Privacy Policy (May 2018)

Privacy Policy (May 2018)
We aim to promote public interest in and support of the Rotunda, the William Smith Museum of Geology, and associated SMT collections. We promote public interest in the geosciences at all levels through indoor and field meetings and other appropriate activities.

1. Personal Data held by the Rotunda Geology Group (RGG)
An individual’s confidentiality is protected by the Data Protection Act, the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the Privacy and Electronic Communications Regulations 2016 (PECR).

Personal information (data) supplied by Members and by *persons who have registered an interest in the RGG to the RGG, will be kept on file and stored securely.

(*Persons who not Members, but who have registered an interest in the RGG henceforth will be referred to as ‘Registered Persons’. The general terms of this Policy, applicable to Members, will also apply to said Registered Persons, unless otherwise expressly excluded.  ‘You’ and ‘Your’ is used collectively to refer to Members and Registered Persons. ‘We’ are the RGG).

The data We store is restricted to that which is submitted to us by You: including titles, names, addresses, post-codes, telephone numbers and email addresses. We do not store any financial information about Members or Registered Persons, except for historical accounts of membership payments to support future RGG Treasurer’s accounts audits.

Electronic data is held securely in encrypted, password-protected files. Paper data is securely stored under lock and key. Electronic data will be permanently deleted after a set period of inactivity (see section 2). Any paperwork that includes personal data will be treated in the same way.

2. Consent, Communications and Erasure of Data
The RGG will seek the informed consent from Members and Registered Persons to provide permissions to receive communications from the RGG (and solely the RGG) electronically or by post. From May 2018, Consent Forms will be emailed to Members and Registered Persons, or can be downloaded from the RGG website, and can be completed and returned electronically, or by hand at meetings (paper Consent Forms and Privacy Policies available). We will send RGG Committee AGM/SGM and other Committee information to Members only.

Personal contact data of Members and Registered Persons will be used for the legitimate interests of the RGG. This means that the RGG may periodically contact You for these legitimate reasons :

  • To inform you of the business and activities of the RGG
  • To notify you of minutes and notices of RGG Committee meetings (members only)
  • To provide information on Membership
  • To remind You of Membership renewals (Members only) and renewing Consent annually
  • To inform You of RGG Members’ evenings, talks, lectures and field visits
  • To provide You with information on (and sometimes links to) other activities and organisations that We legitimately consider to be of geological interest to our Members. (This might include such things as local lectures, Rotunda and Scarborough Museums Trust events, fossil festivals and events run by other related societies).

Annual membership of the RGG runs from January to December. Consent covers the same period both for Members and Registered Persons. Consent must be sought and reviewed by Us and renewed by You annually.

Subscription information will be available on the RGG website and by contacting Membership can also be applied for in person at RGG public meetings. Members can opt out of some/all RGG communications at any time by contacting The Secretary.

Old contact details will not be held for longer than is necessary to legitimately meet the possible future interests of a Member whose membership has lapsed. This means that such data will be erased one year after the Membership period expires, which would be on the 31st December annually. Registered Persons will also have their data erased on the same date if no annual renewal of consent has been received by The Secretary of the RGG. You may be contacted by the RGG up until the erasure date, unless you have asked us not to.

In any case, anyone can request to have their data changed, updated or securely erased at any time by contacting The Secretary, subject to The Secretary being satisfactorily convinced of the applicant’s identity. (See Section 5: Subject Access Request Policy).

3. Sharing information and Your rights
The RGG will allow Your data to be used only for the legitimate activities of the RGG. The RGG will not share Your data with other companies, organisations or charities for marketing or other purposes.

Members have the right to access a copy of the information the RGG holds about them obtainable, subject to proof of identity, from the RGG secretary: (See section 5).

You are invited to first contact The Secretary if at any time You feel that We are not handling Your data correctly or if We have contacted You after the data erasure period has expired (section 2).

You have a right to object to the ICO (Information Commissioners Office) if You feel that the RGG have not addressed your concerns to your satisfaction.

4. The RGG website
We do not record or hold personal data on the website. We do not perform any functionality requiring financial data.

The website uses cookies – small text files that are placed on Your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make Your browsing experience better. However, You may prefer to disable cookies on this site and on others. Cookies are set to expire after a pre-determined time and are not maintained. They are not stored by us.

You can accept or decline cookies by changing the settings in your internet browser. If cookies are disabled, some features of the website may be affected. For further information on how to disable cookies, see external third party websites such as

When Members visit the RGG website, certain information is collected that does not identify them personally, but provides the RGG with “usage data” such as the number of visitors or what pages are visited most often. This data helps improve the usefulness of the information provided on the website.

We do display people’s names on the website; specifically those giving lectures and the authors and editors of articles in the Magazine & Record. There are also photographs from the Magazine & Record showing members, but these rarely show an individual distinctly. 

The website may contain links to other websites. The RGG are not responsible for the privacy policies or practices of third party websites.

5. Subject Access Request Policy

Individuals have the right under the Data Protection Act 1998 (DPA) and General Data Protection Regulation 2016 (GDPR), subject to certain exemptions, to have access to their personal records that are held by the RGG. This is known as a ‘subject access request’ (SAR). Requests may be received from Members and Registered Persons of whom we hold data. This will include information held both electronically and manually and will, therefore, include personal information recorded within electronic systems, spreadsheets, databases or documents. The RGG has developed this policy to guide you in requesting a Subject Access Request.

What is a Subject Access Request?
A subject access request (SAR) is simply a written request made by or on behalf of an individual for the information about them, which is held by RGG. The Data Protection Legislation entitles all individuals to make requests for their own personal data to enable individuals to verify the lawfulness of how their information is being processed. An individual is not entitled to information relating to other people (unless they are acting on behalf of that person).

The request does not have to be in any particular form other than in writing, nor does it have to include the words ‘subject access’ or make any reference to the Data Protection Legislation. A SAR may be a valid request even if it refers to other legislation, such as the Freedom of Information Act 2000 (FOIA) and should, therefore, be treated as a SAR in the normal way.

You Will Need To:
Detail the information you are requesting and send the request to:

Information required to complete a request: Name, Address, Contact number, Email, Other information that may be relevant to your request.

You do not have to tell us your reason for making the request or what you intend to do with the information requested, although it may help us to find the relevant information if you do explain the purpose of the request.

Where you are unable to put the request in writing, We will endeavour to provide assistance to make the request verbally. We will endeavour to provide results in a format requested by you within the timescales set out by law.