Mid-Anglia Environment Safety & Health Group

MESH Privacy Policy

Privacy Policy version: V1.1, last updated 25th May 2018

Mid Anglia Safety & Health Group (MESH) takes your privacy seriously. This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we'll use it, how we'll store and handle that data, and how we keep it safe.

We reserve the right to amend this Policy from time to time, without prior notice. Our website, https://www.meshgroup.org.uk will always display the most up to date Policy.

Who We Are

We are MESH the Mid Anglia Safety & Health Group, known in short as MESH. We can be contacted by email: info@meshgroup.org.uk and by phone: 01799 584359. MESH is a non-profit member's association.

You can visit our website without telling us who you are or revealing any information about yourself.

We treat any personal information about you securely, fairly and lawfully. We are committed to protecting your privacy.

To be a member, individuals must pay an annual fee. MESH runs monthly meetings on health and safety topics for members and guests as part of the membership agreement, provides an on-line website with health and safety news and information plus sends bulletins to members and secondary members about group activities and related local topical safety events.

MESH's Lawful Bases for Processing Personal Data

We have determined that MESH's Lawful Bases, under the General Data Protection Regulations (GDPR) are as follows:

Consent: we collect your personal data with your consent, when you apply for membership via the website.
We will retain data for a period of not more than 12 months/duration of membership of any organisation contacting us directly to undertake prospective presentations. Any organisation presenting for MESH and allowing their details/presentations on the website provides consent for any member to contact them for legitimate reason.

Contract: in order for you to become a paid-up member of MESH we need to collect and retain certain personal data to enable us to manage your membership. We cannot offer membership to individuals who do not consent for us to collect and store their personal data.

Why Do We Collect, Store and Process Data?

The data we collect is kept to an absolute minimum to allow MESH to:

manage MESH membership from initial registration as a new member, to alert existing members of annual membership renewals and to process membership renewals for those members requesting such;

send MESH members and secondary members information about forthcoming events, important news related to health and safety or any other item of legitimate information that MESH believes will be of interest to members or registered or secondary members;

send MESH members the on-line group activity updates and schedules;

We process requests from members and non-members to register for MESH membership and manage their registration and proposed type of fee payment.

What Data Do We Collect, Store and Process?

MESH collects, processes and stores data provided to it by you.

For members the data we collect is personal / company information including names, position in company, company names, email addresses, postal addresses, telephone numbers, website address, professional qualifications, special interests. We do not retain bank account information for membership payment purposes through the website.

How Do We Collect Data and Where Is It Stored?

We collect your data via on-line forms, containing specific fields of information via our membership system. You enter the data online, via web pages.

We use two different online systems to do this:

MESH's Membership Management system - a proprietary "Web Server Based" system;

Occasionally a member or non-member may send us data via email which we manage and store with proprietary email on a secure server.

Cookies

A "cookie" is a small text file that's stored on your computer, smartphone, tablet, or other device when you visit a website or use an app.

Some cookies are deleted when you close your browser. These are known as session cookies. Others remain on your device until they expire, or you delete them from your cache. These are known as persistent cookies.

This website uses only session cookies which are essential to enable you to access the MESH member's area.

How to control and delete cookies.

If you want to restrict or block the cookies we set, you can do this through your browser settings. The 'help' function within your browser should tell you how. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit http://www.allaboutcookies.org. Alternatively, you can search the internet for other independent information on cookies.

Cookies - how we use them

If you delete cookies relating to this website, you will not be able to access our member's area. We use cookies to provide a secure online environment for MESH members. We do not use cookies for marketing or tracking purposes.

Essential Cookies

Cookies that are essential for us to provide a secure online environment for members. Without cookies we are unable to provide the services of the member's area. Even if you say "No" to cookies on this website we'll continue to use these 'essential' cookies.

Essential cookies are used to:

deliver an interactive member's services

maintain online security

record your preference regarding our use of cookies on your device

Cookies we use

ck_policy:	A persistent cookie which remembers your consent to use cookies with a life time of 12 months.
meshcookie:	A session cookie which implements an inactivity timeout for a set period while logged in.
meshtoken:	A session cookie which gives the login session a unique value.

Who Has Access To The Data?

Your data is only accessible by the Chair of MESH, the MESH Secretary who updates the data in the system, designated website officer, the Treasurer whom processes payments and a contracted web designer who manages the system architecture.

Will the Data Be Shared With Any Third Parties?

Your data is never shared with any other organisation except those software systems described above.

How Long Do We Keep the Data?

We only keep your data for as long as is necessary for the purpose for which it was collected. Your data is kept on the system as long as you are a:

a signed-up member of MESH

you wish to remain a non-member contact to receive notifications, news, etc.

If you are a member and decide not to renew your MESH membership we will ask via email if you wish your details to remain on a database for mailing purposes. If not, we will delete all your data fully; a new application will be required to re-join MESH in the future.

Is the Data Secure?

We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We secure access to all data entry forms using "https" technology. Access to your data is password protected and restricted as discussed above.

Bank Account Details

At no point does any MESH system handle any bank account details or credit card numbers, expiry data or PIN-type information.

Your Rights

Under Data Protection Laws you have the following rights. You can contact us to exercise these rights at any time by contacting the MESH Secretary by email to: info@meshgroup.org.uk.

Information about your personal data, how we collect, store and process it. This Privacy Notice provides you with that information;

Access to the personal data we hold about you.
The MESH membership system provides a login for you as a member through which you can access to change elements of your personal data. You can email the MESH Secretary to request alteration or update of your personal data.

Correction of your personal data when incorrect, out of date or incomplete. We ask you review your personal data on a regular basis, update as needed or request changes to the secretary promptly. As stated above, you can access, view and request an edit the information we store. You can make a request to us to correct any of the data we hold on you and access it yourself through the website.

Erasure of all your personal data, our systems have features which allows us to delete your personal data completely, we would then confirm this to you by email and no longer contact you. Please Note we would not be able to fulfil our membership obligations to you as a member if you request that all your data is deleted. In this situation we would need to cancel your membership.

Copy of your data: you have the right to ask us for a copy of all the data we store on you and we will provide it in a suitable format, usually by email. You can check it and request us to update any data that needs amendment.

How to Make A Complaint

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the UK Information Commissioner's Office:

ICO Helpline Telephone: 0303 123 1113
https://www.gov.uk/data-protection/make-a-complaint
https://ico.org.uk/concerns/

These links open new windows; please note we can't be responsible for the content of external websites or changes we are unaware of.