RCNT Policies

The confidentiality of an individual’s personal data is protected by the General Data Protection Regulation and the Privacy and Electronic Communications Regulations. These Regulations apply to the Reading Centre ('Centre').

The personal data supplied by members is used only to provide them with information related to their membership, running the Centre and the Centre's social activities or related events. The data is kept on files stored securely. 

Membership Information

The personal information (data) is that provided by members on the Membership and social activities forms. The information stored for each member is:

• name and address

• telephone numbers

• National Trust membership number

• Reading Centre Membership number

• where supplied, email address 

Signing the Membership Form is confirmation of an agreement to hold the information (without such signature personal data cannot be held and continued membership of the Centre is not possible). Member's details are not passed to any other organisation except when dictated by law or, if necessary, to facilitate planning of social activities, such as holidays.

Where a membership lapses, the data will be held:

• until confirmation is received of the wish to cease membership; or

• for a period not exceeding 3 years 

The names of members and their dates of joining and leaving may be retained for the Centre's historic records. All other details relating to membership and social activities will be stored for a period not exceeding 3 years. 

Security of Centre Records 

Mostly the data is stored electronically, but some records may need to be on paper temporarily. Membership records are securely stored electronically by the Membership Secretary. When data needs to be shared with other members of the Centre with a legitimate need to have access to the information (eg: when organising events), such data is kept securely and disposed of safely when no longer needed. 

Access to Centre Information

Members have the right to access a copy of the data the Centre holds on them. Requests must be in writing and sent to the Chairman or Membership Secretary. A response must be made within 1 month, unless there is a legitimate reason for delay, which must be explained to the member. Members have the right to request that the data held by Centre be deleted. 

Email Communication and the Centre's Websites

Where emails are used for communication with members, they will not show other recipients addresses; except that email addresses may be open within the Committee. 

Emails between Committee Members and/or Organisers are used routinely for exchange of membership information; they are sent securely and, when appropriate, password protected. 

The Centre has its own personal website and it is also listed as a Supporter Group on the National Trust's main website. On both websites, the information shown is general and there is no personal information. 

The Centre also has a Facebook page, which is public but only allows members to post comments, etc, about the Centre's activities; no personal information is held on it. The Centre will investigate any comment posted on Facebook that suggests there has been unlawful discrimination against any other person, whether or not a member of the Centre; and may disbar the person making the comment from being a member of the Centre. 

Security Breaches 

A member suspecting a potential or actual data breach must notify the Chairman, Vice-Chairman or Membership Secretary without delay. The initial action will be in accordance with the Information Commissioner’s Office (ICO) requirements that the breach, if appropriate, is reported within 72 hours and will require two of the three nominated Centre Committee Members to agree implementation. There is information on the ICO website as to what constitutes a breach. The breach is noted in the Centre's Records.