You may need to collect personal data about people to provide a service to them. Whenever you request personal information, you must include a Data Statement.
See Group Handbook A6: Handling data
What is a Data Statement?
A key requirement of the GDPR is transparency when we capture personal data. The things we have to tell the person whose data we’ve obtained include:
- The purposes their information will be processed for
- How this processing is legal
- Who is processing the data and how to get in touch
We provide this information via:
- Our Privacy Notice, and
- A Data Statement
We have one Privacy Notice to cover all our data processing activities.
- See our Privacy Notice
A Data Statement summarises the specific purposes and basis for the processing, and links to our full Privacy Notice.
Usually, you will collect personal data on a Grant Application Form, Sponsor Form, or similar. These forms already include a Privacy Statement.
When do we need to add a Data Statement?
You must always use the Portal to gain access to up to date membership data. However there will be times when you need to obtain additional information from members and other contacts. This could be when your group organises:
- Events and classes (accessibility requirements)
- Hospitality (special dietary requirements)
- Transport (collection arrangements and mobility needs)
This is when you need to add a Data Statement to your request for personal information.
Creating a Data Statement
We've put together a guide to constructing a Data Statement that is legal and follows our policies.
- Download our guide to GDPR Data Statements
Need support?
Our Data Governance Team is here to make sure we all meet our personal data, information handling and record keeping obligations. Contact the Data Governance Team for help with any questions you may have about Data Statements.
- Get contact details for our Data Governance Team
Back to Data protection basics