MCG Navigation Update
Members Area Logon
MCG Logo

GDPR & Privacy Policy

Our Intent & Your Data

We are committed to safeguarding the privacy of our members. Mendip Caving Group (MCG) will only use the information that we collect about you lawfully and in accordance with current data protection legislation, including the European Union’s General Data Protection Regulation (GDPR).

This Privacy Notice is intended to comply with the GDPR and explains how we collect, use, and protect your personal data.

Roles and Responsibilities

The Data Subjects: In legal terms, our members are ‘Data Subjects’.

The Data Controller: The MCG is, from a legal perspective, classed as the ‘Data Controller’.

The Data Protection Lead (DPL): The Group’s DPL is the Club Secretary. The DPL is the primary point of contact for data protection matters. The formal mechanism for members to raise concerns is to email Secretary@mendipcavinggroup.org.uk or send a letter to our cottage address.

Data Processors: The Secretary, Treasurer, and Editor will, for specific purposes, require access to process personal data. Committee members also require access to basic data for emergency situations.

How We Use Your Personal Data

Purpose of Processing

We collect personal data primarily to support and administer your membership of the MCG and for obtaining your mandatory British Caving Association (BCA) membership.

For access to facilities, members are provided with a key card or Fob. We record the unique number against your name to manage access and security. Each use of a key card is recorded in a database, which is available to the committee for security purposes.

When you stay at the cottage, you are required to record your stay. This allows the Treasurer to confirm correct payment.

Lawful Basis of Processing

Legitimate Interest: We process your data in pursuit of yours and our legitimate interests as a member of the MCG. This includes the renewal and administration of your membership.

Consent: We confirm with members that they are happy to receive correspondence during membership application and renewal. By providing next of kin details, you consent for this person to be contacted in an emergency. If we plan to publish any personal details in any publication, we will obtain your consent first. Committee members’ contact details may be published with their consent.

What Personal Data We Collect

The type of personal data we collect about you includes:

  • Name in full
  • Postal address
  • Email address(es)
  • Mobile, and/or landline numbers
  • Gender
  • Date of Birth
  • Consent to be contacted for a cave rescue
  • Next of Kin details

If you hold a committee post, we may retain additional records. Minutes of meetings may also include your name and other information.

Sensitive Personal Data: We do not hold and will never collect sensitive personal data about you.

Who We Share Your Data With

Your name and contact details will primarily be used internally within the Mendip Caving Group.

All MCG members MUST hold BCA membership. For those members that do not arrange this directly, the MCG will arrange it. The BCA requires your Name, Address, Gender, and email address. The MCG emails these details to the BCA secretary. Withholding consent for these details to be sent to BCA would prevent membership of the MCG. Please visit the BCA website to view how they use your data.

In order for you to receive a copy of MCG publications, your name and email/home address will be used by the Editor. We will not pass your personal data to any other commercial or charitable organisation without your explicit consent, and we will never sell your personal data.

Transfer Outside the EEA: Personal data will only be transferred outside the European Economic Area for specific events, like an overseas expedition, and only with your explicit consent.

How Long We Retain Your Data

We will retain your personal data while you are a member of the Mendip Caving Group. Upon leaving, we will continue to hold electronic records of your name and other relevant details for a period of 5 years, to enable simple administration for re-joining and for statistical/historical reasons. This does not affect your right of erasure.

The MCG also holds paper records going back to our formation. We will endeavour to ensure any personal data in these records is removed or deleted when it is found and when it is possible to do so. However, the nature of such published records means this is not always possible.

Your Data Rights

Under current legislation, you have a number of rights regarding your data:

Right of Access

You are entitled to access your personal data to be aware of and verify the lawfulness of the processing. You can request a copy of the data we hold on you. This will be provided without charge and within 3 months. We may seek to verify your identity before releasing information.

Right of Rectification

You are entitled to have personal data rectified if it is inaccurate or incomplete. Your membership renewal form contains the details we currently hold for you. You can amend this form or contact the Secretary directly to request corrections.

Right to Restrict Processing

You have a right to ‘block’ or suppress the processing of your personal data. When processing is restricted, we are permitted to store the data but not further process it. Please note this may prevent the completion of your BCA membership, which could result in your MCG membership ending.

Right of Erasure (‘Right to be Forgotten’)

You may request the deletion or removal of personal data where there is no compelling reason for its continued processing. This right is not absolute but applies in specific circumstances, such as when you object and there is no overriding legitimate interest for us to continue processing it.