Fighting for Bass and Bass Anglers’ since 1973

The Bass Angling Sportfish Society (“BASS”, “we”, “our”, “us”) is strongly committed to protecting personal data.  This privacy policy describes why and how we collect and use personal data and provides information about individuals’ rights.  It applies to personal data provided to us, both by individuals themselves or by others.  We may use personal data provided to us for any of the purposes described in this privacy policy or as otherwise stated at the point of collection.

Personal data is defined as – Any information relating to an identified or identifiable living person.

BASS processes personal data for the lawful purpose of the administration and legitimate interests of BASS. The means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ.

When collecting and using personal data, our policy is to be transparent about why and how we process personal data.  To find out more about our specific processing activities, please go to the relevant sections of this policy.

Our Processing Activities

In order to operate effectively and fulfil its legal obligations, BASS needs to collect, maintain and use certain personal information about current, past and prospective members and other individuals with whom it has dealings. All such personal information, whether held on computer, paper or other media, will be obtained, handled, processed, transported and stored lawfully and correctly, in accordance with the relevant legislation.

BASS will only use your personal data for our “Legitimate Interest” with the purposes of your involvement in Society activities.

Such data could include, but may not be limited to:

How we use your personal data

The personal data of members will be shared within BASS by its administration team and Officers to meet current and future membership requirements. Your data will not be shared with any third party without your consent.

BASS will use personal data for the purpose of your involvement in the Society’s activities, including but not limited to:

BASS does not sell or otherwise release personal data provided by you to any third parties.

Third party organisations that provide applications/functionality, data processing or IT services to us

We use third parties to support, run and manage our internal IT systems.  For example, providers of information technology, cloud based software “as a service providers”, identity management, website hosting and management, data analysis, data back-up, security and storage services.  The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.

Third party organisations that otherwise assist BASS with its Legitimate Interests

Changes to this privacy policy

We recognise that transparency is an ongoing responsibility so we will keep this privacy policy under regular review.

This privacy policy was last updated on 24th MAY 2018.

Data controller and contact information

The data controller is The Bass Angling Sportfish Society with its registration address: 52 Central Way, Oxted, Surrey, RH8 0LZ

If you have any questions about this privacy policy or how and why we process personal data, please contact us at:

Email:  privacy@ukbass.com

Or by mail to the Data Protection Manager at our registered address as above.

Visitors to our website

Collection of personal data

Visitors to our websites are generally in control of the personal data shared with us.

We may capture limited personal data automatically via the use of cookies on our website.  Please see the section on Cookies below for more information.

We receive personal data, such as name, title, email address, and telephone and fax numbers, from website visitors; for example, when an individual subscribes to updates & newsletters from us.

Visitors are also able to send an email to us through the website. Their messages will contain the user’s screen name and email address, as well as any additional information the user may wish to include in the message.

We ask that you do not provide sensitive information (such as race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and, criminal records) to us when using our website.

Cookies

We use small text files called ‘cookies’ which are placed on your hard drives to assist in personalising and enriching your browsing experience by displaying content that is more likely to be relevant and of interest to you.   The use of cookies is now standard operating procedure for most websites.  However, if you are uncomfortable with the use of cookies, most browsers now permit users to opt-out of receiving them.  You need to accept cookies in order register on our website.  You may find other functionality in the website impaired if you disable cookies. After termination of the visit to our site, you can always delete the cookie from your system if you wish.

You can find out more details regarding our use of cookies on our Cookies page.

Use of personal data

When a visitor provides personal data to us, we will use it for the purposes for which it was provided to us as stated at point of collection (or as obvious from the context of the collection).

Typically, personal data is collected to:

Data retention

We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).

In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services is 6 years.

Security

We take the security of all the data we hold very seriously.  We have a framework of policies, procedures and training in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.

Individuals’ rights and how to exercise them

Individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights.  Where we decide how and why personal data is processed, we are a data controller and include further information about the rights that individuals have and how to exercise them below.

  1. Access to personal data

You have a right of access to personal data held by us as a data controller.  This right may be exercised by emailing us at: privacy@ukbass.com  We will aim to respond to any requests for information promptly, and in any event within the legally required time limits of 1 month.

  1. Amendment of personal data

To update personal data submitted to us, you may email us at: privacy@ukbass.com or, where appropriate, contact us via the relevant website registration page or by amending the personal details held on relevant applications with which you registered.

When practically possible, once we are informed that any personal data processed by us is no longer accurate, we will make corrections (where appropriate) based on your updated information.

  1. Withdrawal of consent

Where we process personal data based on consent, individuals have a right to withdraw consent at any time.  We do not generally process personal data based on consent (as we can usually rely on another legal basis).  To withdraw consent to our processing of your personal data please email us at: privacy@ukbass.com or, to stop receiving an email from a BASS marketing list, please click on the unsubscribe link in the relevant email received from us.

Other data subject rights

This privacy policy is intended to provide information about what personal data we collect about you and how it is used.  As well as rights of access and amendment referred to above, individuals may have other rights in relation to the personal data we hold, such as a right to erasure/deletion, to restrict or object to our processing of personal data and the right to data portability.  Some of these rights will only be available from 25 May 2018.

If you wish to exercise any of these rights, please send an email to: privacy@ukbass.com

Complaints

We hope that you won’t ever need to, but if you do want to complain about our use of personal data, please send an email with the details of your complaint to: privacy@ukbass.com

We will look into and respond to any complaints we receive.

You also have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”) (the UK data protection regulator) or supervisory body within your country of residents if you are within the European Union.  For further information on your rights and how to complain to the ICO, please refer to the ICO website.