© Army Catering Corps Association | Privacy Policy | Cookie Policy | Contact Us | Benevolence | Forces Related Links
The Army Catering Corps Association’s Privacy Policy I n order to comply with the General Data Protection Regulation (GDPR), effective from 25th May 2018, the Army Catering Corps (ACC) Association has revised and updated its privacy policy in order to strengthen data protection and to ensure members have control over their personal data and its use. GDPR places greater emphasis on the documentation that data controllers must keep to demonstrate their accountability. Offences with serious consequences can have fines of up to 20 million Euros . Index to the Document (Click on a topic to jump to that section) Background Information Who is Responsible for the Data Security What is required to comply with General Data Protection Regulations How we collect the information we hold Use of cookies What information do we hold about you What we do with personal information How we ensure the accuracy of the informatio n How we ensure the security and privacy of the data Who do we share information with? What if you would like us not to contact you in the future What if you would like your details removed from our records Deceased Members ‘ Information Further Enquiries Background Information The ACC Association is fully committed to ensuring the privacy of its members and users of the www.accassociation.org website. This Privacy Policy explains how we use personal data to deliver services provided to members and the measures taken to secure this data. This policy may change occasionally so please check this statement from time to time. The ACC Association has a number of subordinate branches, currently these include: ACC Officers’ Club ACC & RLC Chefs (Past & Present) Sergeants' Association ACC Golfing Society Airborne Chefs Association All subordinate branches of the ACC Association are covered and bound by this privacy policy. In 1980, as part of the preparations for the 40th anniversary of the founding of the ACC, a database was compiled of "Old Comrades". This information was used as the foundation for the current Association's Membership Database, which has grown to around 3,000 as new members have joined. Who is Responsible for the Data Security The Secretary of the ACC Association is designated as the organisation’s ‘Data Controller’. The Data Controller is responsible for ensuring the ACC Association and its subordinate branches comply with the provisions of GDPR. The Association’s Executive Council member responsible for Communications & Media is designated as the ‘Data Protection Officer’. What is required to comply with General Data Protection Regulations Article 5 of GDPR requires that personal data shall be: a) processed lawfully, fairly and in a transparent manner in relation to individuals; b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research or statistical purposes shall not be considered to be incompatible with the initial purposes; c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed; d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay; e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. Article 5(2) requires that: A Data Controller shall be responsible for, and be able to demonstrate, compliance with the principles. How we collect the information we hold The ACC Association collects personal information from you through your Membership Application Form and any other forms that you have submitted and through any e-mails that you send us. We also collect information automatically each time you visit the www.accassociation.org website. This information, which records what parts of the website you visited, is only used as aggregate information, not as identifiable individual information. Use of cookies If we use ‘cookies’ to identify you when you visit the ACC Association website we will display the regulatory message informing you what we are doing. A cookie is a small amount of information which is sent to your browser and stored on your computer's hard drive, which then enables our web-server to collect information back from your browser each time you visit our website. You can find out more about the use of cookies at https://ico.org.uk/global/cookies/. No information is collected that can identify any one individual user of the website. What information do we hold about you We hold basic contact details, rank (where known), name, initials, postal and email addresses and landline and mobile telephone numbers. For some members we have a few additional elements such as date of birth, service number, dates of military service where provided. Those who are members of any subsidiary branch are annotated as such. None of the data we hold would be classified as ‘Sensitive Personal Data’ as this generally relates to bank & medical details. We also use the aggregate information about visitors' site usage patterns to enable us to see how popular different parts of the website are with our visitors, helping us decide how best to further develop the website. What we do with personal information We use the personal information that you give us to keep a record of ACC Association membership and to be able to contact individual members. The postal address is required so that we can send you your copy of the twice yearly published Association Newsletter. We will also use this data to contact you from time to time via email, telephone or postal mail to inform you of Association events and other items deemed to be of interest to members. Date of birth, service number, dates of military service is used to uniquely identify an individual. In the case of date of birth, this is used in an aggregate form to gather demographic data on the membership as a whole. How we ensure the accuracy of the information To ensure the accuracy of the information we hold we will from time to time request individual members of the ACC Association to update the information we hold on them and confirm it is accurate. We also request and rely upon members to inform the Secretary of any changes to their personal details by completing the form on the website, writing, emailing or telephoning the Secretary. Who do we share the Information with The Association shares what information it holds about identifiable individual members with those who have a legitimate reason to have access to the data in their capacity as managers or controllers of the ACC Association or one of the subordinate branches. The ACC Association will not share any information we store about you with any other individuals or members of the Association without the express consent of the individual. From time to time the Association will engage external ‘Data Processors’ to carry out such work as printing and distributing the Association’s Newsletter and to carry out necessary data cleansing to ensure the accuracy to the data. The Association has written agreements with any external ‘Data Processor’ given access to the information we hold, that requires them to comply with the DGPR and abide with the principles laid out in this document. How we ensure the security and privacy of the data The data is stored on a server and access to that part of the system where data is physically stored is via a User ID and Password login process. The number of personnel who have been issued with a User ID and Password is strictly limited to people who would have a valid requirement to process personal data. The data file is encrypted and can only be opened and read by the input of a secure password. The number of personnel who have been issued with the password is strictly limited to people who would have a legitimate requirement to process personal data. What if you would like us not to contact you in the future You can write, email or call us at the address below to request us not to contact you again in the future. What if you would like your details removed from our records Once again, write, email or call us at the address below and we will, at your request, delete your details from our records. Deceased Members’ Information The Association does retain limited person data of deceased members including name, rank, date of birth, service period and date of death for historical purposes unless specifically requested otherwise. Further Enquiries If you have any further enquiries you can contact the Association’s Secretary, who is the Data Controller, at: Secretary ACC Association, Dettingen House, Princess Royal Barracks, Deepcut, Surrey, GU16 6RW Phone: 01252 833393 E-mail: For more information about General Data Protection Regulations and your rights visit the following site
secretary@ACCassociation.org secretary@ACCassociation.org https://ico.org.uk/your-data-matters/ https://ico.org.uk/your-data-matters/