KENRIC is committed to safeguarding your privacy. At all times we aim to respect any personal data you share with us and keep it safe. This Privacy Policy (this Policy) sets out our data collection and processing practices and your options regarding the ways in which your personal information is used.

This Policy contains important information about your personal rights to privacy. Please read it carefully to understand how we use your personal data. We may update this Policy from time to time without notice to you, so please check it regularly.

The provision of your personal data to us is voluntary. However, without providing us with your personal data, you may be unable to become a member of KENRIC or fully access the events and activities that we organise.

1. How we collect information about you

  • When you give it to us directly. You may give us your personal data in order to apply for full membership of KENRIC or to join the KENRIC Meetup group, on Facebook, Twitter and/or when you contact us by telephone, email or post.
  • When you give permission to other organisations (such as Facebook or Meetup) to share it or it is available publicly. We may combine information you provide to us with information available from external publicly available sources. Depending on your privacy settings for social media services, we may also access information from those accounts or services. We use this information to gain a better understanding of you and to improve our communications.
  • When you visit our website. We use cookies to identify you when you visit our website and to enable us to personalise your online experience (for example by remembering your log in details). Please refer to our Cookies Policy for details on the way our use of cookies affects your personal data.
  • We also collect potentially personally-identifying information like Internet Protocol (IP) addresses for logged-in users who leave comments on our website, along with your name and email address.

2. Information we collect

We may collect, store and use the following kinds of personal data: your name and contact details, including physical address, telephone number, email address, sexual orientation and social media identity.

We may request other information where it is appropriate and relevant, for example:

  • Details of how you found out about Kenric
  • Your age range
  • Your bank details or debit/credit card details
  • Information about your computer and about your visits to and use of this website, including when you post comments or contact us via the website. This may include your IP address, geographical location, browser type, operating system, user agent, device, referral source, length of visit and number of page views.

Sensitive Personal Information (Special Category Data)

Certain categories of personal information are classified as Special Category Data as they are sensitive and therefore requiring more protection (e.g. health information, ethnicity and sexual orientation).

As membership of KENRIC and KENRIC’s Meetup group is only open to women who identify as lesbian, we therefore collect and process sensitive information regarding the sexual orientation of our members. This is done with explicit consent.

3. How and why we will use your personal data

Personal data, will be used for the purposes specified in this Policy or in relevant parts of the website. We may use your personal information to:

  • Enable you to use the services we offer
  • Send you information about our group, our events and activities including our monthly members’ newsletter and any other information, products or services that we provide (this will not be done without your consent)
  • Provide you with the services, products or information you have requested
  • Improve your browsing experience by personalising your interaction with our website, such as remembering your login details on our website
  • Administer comments posted on our website and respond to enquiries made to us. If you leave a comment on our website, your comment text, your name and website (URL), if provided, will be visible to the public
  • Process the administration of any donation or other payment you make via credit/debit card, cheque, standing order or BACS transfer
  • Collect payments from you and send statements and/or receipts to you
  • Handle the administration of your work as a volunteer with our group, where applicable
  • Deal with enquiries and complaints made by or about you relating to the website or KENRIC in general
  • Examine and administer our accounts
  • To further the aims of the organisation by analysing your data to ensure we are reaching our target audience
  • Research

4. Communications

Where you have provided us with your physical address, we may contact you by post; and where you have provided appropriate consent, also by telephone and e-mail, with targeted communications to let you know about our events and/or activities that we consider may be of particular interest and to send reminders about membership subscriptions.

5. Membership subscriptions and other payments

All membership subscriptions collected via direct debit are administered by GoCardless, a third-party payment services provider. We recommend that you download and read the GoCardless privacy policy

All KENRIC’s online event ticket transactions are administered by WeGotTickets, a third party online ticketing provider. We recommend that you read the WeGotTickets privacy policy

For debit/credit card transactions, KENRIC uses iZettle which is EMV (Europay, Mastercard and Visa) approved. iZettle complies with the strict “Payment Card Industry Data Security Standard” (PCI DSS) for handling card data and the global standards for technology used to authenticate chip-card transactions.We recommend that you read the iZettle Privacy Policy for more details.

KENRIC sometimes uses PayPal for money transfer transactions and we recommend that you read PayPal’s Privacy Policy

Your personal data will be provided to GoCardless, WeGotTickets, iZettle and PayPal only to the extent necessary for the purposes of processing payments for transactions you enter into with us. KENRIC does not receive or store your financial details in any of these transactions.

KENRIC uses the Co-Operative Bank for receiving and making payments related to the running of the group. We receive and store financial details only to the extent necessary for the purposes of administering the payment of invoices and expenses. Access to this data is strictly limited and securely protected with industry standard security measures. For more details, we recommend that you read the Co-Operative Bank Privacy Policy

6. Children’s data

We do not knowingly process data of any person under the age of 16. If we discover, or have reason to believe, that you are 15 and under and we are holding your personal information, we will delete that information within a reasonable period and withhold our services accordingly.

7. Security and access to your personal data

We endeavour to ensure that there are appropriate and proportionate technical and organisational measures to prevent the loss, destruction, misuse, alteration, unauthorised disclosure or of access to your personal information.
We may disclose information about you to any of our volunteers, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this privacy policy. In addition, we may disclose information about you:

  • To the extent that we are required to do so by law;
  • In connection with any legal proceedings or prospective legal proceedings;
  • In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk); and
  • Except as provided in this privacy policy, we will not provide your information to third parties.

Your information is only accessible by appropriately trained volunteers and  contractors with whom we have a confidentiality agreement:

WOW Design and Print: Newsletter printing & distribution
Lemony Design: Website development & security
Coates IT Ltd: Website hosting & membership services

We may also use agencies and/or suppliers to process data on our behalf. We may partner with other organisations and in so doing transfer and/or acquire personal data.

Please note that some countries outside of the EEA have a lower standard of protection for personal data, including lower security requirements and fewer rights for individuals. We may transfer and/or store personal data collected from you to and/or at a destination outside the European Economic Area (“EEA”). Such personal data may be processed by agencies and/or suppliers operating outside the EEA. If we transfer and/or store your personal data outside the EEA we will take reasonable steps to ensure that the recipient implements appropriate measures to protect your personal data.

Other than as set out in this Privacy Policy, we will only ever share your data with your informed consent.

8. Your Rights

Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to ask us to stop using your personal information or to be unsubscribed from our email list or postal mailing list at any time. You also have the following rights:

  • Right to be informed – you have the right to be told how your personal information will be used. This Policy and other policies and statements used on our website and in our communications are intended to provide you with a clear and transparent description of how your personal information may be used.
  • Right of access – you can write to us or email us to ask for confirmation of what information we hold about you and to request a copy of that information. This is known as a Subject Access Request (SAR) and full details of how to make a SAR are here:
    > Download KENRIC-Subject-Access-Request-Form (Word document)
    > Download KENRIC-Subject-Access-Request-Form (PDF)
    Once we have successfully confirmed your identity, we will comply with your request within 30 days.
  • Right of erasure (right to be forgotten) –  you have the right to request that your personal information be deleted from our records. This may mean that we are no longer able to administer your membership of KENRIC and we will tell you if this is the case.
  • Right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated.
  • Right to restrict processing – you have the right to ask for processing of your personal data to be restricted if there is disagreement about its accuracy or legitimate usage.
  • Right to data portability – to the extent required by the General Data Protection Regulations (“GDPR”) where we are processing your personal information (i) under your consent, (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contact or (iii) by automated means, you may ask us to provide it to you – or another service provider – in a machine-readable format.
  • You have the right to make a complaint to the Information Commissioner if you think that any of your rights have been infringed by KENRIC. For further information on exercising this right, please refer to the ico guidance

KENRIC (Registration no: ZA307134) is registered with the Information Commissioner’s Office.

Please note that some of these rights only apply in limited circumstances. For more information, we suggest that you consult ICO guidance or please contact us using the details in section 16 below.

To exercise these rights, please send a description of the personal information in question using the contact details in section 16 below. Where we consider that the information with which you have provided us does not enable us to identify the personal information in question, we reserve the right to ask for (i) personal identification and/or (ii) further information.

KENRIC Members’ Newsletter
To unsubscribe from our members’ newsletter, please email: editor@kenric-uk.club

KENRIC Meetup Group
For more information regarding personal data collected by Meetup, please refer to the Meetup privacy policy
To amend the notifications that you receive from Meetup, please follow the Meetup instructions

KENRIC Facebook Group
For more information about amending notifications from Facebook, please read the Facebook instructions

Freedom of Information Act
The Freedom of Information Act gives individuals the right to access recorded information held by public sector organisations, such as local authorities, government departments etc. KENRIC is not a public sector organisation and therefore exempt from supplying information under the Freedom of Information Act. However, we will always endeavour to respond to any reasonable requests for information from our members, subject to availability of resources and data protection regulations.

9. Lawful Processing

We are required to have one or more lawful basis to process your personal information. Personal information is processed on the basis of one of the following:

  • consent
  • a contractual relationship
  • a legal obligation
  • legitimate interests

Consent
We will ask for your consent to use your information as set out elsewhere in this policy such as administer your membership of KENRIC and to send you communications like our members’ newsletters.

Contractual relationships
Most of our interactions with members and website users are voluntary and not contractual. However, sometimes it will be necessary to process personal information so that we can enter contractual relationships with people. For example, if you purchase tickets to KENRIC events online.

Legal obligations
Sometimes we will be obliged to process your personal information due to legal obligations which are binding on us. We will only ever do so when strictly necessary.

Legitimate interests
Applicable law allows personal information to be collected and used if it is reasonably necessary for our legitimate activities (as long as its use is fair, balanced and does not unduly impact individuals’ rights). We may rely on this ground to process your personal data when it is not practical or appropriate to ask for consent.

10. Data Retention

We will retain your personal information for as long as you are a member of KENRIC or the KENRIC Meetup group.

In general, unless still required in connection with the purpose(s) for which it was collected and/or is processed, we will remove your personal information from our records 3 months after your membership of KENRIC has ended.

However, if before that date

  • your personal information is no longer required in connection with such purpose(s)
  • we are no longer lawfully entitled to process it or
  • you validly exercise your right of erasure, we will remove it from our records at the relevant time.

In the event that you ask us to stop sending you communications, we will keep your name on our internal suppression list to ensure that you are not contacted again.

11. Automated Decision Making & Profiling

Very limited automated decision making is carried out as part of the online membership application process, based on your selections during that process.

12. KENRIC Archive

KENRIC maintains an archive of its affairs and activities, in accordance with Section 11 of the KENRIC Constitution. The KENRIC Archive is securely stored at the London Metropolitan Archive and it is not open to the public.

13. Photographs and Images

All photographs and images in the public area of the KENRIC website are of members who have given their permission for publication, speakers and performers at events or event advertisements. Please refer to KENRIC’s Social Media and Communications Policy for further details.

14. Policy amendments

We keep this Privacy Policy under regular review and reserve the right to update from time-to-time by posting an updated version on our website, not least because of changes in applicable law. We recommend that you check this Privacy Policy occasionally to ensure you remain happy with it. We may also notify you of changes to our privacy policy by email or via the members’ newsletter.

15. Third party websites

The KENRIC website contains links to other (third party) websites. This Privacy Policy does not cover third party websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any external websites you visit via links on our website.

16. Contact

We are not required by law to have a “Data Protection Officer” but we have a volunteer Information Management Officer who is an elected member of the KENRIC Management Committee. If you have any questions about this privacy policy or our treatment of your personal data, please contact our Information Management Officer by: