The International Association of Amateur Heralds

General Data Protection Regulation

The EU’s upcoming Data Protection Act, will bring fundamental changes to the practices of data
collection and cyber security. The European Union’s General Data Protection Regulation (GDPR)
takes effect in May 2018. This is when the Data Protection Act begins enforcing new general data
protection regulations for all organizations — regardless of location — if they handle the personal
information of EU citizens. GDPR imposes extensive protections, limitations and requirements for
compliance. GDPR also imposes severe penalties for noncompliance.
The UK Information Commissioner's Office makes it clear that no charity and no not-for-profit
organisation may assume automatic permissible use of contact details that you may have previously
provided to tell you about aims, campaigns, products, services and other activities.
I must write to you to inform you of your rights and the policy of the International Association of
Amateur Heralds under the General Data Protection Regulations which come into force on 25th May
2018.
We need to identify what lawful basis we have for processing your data.

Lawful Basis for Processing Data:

Data can only be processed if there is at least one lawful basis to do so. The lawful basis for processing
data for the International Association of Amateur Heralds is:
The data subject has given consent to the processing of his or her personal data for one or more specific
purposes. The specific purpose is to facilitate efficient membership services to allow contact by email,
post or by telephone solely regarding issues pertaining to your membership of the Association.
Consent
Where consent is used as the lawful basis for processing, consent must be explicit for data collected
and the purposes data is used for (Article 7; defined in Article 4). Consent for children must be given
by the child’s parent or custodian, and verifiable (Article 8). Data controllers must be able to prove
"consent" (opt-in) and consent may be withdrawn.
The International Association of Amateur Heralds NEEDS YOUR EXPLICIT PERMISSION to
contact you about anything after May 25th, 2018 so we need every individual member to sign a consent
form giving us that permission and reaffirming that permission for contact by email, post or by
telephone, and preferably all three please. We can no longer rely on the fact that you may, at some
time in the past, have given your tacit consent for us to hold any of your details; you must now
explicitly give your consent.
We ask that you use this form to give your explicit consent and within the next two months we will
remind members by email (if we have their email address) to ensure that everyone has given their
explicit consent. After that point, if you have not signed, you will not receive any contact or
information from the Association. Although of course we will continue to maintain our presence on
our web site.
We will not share or publish your name, address, email address, or phone number with anyone.
How long do we keep the Data?
The guidance states that we should keep data ‘no longer than is necessary for the purpose you obtained
it for’. We will therefore only keep any data you have consented to us holding for the period of your
membership of the Association. If you decide not to renew your membership of the Association, the
data we hold on you will be erased/destroyed and you will no longer be contacted by the Association.
You also have the right at any time to ask us to let you know exactly what data we hold on you and
you have the right at any time to request that changes are made or that all your data is removed. Should
you request that your data is removed you will not receive any further communications from us.
None of your personal data will be released to any third party.
Our full data protection policy document is currently being drafted to reflect our policy and these new
requirements. Once finished we will post it online and draw your attention to it.
For the moment, the Association’s VP Communications, Martin Goldstraw, is the Association’s Data
Protection Advisor and you may contact him by email at vp_commes@amateurheralds.org
 The International Association of
Amateur Heralds

General Data Protection Regulation

CONSENT
Please fill in ONLY the information you are content to share with us. None of your information will
be shared with any third party.
I [Name]…………………………………………………………
Email Address ……………………………………………………
Explicitly give consent to The International Association of Amateur Heralds holding the above
data until I either resign from the Association or request that my data is removed. I understand that the
data will only be used for contact by email regarding the activities of the Association.

Signed ………………………………………………..
Date …………………………………………………