If your group handles money and delivers services and activities, you need to be able to communicate with MS Society members in the area who have agreed for their details to be shared with you. Your group can access membership data for this purpose.
- Who can access membership data?
- Membership data on the Portal
- Data Protection for GDPR eLearning
- The importance of using current membership data
- Need support?
You can only access membership data if you are in a volunteer role that is authorised to do so. This is to ensure that we meet our data protection requirements.
Volunteer roles with access to membership data are:
Your group must use the Portal to access membership data. This will ensure that we only use up to date information about members who have agreed to be contacted by us.
Each time you use the Portal to download membership data as an Excel spreadsheet or PDF, you will be asked to confirm the reason for the download. You must not use this downloaded data for any other purpose.
You will be prompted to protect the file with a password. You must not share this file password with anyone who is not in an authorised volunteer role.
- Find out more about Using the Portal
Both our organisation and individuals are at risk of significant fines from ICO if we can’t show them data protection training records for our staff and volunteers.
Data Protection for GDPR eLearning aims to build your confidence and helps you to avoid making a mistake inadvertently. You can check your learning and ensure your training record is entered by completing the multiple choice test at the end.
You must complete Data Protection for GDPR eLearning if any of the following apply to you:
- Your role involves handling personal information, such as a Group Coordinator or Finance Volunteer
- You have access to membership data
- You use our Portal or Online Recruitment
- Your role specific Welcome and Induction Checklist includes Data Protection for GDPR eLearning as ‘must do’ training
We will ask you to complete Data Protection for GDPR eLearning even if you have completed previous data protection training. Contact our Data Governance Team with any eLearning questions you may have.
When sending out newsletters or email communications to members, you must not use membership data that:
- Is more than 28 days old
- Was requested for a different purpose
Emails and newsletters are classed as marketing and members have the right to change their ‘marketing contact preferences’ at any point.
If a member requests a change to their marketing contact preferences, you must let the Supporter Care Team know as soon as possible, to enable us to update our membership database within the required 28 day notification period.
If a person does not appear on a current membership list you download or request, you must not contact them for any reason.
Our Data Governance Team is here to make sure we all meet our personal data, information handling and record keeping obligations. Contact us for help with any data compliance questions you may have.
- Get contact details for our Data Governance Team
Back to Handling data