Rotary International in Great Britain and Ireland and Oswestry Cambrian Rotary (“we”) promise to respect the confidentiality of any personal data you share with us to keep it safe, and we will always take every effort to protect your privacy. [For the purpose of this privacy notice, Rotary International in Great Britain & Ireland (RIBI) also includes Rotary Foundation United Kingdom (RFUK) and the RIBI Donations Trust].
We pride ourselves on our honesty and openness and will always be clear how, when and why we collect and process your information; we promise we will never do anything with your details that you wouldn’t reasonably expect.
We collect information in the following ways:
When you give it to us DIRECTLY
There are many ways you may give us your information. For example, when you join as a member, begin volunteering, make a donation, request our help or communicate with us either by phone, in writing, including email or in person. We are responsible for your data at all times.
When you give it to us INDIRECTLY
We do not collect information indirectly.
Via Social Media
Depending on your settings or the privacy notices for social media and messaging services like Facebook, WhatsApp, LinkedIn or Twitter, you might give us permission to access information from those accounts or services.
Via information available publicly
This may include information found in places such websites (club, district, action groups etc), Companies House and information that has been published in articles/newspapers.
Like most websites, we may use “cookies” to help us make our site, and the way you use it, better. We do not store any personal data in the cookies that we use.
Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier – for example by automatically filling your name and address in text fields.
In addition, the type of device you’re using to access our website or apps and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, what your device settings are. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.
The type and quantity of information we collect and how we use it depends on why you are providing it. You should be able to control what cookies are placed on your device through your browser settings. Go to www.aboutcookies.org to find out more about cookies, including how to see what cookies have been set and how to manage and delete them.
We use Google Analytics to analyse the use of our websites by generating statistical and other information.
Details captured during your visit to our websites will include, but are not limited to, traffic data, location data, weblogs and other communication data and the resources you access. However, all data collected is anonymous and will not identify you as an individual.
Google, not the Association, stores this activity information. You can view Google’s privacy notice here.
To opt out of being tracked by Google Analytics across all websites visit their website here.
What personal information we collect and how we use it
We will only ever capture the minimum amount of information that we need to in relation to your membership, donation or services we provide to you and we promise to keep your information secure. The personal data we will may collect is:
Your contact details
Your date of birth (if relevant to the enquiry)
Details of the enquiry, or service request
Where it is appropriate, we may also ask for additional information
How we will use your data
We will use your personal data for the legitimate interest of conducting core business activities, these will include:
Administer your membership or donation, including processing Gift Aid
Provide you with the services, products or information you asked for
Providing services, products, guidance or information to clubs and districts for their general activities, including Disclosure and Barring Service checks
Communicating organisational messages and information to members, district and club officers
Facilitate conference, training seminars, meetings and other special event planning
Supporting ‘The Rotarian’ and ‘Rotary’ magazines
Supporting The Rotary Foundation (TRF) and the Rotary Foundation United Kingdom
Providing information and updates to district and club officers on RI and RIBI programmes and service projects
Preparation of Rotary directories
Identifying candidates for Presidential and Foundation appointments to conferences.
Appointments to committees, club and district offices, task forces and other assignments within the Rotary organisation
To present our website and its contents to you and to allow you to participate in interactive features on our website
For HR/Employment records for staff
Keep a record of your relationship with us
Understand how we can improve our services, products or information
In any other way we may describe when you provide the information
For any other purposes with your consent
We do not collect any personal information classified as ‘sensitive’ under GDPR.
We will collect all personal information required to comply with employment legislation, including where necessary sensitive information. This may include medical information and where additionally appropriate we will perform a criminal record search. To prevent discrimination and to ensure diversity, we shall request information from the employee on religion, sexuality and ethnicity.
Interact, Rotakids and under 18’s data
We do not collect information from under 18’s. Interact and Rotakids clubs are managed through the identified Rotarian member contact.
The RIBI District Youth Exchange Association operates as a separate entity to RIBI and RI and is responsible for the organisation of Rotary youth exchange programmes. You can view their privacy notice by visiting their website here.
Sharing with third parties
We will never share or commercially sell your personal data to anyone else.
We will only ever share your personal data in other circumstances, not listed above, if we have your explicit and informed consent at the time of collection. However, we may need to disclose your details if required to the police, other agencies, for example HMRC, regulatory bodies or our legal advisors.
How we keep your information safe and who has access to it
We undertake regular reviews of who has access to information that we hold to ensure that your personal information is only accessible by appropriate Rotary members
We have a duty to report certain types of personal data breaches to the relevant supervisory authority, and where feasible, we will do this within 72 hours of becoming aware of the breach. If a breach is detected and likely to result in a high risk of adversely affecting you, we will inform you without undue delay.
How long we retain your information and how we keep it up to date
We will only keep your information for as long as we need it to assist you with your service enquiry, process your membership, donation, event registration or other services associated to your Rotary membership. There are statutory timescales on how long we should keep your information, for example, gift aid transactions must be retained indefinitely, employment records for 6 years after an employee leaves, financial records must be kept for 7 years, information associated with Health & Safety for three years after an event. We shall delete your information according to these statutory limits, or according to guidance issued by the Information Commissioner.
Individual members are responsible for keeping their own personal data up to date and have access to the RIBI Data Management System (DMS) or My Rotary on the RIBI website for this purpose. In addition, where necessary, we will keep your information accurate and up-
The General Data Protection Regulations gives you certain rights and these are listed below for your convenience, further clarification of your rights is available on the Information Commissioners website
You have a right to be informed when your personal data is being collected, what is collected and how it will be used or shared.
You have a right of access to your personal data: the right of access allows you to be aware of and verify the lawfulness of the processing of your personal data. Members and donors have access to their personal data via self-
Applicants should be aware that where requests are manifestly unfounded or excessive, in particular because they are repetitive, RIBI can:
You have a right in certain circumstances to have inaccurate personal data rectified, blocked (restrict processing), erased (right to be forgotten), or destroyed.
You have a right in certain circumstances to object to the processing of your personal data for such reasons as direct marketing, automated decision making, profiling; although we can confirm we make no decisions on you using an automated process.
You have a right in certain circumstances to data portability.
In certain situations, these rights may not apply, for example if you are a valid member we will need to communicate with you about your membership and those services afforded to you as part of that membership; you hold a club or district office and we need to communicate with you in relation to that office, in which case you will not be able to unsubscribe from these communications.
We collect and process your personal data through legitimate interests or because you have provided it to us to enable us to deliver a service to you. We will only process your personal data as you would reasonable expect us to. You can opt out of our general member mailings at any time.
Finally, if you are unhappy with how we have processed your information, you have the right to lodge a complaint with the Office of the Information Commissioner.