This policy applies if you’re a Fellow of the Society, member of staff or if you use any of our services, visit our website, email, call or write to us.
We’ll never sell your personal data and will only share it with organisations we work with when it’s required by law to do so and the privacy and security of your data is assured.
Who are ‘we’?
In this policy, whenever you see the words ‘we’, ‘us’, ‘our’, ‘the Society’, ‘LSW’ it refers to The Learned Society of Wales.
The Learned Society of Wales (Royal Charter Charity 1168622) is a charitable organisation that aims to celebrate, recognise, preserve, protect and encourage excellence in all scholarly disciplines, and in the professions, industry and commerce, the arts and public service.
What personal data do we collect?
Your personal data (any information which identifies you, or which can be identified as relating to you personally for example, name, address, phone number, email address) will be collected and used by us. We’ll only ever collect the personal data that we need.
We collect personal data in connection with the election of new fellows and employment.
You can give us your personal data by filling in nomination forms, contact forms, other forms on our website, by completing the LSW skills audit or by corresponding with us by phone, email or by joining as Fellow.
This personal data you give us may include name, title, address, date of birth, age, gender, employment status, demographic information, email address, telephone numbers, personal description, photographs, work history, research history, details of publications and opinions.
Personal data provided by you
This includes information you give when you contact us, for example:
- Personal details (name, date of birth, email, address, telephone, and so on) when you join as a Fellow
- Financial information (payment information such as credit or debit card or direct debit details, and whether donations are gift-aided, bank details for the payment of expenses)
- Your opinions and attitudes about the Society
Personal data created by your involvement with us
Your activities and involvement with us will result in personal data being created. This could include details of how you’ve helped us by participating in LSW events and activities. If you decide to donate to us then we’ll keep records of when and how much you have donated for accounting purposes.
Information we generate
We conduct research and analysis on the information we hold, which can in turn generate personal data. For example, by analysing your interests and involvement with our work we may be able to build a profile which helps us decide which of our communications are likely to interest you. The sections Research and Profiling gives more detail about how we use information for profiling.
Information from third parties
We never buy external data from third parties.
Sensitive personal data
At times we’ll collect sensitive personal data for Equal Opportunities monitoring, but this is only ever analysed at an aggregate level.
How we use your personal data
We’ll only use your personal data on relevant lawful grounds as permitted by the EU General Data Protection Regulation (GDPR)/UK Data Protection Act and Privacy of Electronic Communication Regulation.
Personal data provided to us will be used for the purpose or purposes outlined in any fair processing notice in a transparent manner at the time of collection or registration where appropriate, in accordance with any preferences you express. If asked by the police, or any other regulatory or government authority investigating suspected illegal activities, we may need to provide your personal data.
Your personal data may be collected and used to help us deliver our charitable activities; below are the main uses of your data which depend on the nature of our relationship with you and how you interact with our various services, websites and activities.
Your privacy is important to us, so we’ll always keep your details secure. We’d like to use your details to keep in touch about Society activities that may be of interest to you.
If you allow us to contact you we may send you information based on what is most relevant to you or things you’ve told us you are interested in. This could include working with us, subscription changes, Society events, Fellows bulletins, Society nominations and Society elections.
We’ll only send these to you if you agree to receive them and we will never share your information with third parties for inclusion in their marketing. If you agree to receive correspondence from us you can change your mind at a later date.
However, if you tell us you don’t want to receive LSW communications, then you may not hear about events or other work we do that may be of interest to you.
We sometimes use Mailchimp and Smart Survey to correspond with you on our behalf. We would only use other third parties where we were confident that the third party will treat your data securely, in accordance with our terms and the requirements set out in the GDPR.
We very much want to stay in touch, but we don’t want to out-stay our welcome. Let us know how you would like us to get in touch with you by contacting the Data Protection Officer (email@example.com).
We’ll always act upon your choice of how you want to receive communications (for example, by email or post). However, there are some communications that we need to send. These are essential to fulfil our commitment to you as a Fellow or member of staff. Examples are:
- transaction messaging, such as Direct Debit schedules
- Fellowship-related mailings such as subscription renewal reminders, calls for nominations, elections and notice of our Annual General Meeting.
Fellowship including newsletters
We use the personal data you provide as a Fellow for sending renewal information by mail and email, sending the Fellows Bulletin and for sending information about our nominations, elections and Annual General Meeting.
Donations and legacy pledges
Donations and gifts in wills can make a difference to the work of the Society. If you make a donation, we’ll use any personal information you give us to record the nature and amount of your gift, claim gift aid where you’ve told us you’re eligible and thank you for your gift. If you interact or have a conversation with us, we’ll note anything relevant and store this securely on our systems.
If you’ve told us that you’re planning to, or thinking about, leaving us a gift in your will, we’ll use the information you give us to keep a record of this – including the purpose of your gift, if you let us know this.
If we have a conversation or interaction with you (or with someone who contacts us in relation to your will, for example your solicitor), we’ll note these interactions to ensure your gift is directed as you wanted.
Charity Commission rules require us to be assured of the provenance of funds and any conditions attached to them. We will follow a due diligence process which involves researching the financial soundness, credibility, reputation and ethical principles of donors.
As part of this process we’ll carry out research using publicly available information and professional resources. If this applies to you, we’ll remind you about the process when you make your donation.
We know it’s important to our Fellows to use our resources in a responsible way. So we use profiling and targeting to help us get to know our Fellows and make sure that:
- You are invited to participate in events that are of interest to you or in the appropriate geographical region
- You are invited to respond to consultations that are appropriate to your work
To do this we’ll analyse the information you provide us via nomination forms and your participation in the LSW Skills Audit. We will also use both geographic and demographic information to let you know what’s happening in your local area and understand your interests.
We use specific Google Analytics to profile how our website users interact with us online. This will collect information on the use of the LSW website. The information we collect is aggregated.
Recruitment and employment
In order to comply with our contractual, statutory, and management obligations and responsibilities, we process personal data, including ‘sensitive’ personal data, from job applicants and employees.
Such data can include, but is not limited to, information relating to health, racial or ethnic origin, and criminal convictions. Further information on what data is collected and why it’s processed is given below.
Contractual responsibilities: Our contractual responsibilities include those arising from the contract of employment. The data processed to meet contractual responsibilities includes, but is not limited to, data relating to: payroll, bank account, postal address, sick pay; leave, maternity pay, pension and emergency contacts.
Statutory responsibilities: Our statutory responsibilities are those imposed through law on the organisation as an employer. The data processed to meet statutory responsibilities includes, but is not limited to, data relating to: tax, national insurance, statutory sick pay, statutory maternity pay, family leave, work permits, equal opportunities monitoring.
Management responsibilities: Our management responsibilities are those necessary for the organisational functioning of the Society. The data processed to meet management responsibilities includes, but is not limited to, data relating to: recruitment and employment, training and development, absence, disciplinary matters, e-mail address and telephone number.
Sensitive personal data
The Act defines ‘sensitive personal data’ as information about racial or ethnic origin, political opinions, religious beliefs or other similar beliefs, trade union membership, physical or mental health, sexual life, and criminal allegations, proceedings or convictions.
We will never collect and process sensitive personal data without requiring the explicit consent of an employee or Fellow.
(a) We will process data about an employee’s health where it is necessary, to record absence from work due to sickness and to pay sick pay. This processing will not normally happen without the employee’s knowledge and, where necessary, consent.
(b) We will process data about, but not limited to, an employee’s racial and ethnic origin, their sexual orientation or their religious beliefs only where they have volunteered such data and only for the purpose of monitoring and upholding our equal opportunities policies and related provisions.
(c) Data about an employee’s criminal convictions will be held as necessary.
Disclosure of personal data to other bodies
In order to carry out our contractual and management responsibilities, we may, from time to time, need to share an employee’s personal data with one or more third party.
To meet the employment contract, we are required to transfer an employee’s personal data to third parties, for example, to pension providers and HM Revenue & Customs.
In order to fulfil our statutory responsibilities, we’re required to give some of an employee’s personal data to government departments or agencies e.g. provision of salary and tax data to HM Revenue & Customs.
If you would like details of the information that the Society holds about you, please email us at firstname.lastname@example.org.
If you would like to amend the details that we hold for you, please email us at akirk@email@example.com
You can also write to us at:
The Learned Society of Wales, The University Registry, King Edward VII Avenue, Cathays Park, Cardiff CF10 3NS
Verification, updating or amendment of personal data will take place within 30 days of receipt of your request.
Your data protection rights (DPO)
Where the Society is using your personal data on the basis of consent, you have the right to withdraw that consent at any time. You also have the right to ask the Society to stop using your personal data.
Tell us using the details above.
Subject access rights
If you would like further information on your rights or wish to exercise them, please write to us at The Data Protection Office, The Learned Society of Wales, The University Registry, King Edward VII Avenue, Cathays Park, Cardiff CF10 3NS or email firstname.lastname@example.org.
We will also need you to provide information that will help us confirm your identity. If we hold personal information about you, we will give you a copy of the information in an understandable format together with an explanation of why we hold and use it.
Once we have all the information necessary to respond to your request we’ll provide your information to you within one month. This timeframe may be extended by up to two months if your request is particularly complex.
What to do if you’re not happy
In the first instance, please talk to us directly so we can resolve any problem or query. You also have the right to contact the Information Commissions Office (ICO) if you have any questions about Data Protection. You can contact them using their help line 0303 123 113 or at www.ico.org.uk.
Cookies and links to third party websites
Links to other websites
Keeping your information
We will only use and store your information for as long as it is required for the purposes for which it was collected. How long it will be stored depends on the information in question, what it is being used for and, sometimes, statutory legal requirements.
How we secure your data
Information system and data security is imperative to us to ensure that we are keeping our employees and Fellows safe.
Our staff are offered information security and data protection training on employment.
All information you provide to us is stored on our secure servers.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Personal data collected and processed by us may be shared with the following groups where necessary:
- LSW employees
- IT infrastructure providers who host the website and provide IT support in respect of the website.
Also, under strictly controlled conditions:
- Service Providers providing services to us.
We may also disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
Storage of information
The Society operations are based in the UK and we store our data within the European Union (EU). Some organisations which provide services to us may transfer data outside the European Economic Area but we’ll only allow this if your data is adequately protected. Some of our systems are provided by US companies and whilst it is our policy that we prefer data hosting and processing to remain on EU-based systems, it may be that using their products results in data transfer to the USA. However we only allow this when we are certain that the information will be adequately protected. (e.g. US Privacy Shield or Standard EU contractual clauses).
Payment card security
The Society uses a third party to process debit card payments. Our online payment solutions are carried out using ‘Go Cardless’. This means that when you input card data into the payment page, you are communicating directly with ‘Go Cardless’ who use a bank to pass your payment to us, which means that your payment card information is handled by the bank and not processed or held by us.