The Royal College of Organists, Registered address 116 Pall Mall, London SW1Y 5ED, Incorporated by Royal Charter, Registered charity number 312847 (‘The RCO’ or ‘The College’) needs to collect and use certain types of information about the Individuals and Organisations who come into contact with it in order to carry on its work. These can include members, employees, contractors, suppliers, volunteers, audiences and potential audiences, business contacts and other people with whom the group has a relationship, or regularly needs to contact.
This policy explains how this data should be collected, stored and used, whether on paper, stored in a computer database, or recorded on other material in order to meet The College’s data protection standards and, specifically, to comply with the law under the General Data Protection Regulation (GDPR 2018)
2. PURPOSE OF THIS POLICY
This policy ensures that The RCO:
3. ROLES AND RESPONSIBILITIES
It applies to all data that The RCO holds relating to individuals, including but not limited to:
The RCO is the Data Controller, which means that it determines for what purposes personal information is held and for what it will be used. For the purposes of this policy, the Administration Manager, Andrew Macintosh firstname.lastname@example.org is the first point of contact for the Data Controller.
4. DATA PROTECTION PRINCIPLES
(i) We fairly & lawfully process personal data.
The RCO will only collect data where lawful and where necessary for legitimate purposes. In accordance with the GDPR, data will be processed on the lawful bases of Consent, Legitimate Interest, Necessary for contract or legal obligation.
Where consent is required, the College will ensure that individuals have given clear consent for the use of their personal data for a specific purpose that has been explained in clear, plain language that is easy to understand. The College will ensure that consent is given by positively opting in and can be withdrawn at any time, without detriment, by contacting the Data Controller. The College will keep a record of when and how it obtained consent from an individual and a record of exactly what it was told at the time.
Personal data will be processed under the lawful basis of Contract where it is necessary to do so for transactions related specifically to membership, including but not limited to, payment processing, subscription renewals, providing information regarding member services, event and course information, examination administration.
(ii) We only collect and use data for specified and lawful purposes.
(iii) We ensure any data collected are relevant and not excessive.
(iv) We ensure data are accurate and up-to-date
(v) We ensure data are not kept longer than necessary
(vi) We process data in accordance with individuals’ rights
The following requests can be made in writing to the Data Controller:
(vii) We keep personal data secure.
The RCO will ensure that:
Viii) We only share members’ data with other members with the subject’s prior consent
As a membership organisation The RCO encourages communication between its members. To facilitate this:
(ix) Direct Marketing
The RCO will regularly send information regarding events, areas of legitimate interest and fundraising activities to consenting members. This includes, but is not restricted to, contacting them to promote concerts and other events, updating them about College news, fundraising and other College interests.Whenever data is collected for this purpose, the College will provide:
Data thus collected will only ever be used in the way described and will never be used to market 3rd-party products unless prior explicit consent has been obtained.
Every marketing communication will contain a method through which a recipient can withdraw their consent from subsequent such communications (e.g. an ‘unsubscribe’ link in an email). Opt-out requests such as this will be processed within one month.
What are cookies?
Cookies are small text files which a website may put on your computer or mobile device when you first visit a site or page. The cookie will help the website, or another website, to recognise your device the next time you visit. Web beacons or other similar files can also do the same thing. We use the term “cookies” in this policy to refer to all files that collect information in this way.
There are many functions cookies serve. For example, they can help us to remember your preferences, analyse how well our website is performing, or ensure that user functions such as examination bookings work properly.
Certain cookies relating to Member services necessarily contain personal information. However, most cookies don’t collect information that identifies you, and will instead collect more general information such as how users arrive at and use our websites, or a user’s general location.
What sort of cookies does the College use?
Generally, our cookies perform up to three different functions:
1. Essential cookies
Some cookies are essential for the operation of our website. For example, some cookies allow us to identify Members and ensure they can access the Member only pages. If a Member opts to disable these cookies, the Member will not be able to access all of the content that their Membership entitles them to.
2. Performance Cookies
We utilise other cookies to analyse how our visitors use our websites and to monitor website performance. This allows us to provide a high quality experience by customising our offering and quickly identifying and fixing any issues that arise. For example, we might use performance cookies to keep track of which pages are most popular, which method of linking between pages is most effective, and to determine why some pages are receiving error messages.
3. Functionality Cookies
We use functionality cookies to allow us to remember your preferences and to enable the delivery of specific services. For example, cookies help you access the Member only area, and to carry out certain functions such as booking examinations, downloading past papers, watching videos on iRCO, and so on.
We do not allow advertisers or other third parties to place cookies via the RCO website. The only exception is that like many companies, we use Google Analytics to help us monitor our website traffic and improve its performance over time so that we can improve the services it provides and its relevance for visitors.
Can a website user block cookies?
Do we track whether users open our emails?
Our emails, including our monthly e-News and e-Diary mailings, may contain a single, campaign-unique “web beacon pixel” to tell us whether our emails are opened and verify any clicks through to links within the email. We may use this information for determining which of our emails are more interesting to users in order to improve the content over time. The pixel will be deleted when you delete the email.