This document lets you know why we collect and process your personal data, what we do with it and what we use it for.
Decom North Sea (DNS) are the “Data Controller” of the personal data you provide to us. We only collect and process what we need in order to provide our services to you.
A primary purpose of DNS is to connect members through networking, events, collaborative opportunities and online activities, which involves the sharing of personal data directly with other members, but also externally on our website and through the media (social, press, etc).
2.0 What Information We Collect and Why
Type of Information
DNS Registration Forms:
Attendees name and business contact details, including email and telephone number.
Communicating for events, offers or similar.
Performance of a Contract (for paid events) and Legitimate Interests (after the event).
Bank account details of the Attendee, or any other party making payment to DNS.
The provision of services and events.
Performance of a Contract and Legal Obligation.
Photos and videos from events
To use on our website, social media pages, literature and in press releases.
Legitimate Interests. These images are an integral part of the networking nature of DNS.
Name and business contact details of Attendees
To provide information bulletins, announcements and details of forthcoming events.
Legitimate Interests. To enable knowledge sharing, information flow, networking and collaboration.
3.0 What We Do With Your Data
Your personal data is retained securely both physically and electronically in our administrative database, finance system and email marketing lists. We take steps to ensure the security of your information to prevent loss, misuse or unauthorised alteration or destruction. We do not buy, sell or trade our membership lists.
Due to the multi-national nature of the Decommissioning Sector, information relating to the contents of the DNS website, and also from DNS events, may be shared outside of the European Economic Area.
We presently use MailChimp to manage our electronic (email) communications, which involves sharing of your name and business contact details with them as a provider. Whilst they are considered to be GDPR compliant through their registration with the EU-US Privacy Shield Framework, we are currently reviewing this provision in order to find an EU-based alternative and will update this Privacy Notice accordingly when complete.
Additionally, we use EventBrite to manage our conference and event bookings, which involves sharing your name and business contact details with them as a provider. They are also considered to be GDPR compliant and signed up to the EU-US Privacy Shield Framework, but again, we are reviewing this service to identify an EU-based alternative provider.
We will process your personal data on our systems to register you for the event(s) that you have signed up for and, for our Legitimate Interest, we will continue to process for a further 3 years. However, you may contact us at any time to remove your details from our database. Financial information, relating to event payments, are retained as per HMRC requirements.
We review our database regularly to ensure accuracy and to prevent excessive or inappropriate retention of personal data.
4.0 Your Rights
If you would like to exercise any of these rights, or if you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Representative. See Section 5.0 for contact details.
If we cannot address your concerns, you can complain to the Information Commissioners Office via www.ico.org.uk
5.0 Contact Details
The contact details for Decom North Sea’s Data Protection Representative are as follows:
NAME: Jenny McRae
TELEPHONE: 01224 900139