Data Protection Notice Province of East Kent
This notice is for all candidates and Freemasons of the Province of East Kent. It applies to the processing of your personal data by the Province.
Section 1 sets out the purposes for which your data will be used by the Province if you are a candidate to become a Freemason.
Section 2 sets out the purposes for which your data will be used by the Province if you are a Freemason.
Please note that your personal data will also be processed by your Lodge(s) and the United Grand Lodge of England as separate data controllers and so you are also referred to their respective Data Protection Notices.
1.Use of your data during your application to become a Freemason
As a candidate to become a Freemason, you consent to the processing, retention and sharing of your personal data for the purpose of assessing your membership application and any other Masonic applications you may make.
You can withdraw your consent and request erasure of your data at any time prior to your initiation by notifying your proposer and seconder that you wish to cancel your application.
2. Use of your data after you become a Freemason
As a Freemason your data will be processed, retained and shared for any reasonable purposes required by the Book of Constitutions or the bodies it sanctions from time to time. These purposes include, but are not limited to, the following purposes:
- Assessing any Masonic applications you make;
- Registering you as a member of Freemasonry;
- Receiving communications to which you are entitled as a Mason;
- Recording the progress of your career in Freemasonry; and
- Masonic disciplinary processes.
You may stop your data from being used by the Province by resigning from all Lodges in the Province.
The Province is at 11 Estuary View Business Park, Boorman Way, Whitstable, Kent, CT5 3SE. Please contact its data protection officer by post or email to [email protected] if you wish to:
- Object to the Province processing your data;
- Request access to your data; or
- Request rectification of your data.
The legal bases on which your personal data will be used in accordance with this Section 2 are:
- The legitimate interests of the Province as a not for profit membership organisation; and
- The fulfilment of contractual obligations owed to you by your Lodge supported by the Province.
In this notice “Book of Constitutions” means the General Laws and Regulations for the Government of the Craft of the United Grand Lodge of England from time to time.
Data Protection Policy
This data protection policy regulates how the Province of East Kent processes and stores personal data of its members. It applies to all employees, officers, members and volunteers of the Province. Its purpose is to ensure that the Province complies with the law and with high data protection standards.
In this policy “personal data” means any recorded information which identifies a living individual.
As a membership organisation the Province processes, retains and shares personal data of members for the purposes set out in the Data Protection Notice. Where the Province employs or contracts with a member it may also process, retain and share personal data of that member for all lawful purposes related to that employment or contractual relationship.
The Province shall not collect or store personal data of members for any other purposes.
- Appointment of a Data Protection Officer
The Province shall appoint a Data Protection Officer who will oversee compliance with data protection law and will act as a point of contact for members and the Information Commissioner’s Office (the “ICO”). The Data Protection Officer shall have a direct line of communication with the Provincial Grand Master and shall have, or shall undergo training to ensure that he has, knowledge of data protection law and practices.
- Members’ data rights
A member may request that the Data Protection Officer:
- provides him with a copy of all personal data that the Province holds about him. The Data Protection Officer shall promptly provide a copy of all information required to be disclosed by law.
- rectifies any incorrect personal data held by the Province about him. The Data Protection Officer shall promptly consider such a request and respond to it in accordance with the law.
- stop the Province from some or all of its processing of his personal data. The Data Protection Officer shall promptly consider such an objection and respond to it in accordance with the law.
- Deletion of personal data
A member may resign from all lodges in a Province at any time. After it has processed such resignation(s) the Province shall delete personal data that it holds about that member as set out in the Data Protection Notice.
- Sharing data with third parties
As a membership organisation the Province shares:
- personal data of its members with the United Grand Lodge of England; and
- personal data of members of each Lodge in the Province with that Lodge,
as required by the Book of Constitutions or bodies it sanctions from time to time. It will not share personal data of members for any other reason unless it has the consent of the relevant member.
- Data Protection Notice
The Province shall publish a Data Protection Notice so that it is available to members. The Notice shall comply with the requirements of data protection law and among other things shall inform members how their personal data will be used by the Province and how they may contact the Province’s Data Protection Officer.
- Data security
The Province shall periodically review the security of its records and processing activities and shall take appropriate steps to ensure the confidentiality, integrity and availability of personal data that it holds.
- Registration with ICO
The Province shall maintain its annual registration with the ICO.
- Reporting breaches to the Data Protection Officer
Actual or potential breaches of this policy, or of data protection law by the Province, shall be reported immediately to the Data Protection Officer. Breaches shall be reported if required by the Data Protection Officer to the ICO or to the member(s) whose data is affected. Normally the Data Protection Officer shall not report breaches without prior consultation with the Provincial Grand Master and Provincial Grand Secretary.
Date policy adopted: 1st February 2018