Members AreaLearning Portal Forum BBKA News About Who we are Executive > Link Trustees ADM ADM 2018 Charitable Incorporated Organisation Meeting dates Office Staff Compliance GDPR Bee Diseases Insurance Working with children Honey Show FAQs Insurance Public Liability Insurance All Risks Insurance Exams and learning Application Form Practical Assessments Modular Exams (theory) Correspondence courses General Help Member benefits Classes and benefits School membership National Beekeeping Supplies Spring Convention News and resources Branch and association resources BBKA Hive keeping record BeeBase Beekeeping Legislation Important Organisations for Beekeepers Leaflets Allotment Beekeeping Asian Hornet Identification Leaflet (APHA) Bees, Neighbours & Siting an Apiary Collecting a Swarm Managing live bees at shows The Bees and Wasps in your Garden Where & when can I learn about becoming a beekeeper? Lecturers & Speakers Communications Winter Honey Bee Losses in England 2007-2010 GDPR General Data Protection Regulation information The purpose of the GDPR is to provide a set of standard data protection laws across the EU, making it easier for people to understand how their data is being used and to give them greater control over its use. The BBKA undertakes to collect and use personal data in compliance with the GDPR which comes into force at the end of May 2018. We use this data for the administration of our membership, the communication of information and the organisation of events, training courses, exams and assessments. We only share contact details with the members local and county Association (where applicable) and the Bee Disease Insurance scheme (BDI) as required. IMPORTANT NOTE: The documents and policies on this page are all in draft format and will certainly change and expand in number during the coming weeks. Each Beekeeping Association tends to do things their own way to some extent, so these documents are a starting point that should help Associations start their own path towards adoption of the new GDPR processes before the end of May. The BBKA itself is in the process of adopting a new GDPR compliant membership system that will be rolled out later this year and this will change the way membership data is passed between local and county associations and the BBKA HQ. Apologies for any inconvenience caused, GDPR is a huge undertaking for all organisations and some details in the way GDPR will be implemented by the ICO are still to be clarified. Please be gentle with us! If you have any further queries please contact the BBKA office or email Simon Cavill - Trustee ([email protected]). UPDATE 14/4/18 - BBKA Spring Convention There was a overview from Martin Smith of the BDI on the new fully GDPR compliant BBKA membership system that is currently being developed for local/county associations and the BBKA HQ. Some of the highlights are: Automatic transfer of relevant data to the BBKA and BDI for those associations who are members of both. Separate transfers of data for those who are members of one and not the other. On line renewal facilities for new existing members and a secure page for prospective new members to apply to join. (Linked through from the associations website) A built in commercial email application allowing secretaries and treasurers to use the system for routine mailings to members and other parties without having to maintain separate mailing lists. The system will build on the success of eReturn. As it is implemented, additional modules will be made available on demand such as an online payment facility (via Paypal or similar). It was a packed room and many association membership secs made some great suggestions that were duly noted down. This service should greatly reduce memberships secretaries workload and take away a lot of the potential issues related to the handling of personal membership data from associations. More on this soon... BBKA Policies BBKA's Privacy Policy - PDF version; webpage - This relates to how the BBKA collects and processes personal data - it's not really applicable to local/county associations. Information/documents for BBKA Associations Information on Data Protection for Beekeeping Associations The following draft privacy notices are more suitable for local associations. Those who are COI's or charities will need to change the wording as appropriate. Note that the main difference at this stage between the two is the legal basis for consent. The BBKA version uses Legitimate Interest and the BDI version uses a Contract as their basis. Neither is probably wrong, but we are taking legal advice to make sure... Draft Association privacy policy notice - template (added 8/4/2018) Alternative Draft Association privacy policy notice from BDI - template (added 11/4/18) Association membership form - Every branch seems to do things their own way. This template gives an idea of how the privacy section could be laid out. Note the individual consents for all the different potential services that could be offered by a branch to their members. Each service you offer that passes their data outside the association needs specific consent. Draft Association membership joining form - template (NEW VERSION - updated 14/4/18) Information on 'Personal data security breaches'; Personal data security breach log Should your Association register with the ICO? Check on their website- In case of associations where the county associations is a charity and the local areas are branches or divisions there probably only needs to be one registration at the county level. Please do confirm this with your county association first. Discussion on 'consent' (added 8/4/18) Information on 'legitimate interests'; 'Legitimate interests' assessment' (both added 8/4/18) Questions & answers (added 8/4/18) Please note that the data protection regulations may differ slightly in the Channel Islands and the Isle of Man. They will mostly be similar, but will be overseen by different bodies (i.e. not the ICO). Please seek advice as necessary from the relevant body. General information Information Commissioner's Office (ICO) guide to the GDPR ICO information on contracts between Data Controllers and Data Processors ICO GDPR guidance: Consent (added 8/4/18) ICO's guide to encryption >