 6

Last updated 31st May, 2018