Dear ISSR Member,
As you may know, the new data protection regulation, GDPR, is coming into force on May 25th 2018. It applies to organisations, such as ISSR, that are based in the EU.
To comply with the new regulations, ISSR has sent out an e-mail to its membership in order to obtain consent for continued contact.
As part of these regulations, ISSR also wants to make clear to all Fellows and Associates what their data rights are with respect to knowing:
a) what data ISSR collects on its membership;
b) what ISSR does with those data; and
c) how to obtain a census of what data ISSR holds on you as a member.
Fortunately, these are straightforward to answer.
a) ISSR holds no information on its members other than that which was given on the Membership Acceptance form (name, address, institution, title, e-mail address, profile picture); that which Fellows voluntarily put on their ISSR website profile; information given to us on Expense Claims and Bursary Requests (expense details, bank paying-in details, and receipts); e-mails and correspondence; details of financial transactions made, for example subscriptions payments taken, and bursaries paid out; ISSR subscription information includes: name of subscriber; subscriber address (where given); the amount paid (low income or full price); the date of payment; whether payment is recurring or one-off; blog material given to us to upload on the ISSR website; and, public facing information accessible to everyone gathered by ISSR’s administrator to populate the Fellows’ website profiles.
b) This limited amount of data that ISSR holds is only used for the following purposes: for having an up-to-date list of our membership; for sending out communications, and staying in touch with the membership; for keeping track of who has paid their subscriptions, when, and how much has been paid; for compliance with the Charity Commission’s requests for information and legally-binding accounting purposes (e.g. knowing to whom ISSR has paid bursaries and expenses, when, and how much has been paid); e-mail addresses and contacts necessary for administering and carrying out ISSR research projects.
c) If any of this is at all unclear, or if any ISSR member would like further clarification on what data are kept on them personally, or, moreover, if any member would simply like us to delete and dispose of any information we have on them, you have can get in touch with ISSR’s administrator at any time using the following e-mail address: firstname.lastname@example.org (please note, that ISSR is legally bound to comply with such a request within 30 days without charge).
Finally, please note that ISSR payments received as part of subscriptions are handled by third party banking websites, so we do not have any members’ PayPal/credit/debit card details at all; nor does ISSR analyse the cookie information that may be gathered on our website, nor do we sell any information on, nor do we give any information we have to third parties unless legally obliged to do so. Even so, ISSR encrypts the devices such data are stored upon, and is obligated to report to its membership any data breaches perpetrated.