Chair: Annie Mead Secretary: Margaret Wilson Treasurer: Barbara Grant
Version 1 - 22 November 2023
All members of the League are personally responsible for processing and using personal information in accordance with the Data Protection Act and GDPR, no matter how it is collected, recorded or used. This applies whether or not the information is held on paper, in a computer or recorded by some other means eg tablet or mobile phone.
What is personal information?
Information about living individuals that enables them to be identified – eg names, addresses, telephone numbers, email addresses, dates of birth etc.
Consider whether an email (both incoming and outgoing) will need to be kept as an official record. If the email needs to be retained, it should be saved into the appropriate folder or printed and stored securely.
Emails that contain personal information no longer required for operational use, should be deleted from the personal mailbox and any “deleted items” box.
Unless you have consent, when sending emails out to more than one member, always used blind copy (bcc).
Store records securely in a locked box or cabinet.
Do not make more copies than you need and only distribute copies to those who need to access the information.
Destroy paper copies once the information is no longer required for operational use.
Phone calls can lead to unauthorised use or disclosure of personal information and the following precautions should be taken:
Laptops and Portable Devices
All laptops and portable devices that hold data containing personal information must be protected by a password.
Ensure your laptop is locked (password protected) when left unattended, even for short periods of time.
When travelling in a car, make sure the laptop is out of sight, preferably in the boot. If you have to leave your laptop in an unattended vehicle at any time, put it in the boot and ensure all doors are locked and any alarm set. Never leave laptops or portable devices in your vehicle overnight.
Do not leave laptops or portable devices unattended in restaurants or bars, or any other venue. When travelling on public transport, keep it with you at all times, do not leave it in luggage racks or even on the floor alongside you.
Data Security and Storage
Store as little personal data as possible on your computer or laptop. Only keep those files that are essential. Personal data received on disk or memory stick should be saved to the relevant file on the server or laptop. The disk or memory stick should then be securely returned (if applicable), safely stored or wiped and securely disposed of.
Information should be stored for only as long as it is needed or required by statute and will be disposed of appropriately. For financial records this will be up to 7 years. Archival material such as minutes and legal documents will be stored indefinitely. Other correspondence and emails will be disposed of when no longer required.
Do not use passwords that are easy to guess. All your passwords should contain both upper and lower-case letters and preferably contain some numbers. Ideally passwords should be 6 characters or more in length. Protect your password – do not give the password out or write it down and leave it near your device.
22 November 2023
Adopted in full at AGM.