Where am I? DCC
> USEFUL PAGES
> DATA PROTECTION
Derbyshire Caving Club - Data Protection Act (DPA) 2018 and General Data
Protection Regulation (GDPR)
The DPA (came into force 25th May 2018) and the UK GDPR (came into force 1st
January 2021) protect individuals' privacy by regulating how personal information, known in the
'personal data', is collected and used. The law applies to information stored electronically or in manual systems
that can be linked to an identifiable individual.
has prepared a policy on how it will comply with the new law as well as ensuring it
continues to comply with the principles of the DPA.
'Personal data' is any information that relates to a living individual who can be identified:
- from that information or,
- from that and other information in our possession or likely to come into our possession.
Personal data can include:
- email addresses or telephone numbers, collected when people join the
Club, visit the mines at Alderley Edge, register enquiries through the
website or make on-line bookings on Open Days
- information about people that we collect during caving and mining trips,
on Alderley trips (including open days) or at social events, including
images and sound recordings
- name, address, date of birth, email addresses and telephone numbers of members
The law requires that personal information is:
- collected and used fairly i.e. we make it clear to people how we intend
to use their information and whether it will be given to anyone else inside
or outside the Derbyshire Caving Club
- appropriate to the uses which have been agreed with the person involved
- accurate and up-to-date with facilities for members and others to check
and amend it
- limited to what we need
- stored for the minimum time relevant to the use for which it is
- stored securely
- disposed of securely once the use for which it has been collected has
come to an end
- protected by a contract, if it is being given to a third party to ensure the information is only used for the purpose the Club has agreed. A contract is also needed if personal information is being sent to a third party located outside the
People have certain rights under the act in relation to information stored about them.
Individuals have rights:
- to be informed. We must tell people what we are doing with their
- of access. If asked, we must provide people with the personal
information we have about them.
- to rectification. If someone’s personal data isn’t correct,
they can now demand we amend this.
- to restriction. If required, we may need to stop processing
people’s information for a period of time.
- to erasure. People can ask for their information to be
deleted, unless there is good reason for us not to.
- to object. People have the right to object to our processing of
Any formal requests for information or notices to stop processing under the act must be dealt with by the Committee.
Pass any such requests immediately to the Honorary Secretary.
Contact can be made by email to the
Removal of data or images
Any request to have email addresses or other information deleted after an Open Weekend
or photographs removed from the website at any time should be referred to the
Webmaster who can readily remove the information.
Data protection policy, privacy statement and consent form
The Club's policy, privacy statement and consent form can be downloaded
below. Members can also access their own on-line records from the
members list and amend their consent to divulge personal information to
other members. Until members give consent, only names will be listed
on the members' list. If you are unable to edit your own details
on-line use the consent form below or contact the Webmaster. If you don't want your name listed, then you will
have to resign from the Club!