GDPR: EU General Data Protection Regulation

1. Introduction

The Gun Room has always believed in being open about what data we collect from our members and what we do with it.

New EU legislation called the GDPR now sets out comprehensive requirements for all companies handling the personal data of EU citizens.

This includes a number of things we must tell you of when we collect data from you.

We have provided all the information you need as simply and clearly as possible through this GDPR Privacy Policy using a question-and-answer format.

2. What data will be collected about me and why?

We collect various types of data, all of which we need in order to maintain your membership.

The types of data and the reasons for collecting them are detailed below:

2.1. Expertise and Experience

We collect information about your professional expertise and experience.

In the first instance this is used to assess your eligibility for membership.

If your membership application is successful we retain this information so that we can identify members who might be suitable to participate in The Gun Room initiatives and to assess your voting eligibility on an ongoing basis.

We also use this data to ensure that our membership as a whole reflects the shooting and countryside industries that they represent.

2.2. Address and Other Contact Details

We collect address and other contact details so that we can send you letters and emails to do with the administration of your membership (renewal notices, adverts, competitions, credits etc).

The regular newsletter is an important mechanism for keeping members up-to-date with The Gun Room news, including the business and charitable activity of The Gun Room, renewal notices, and other important membership administration. Events and offers promoted in the newsletter are made available exclusively to members and select partners. We will use your email contact details to send you the weekly/monthly newsletter.

You can opt-out at any time by clicking the 'unsubscribe' link at the bottom of the email that was sent to you, or in the account pages you can remove email from the newsletter.

2.3. Payment Details

We collect payment details (either direct debit or credit card) so that we can process your membership subscription fees.

If you have opted to pay by direct debit then we will store your bank details so that we can collect payment. If you pay by credit card, then we do not store your card details - you will need to re-enter these each time you renew your membership.

2.4. Your Interaction With The Gun Room

We record details of your interactions with The Gun Room such as:

We may make a record of discussions we have with you over the phone so that we can provide a consistent and efficient service if you call again.

2.5. Website Analytics

In common with most other websites we use website analytics software which collects data about how people use our website. However, this is anonymised and cannot be traced back to you. We use this to help make sure our web servers are working well and to see which parts of our websites are most/least popular. This helps us to improve the overall user experience.

2.6. Complaints and Behaviour

As mentioned in the Data Code section of The Gun Room Membership Codes, we will collect and process personal data for the purpose of handling complaints made to The Gun Room about any of its members. This data will be stored with additional security safeguards and will be accessible to just a small number of staff with responsibility for handling complaints.

3. Who is responsible for my data?

Any data collected about you on any of The Gun Room web sites will be kept under The Gun Room's control. We can be contacted using the following details:

Postal:
The Data Controller,
The Gun Room,
50A Friar Street,
Worcester,
WR1 2NA

Email: datacontroller@thegunroom.com

4. How long will you keep my data for?

4.1. Records of Your Membership

We will retain the following key details of your membership indefinitely for our records and to answer queries from others about historical membership details:

  • Your name
  • The start and end dates of your membership
  • Your membership type
  • Your employer and job title when you were a member

4.2. Payment Data

If you pay for your credits, adverts, directory, catalogue by credit or debit card, your card your card details will not be stored and will need to be entered into the website or provided over the phone each time you make a payment. If you pay for your services by Direct Debit your bank details will be securely stored as long as your membership and Direct Debit instruction are active. If your membership lapses or you cancel your Direct Debit with The Gun Room and/or you bank, your bank details will be deleted.

If you pay for your credits, adverts, directory, catalogue by PayPAL, your payment details are kept with PayPAL, we do get a transaction code which is stored on the database.

4.3. Complaints and Behaviour

The policy for retaining data relating to complaints about The Gun Room members is laid out in the Data Codes section of the The Gun Room Membership Codes which can be found in the “Information ->“ section of the members’ area of The Gun Room website. The policy will be to retain this data for as long as you remain a member. The Membership Codes may be reviewed from time to time so you should check the current membership codes to be sure of the current retention policy.

4.4. All Other Data

All other data we hold about you will only be kept whilst you remain a member and for up to 14 months after your membership lapses - this allows us to renew lapsed memberships in certain special circumstances up to a year after the membership lapses without the member having to go through the full application process.

5. Where will my data be stored?

Your data will be stored on The Gun Room’s own external systems in our dedicated server.

Some of your data will also be stored on The Gun Room’s web servers (hosted in Germany by 1and1) so that it is accessible to you through the members’ area of the website. For information about the security of your data in the cloud or dedicated servers check out these links:

We also use cloud based services to store and process data about members. Some of these cloud providers store data in the United States. In these cases the providers are certified under the EU-US privacy shield framework (see https://www.privacyshield.gov/welcome). In addition to this our contracts with these providers include clauses which guarantee that they provide the same safeguards for the data and rights to our members as if the data were stored in the EU. More information about the security measures put in place by these providers is linked to below.

We may choose to use other service providers in future, if we do they will be bound by the same strict rules which guarantee that the same safeguards are in place, and your rights remain the same. If we change our service providers then we will update the details on this page so you can always return to this page to see where your data is being stored.

Here is a list of the current cloud based service providers we share members’ data with:

5.1. MailChimp.com

What data: Just name and email address

Purpose: Keeping in touch with members via email, and newsletter.
Data location: USA

https://mailchimp.com/about/security/

https://kb.mailchimp.com/accounts/management/about-mailchimp-the-eu-swiss-privacy-shield-and-the-gdpr

5.2. PayPAL

Notice of amendment to the PayPal User Agreement Privacy Full. Effective Date: May 25, 2018 (i.e. GDPR Implementation date) - this includes changes relevant to the 1. Control and protection of personal data by clicking here.

Notice of amendment to the PayPal Privacy Policy Effective Date: May 25, 2018 - find the amended PayPal Privacy Policy by clicking here.

6. Who will have access to my data?

Staff within The Gun Room whose duties require it will have access to our database of members.

We use a carefully selected web agency to develop our web sites. This agency has access to the servers which hold the data so that they can maintain the servers - this also gives this agency access to the data. Our contracts with this agency ensures that they treat all of our members' data in strictest confidence.

Some technical tasks, such as configuring and securing our servers, require specialist expertise. We use specialist UK-based contractors to provide these services. These contractors are carefully vetted. All contractors must sign non-disclosure agreements which include a requirement that they keep all The Gun Room's data confidential.

Your name and profile picture (if you have provided one) will be visible to other Gun Room members through the “Member Directory” section of the website members’ area. This will also show your career summary and social media links if you have provided this. Your email address, phone number and mobile phone number can shown or withheld in the member directory as you wish by choosing the appropriate options in the “Your account settings -> Privacy settings” section of the members area of the website.

7. Will you give my data to anyone else?

Manufacturers and Distributors are permitted to send members some very carefully controlled emails to promote their The Gun Room entries. Members are obliged to keep themselves informed about the films that have been entered for awards which fall within their areas of expertise. These emails are an important mechanism for doing this. Only your name and email address is shared and only when the entry being promoted is relevant to one of your areas of expertise. Any organisation requesting access to members’ details must sign a non disclosure agreement and is bound to protect the data in their charge, keep it confidential and use it only for the purposes for which it has been supplied to them.

The Gun Room have special arrangements in place with leading trade journals to provide free copies to our members in order to keep them up to date on industry news. Depending on your location we may pass your name and address details to relevant trade journals so that they can send you these free copies applies to Trade Members.

We will also pass your details to law enforcement agencies if we are required to do so by law.

We will not pass on or sell your details to anyone else.

8. What is GDPR?

GDPR stands for General Data Protection Regulation. This is a pan-European law which replaces previous national data protection legislation and gives all EU citizens common data privacy rights. The full text of the GDPR can be found here.

9. What rights does GDPR give me?

Full details of your rights are available in the text of the GDPR (see here), but here is a quick summary of the main provisions which are relevant to the type of data we hold about you:

  • Access: You have the right to view the data we hold about you and to receive copies of this data in digital format.
  • Accuracy: If any of the data we hold about you is incorrect or incomplete then you can provide the correct or complete data and we must update the data we hold.
  • Erasure: You can request that we erase all the data we hold about you.
  • Restriction of processing: In some cases you can ask us to retain your data but not do anything with it.

10. How do I exercise my GDPR rights?

If you want to exercise any of your rights in relation to data that The Gun Room holds about you then please email: datacontroller@thegunroom.com or write to the Data Controller at the address given above (see "Who is responsible for my data?").

Please provide details in your email/letter of what actions you would like us to take. Depending on the nature of the request and whether or not your request comes from the email address we have on file for you, we may need to verify your identity so that we don't give out information to the wrong person. In most cases it helps if you are able to provide a contact phone number so that we can validate your identify and discuss the request with you.

11. What if I have a complaint?

If you are concerned about how we manage your data, or how we have handled a request to exercise your rights, then please get in touch with us to discuss it. To do this please send an email detailing your concerns to datacontroller@thegunroom.com.

If you are still not satisfied with the response you can take your concern to the Information Commissioner's Office. For details of how to do this please refer to the ICO web site: https://ico.org.uk/



Our Sponsors...