As of May 2018, the General Data Protection Regulation (GDPR) governs how organisations large and small handle personal data about individuals along with any exemptions that may apply. This privacy policy explains how we collect and use such data. The links on this page will take you to the Information Commissioner’s Office (the ICO) for further background information.
The Club has a role as the keeper of basic data about attempts and successes on the Bob Graham Round. We are also the keeper of an archive of written records of successful attempts.
We use this data to maintain a historical record/archive of the Club’s activities as described in its constitution. The regulations recognise such use: “Preserving personal, community and corporate identities, memories and histories”.
The data we hold allows us to respond to requests such as “How old is the oldest person to have succeeded on the Round?”, “How many persons from <country> have been successful?”. The data also allows us to produce the record lists that answer common questions about past achievements.
We regard the above as our legitimate interests.
We collect a variety of data depending on how you interact with the site. For example we don’t ask for your age or first part of your post code until you have succeeded on the round.
First name, last name, age (on day you completed the Round), gender, nationality, area & zone components of post code
email address
We do not ask for telephone numbers or postal address.
We do not share the above details.
The basic details of your round split into proposed, i.e. your registered start time, etc. and your actual round.
The website logs any interactions you make with the registration/calculator forms in order to track down bugs and problems.
Our ISP also holds logs regarding access to individual pages and any errors that may occur on their system.
We do not ask for what the regulations refer to as “special categories of personal data” such as: race; ethnicity; religion; health.
When you register an attempt on the Round with us, you give us your consent to hold and retain this data for the above stated purposes. Similarly, when you submit a ratification form for membership, you give us consent to hold and retain this data. If you provide a written account of a successful attempt on the Round, you give us consent to hold and retain this data, to the extent that it contains personal data.
We do not process your personal data to infer information that we have not been provided with.
GDPR has three guiding principles that any organisation must consider when collecting and holding data...
The data minimisation principle means that we only ask for, and hold, the minimal information about you to allow the Club to perform its administrative duties including but not limited to:
We do not ask for, record or keep information such as a health condition as that is not essential to the purposes of the club and we do not have a legitimate interest to do so.
Accuracy: all organisations holding data should strive (“Take reasonable steps”) to ensure that it is accurate. Most errors in the data have resulted from transcribing handwritten records.
The Storage limitation principle states that we shouldn’t keep personal data for longer than the purposes for which it was collected. We take advantage of two express exemptions to this (Research and Statistics and Archiving in the Public Interest) which apply to personal data processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.
We will not sell or pass on any data about you to third parties with two exceptions.
Requests for contact details of members, e.g. from the press or media, will be forwarded to the individual member or members concerned for them to handle as they wish.
The regulations also provide you with rights. These include:
The Right of Access states that you have access to all data held by us about you.
The Right to Rectification states that you have the right to request corrections.
The Right to Erasure states that you have the right to ask us to delete any such information we hold. However the Archiving in the Public Interest exemption means that we are not obliged to delete such data.
In all instances please email the Membership Secretary should you wish to do one of the above.
The above is not an exhaustive list. If you have any queries about how we store and process data then please contact the Membership Secretary whose details are on the contacts page.
Cookies, localStorage and any other browser side storage mechanisms, generally referred to as “Cookies”, are covered by the Privacy and Electronic Communications Regulations (PECR), specifically Regulation 6. The regulations state that such cookies require the user’s consent with two exceptions, the second of which, the “strictly necessary exemption”, applies to this site, namely:
That the cookie is strictly necessary to provide an “information society service ” (eg a service over the internet) requested by the subscriber or user.
This applies in three situations where it is not possible to provide the services without storing data:
Note that we do not store cookies from third parties. Nor do we share the data stored via this site with third parties.
The site uses the following cookies and localStorage: those items in the Consent column marked as “Y” are only set when the user performs the indicated action (in bold text).
| Name | Type | Expires | Consent | Contents | Rationale |
|---|---|---|---|---|---|
| bgr_language | cookie | 1 year | Y | A language name, e.g. “spanish” | Allows the user to choose and save their preferred language for the site. The user must set their preferred language. |
| bgr_registered | cookie | 2 years | Y | A date-time string | Allows the user to access the "Manage your Registration" page. The user must have completed the registration process. |
| bgr_registration_id | cookie | 1 year | Y | A ten character ID such as “a1b2c3d4e5” | Used to help in debugging any problems. The user must have completed the registration process. |
| bgrApp | localStorage | Indefinite | Y | The data entered via the registration and/or the calculator | Allows the user to manage their registration. This also handles synchronisation across devices. The user must have completed the registration process. |
| attempts | sessionStorage | current session | N | The number of attempts in the next seven days. | Fills out information in the site footer. |
| <year>_cur_reg | sessionStorage | current session | N | The number of registrations for the current year. | Fills out information in the site footer. |
| <year>_cur_successes | sessionStorage | current session | N | The number of successes for the current year. | Fills out information in the site footer. |
| prev_attempts | sessionStorage | current session | N | The number of attempts so far this year. | Fills out information in the site footer. |
| total_mem | sessionStorage | current session | N | The current total number of members. | Fills out information in the site footer. |
The above is a condensed summary of the information stored and used by this site. If you require more information then please contact the Membership Secretary using the details on the contacts page.
