This statement sets out the ways in which The Fellowship of the Motor Industry (FMI) complies with the provisions of the General Data Protection Regulation (GDPR).
The FMI is a not-for-profit organisation that exists to provide the benefits of the camaraderie and support of fellow members through a programme of events and activities. The members will usually have held a responsible position in the automotive industry for a reasonable length of time and be keen to interact with like-minded industry colleagues at associated events and locations
Identity of the Data Controller
The data controller is the Fellowship of the Motor Industry which can be contacted at 87 Avery Road, Sutton Coldfield, B73 6QF The email address for questions relating to data protection is email@example.com
Purpose of, and legal basis for storing and processing information
The FMI stores and processes members’ personal information on the basis of Legitimate Interest.
The information is processed in order to:
- enable the FMI to maintain an up to date, accurate list of current members for administrative purposes
- fulfil the objective of organising events that may be of interest to them circulate the FMI’s newsletter.
Given the aims of the organisation, the FMI considers that Legitimate Interest is the appropriate legal basis for storing and processing members’ personal information.
Categories of personal data being stored and processed
The only personal data being stored and processed by the OUHS are each member’s:
- postal address
- date of birth
- Telephone numbers
- email address
- length of time in the motor industry
- name(s) of employer(s)
- active positions held within the motor industry
- Proposer’s names
- Proposer’s address
- Proposer’s telephone numbers
- Proposer’s email address
Recipients of personal data
The FMI does not pass members’ information to any other organisations or individuals for any purpose.
Within the Society, access to members’ information is restricted. The membership secretary has access to all information relating to all members. The treasurer has access only to that information required for financial record keeping. The secretary has access to members’ email addresses.
Members’ information within the membership database will be kept for no more than 18 (eighteen) months from the date at which their membership lapses. Information necessary for financial record-keeping will be kept for 7 (seven) years.
Every member has a number of rights under GDPR. A member may:
- ask to see all information about them held by the FMI. On receipt of such a request, the FMI shall seek to verify the identity of the person making the request and, once their identity is confirmed, will provide that member with the requested information without charge
- ask the FMI to correct any errors in their own record of which a member becomes aware. On receipt of such a request, the FMI shall seek to verify the identity of the person requesting corrections and, once their identity is confirmed, correct the information at the earliest opportunity
- ask the FMI to delete information about them held by the FMI. On receipt of such a request, the FMI shall seek to verify the identity of the person making the request and, once their identity is confirmed, delete the relevant information although it reserves the right to retain information specifically required for specific purposes such as financial record-keeping
- ask the FMI to restrict its processing of their information. In the case of the FMI this is most likely to be a request to stop sending information or the newsletter. On receipt of such a request, the FMI shall seek to verify the identity of the person making the request and, once their identity is confirmed, apply the requested restriction
- complain to the Information Commissioner’s Office (ICO) if a member feels that the FMI is failing to comply with the GDPR. The FMI would ask that any such complaint be addressed to the Society itself in the first instance but members have the right to complain directly to the ICO. At the time of writing this notice, information on how to complain could be found here: https://ico.org.uk/concerns/
For further information about this statement or any other aspect of the Society’s compliance with GDPR, please send an email to firstname.lastname@example.org.