Drachma Privacy Policy
with effect from 1 September 2018
with effect from 1 September 2018
1.
Definitions
1.1.
In this policy, Drachma refers to the Voluntary Organisation (reg. no. 1194) and Legal
Person (LPA-82), legally established in Malta in 2015.
1.2.
The term Association will be used interchangeably with Drachma and will refer to the same entity.
1.3. The term Member refers to any individual person who fills in the application
form to become a member of Drachma or to renew membership as applicable.
1.4. The
term Individual/s refers to any
person who participated or participates in activities organised by Drachma, or
uses or used services offered by Drachma, such as a mailing list, and whose
personal data is collected for administrative purposes during that activity or
for the period of subscription to that service.
2.
Coming into effect
This privacy
policy will come into effect from the 1 September
2018 and will be made available to all members on Drachma’s website. This
policy will be reviewed and amended by the Steering Committee from time to
time. Members will be updated with the latest modified version.
3.
Data Controllers
3.1. The personal data of Drachma members
is managed by the officers in charge of the Secretariat and Treasury within the
Steering Committee of Drachma.
3.2. This personal data is handled solely
by these officers in accordance to strict confidentiality and is not divulged to third
parties.
3.3.
The Controllers can be contacted by
email on drachmalgbt@gmail.com.
3.4.
Whenever
individuals apply to participate in an activity organised by Drachma or apply
to join a service administered by the Association, such as an email list or online
forum or group, they will be informed in written form about the identity of the
officer/s responsible for collecting and processing that data and will be
provided with all the relevant information about the conditions, the term and
duration of that information retention.
4. The Data Protection Officer
4.1.
The officer monitoring the process of
data handling in Drachma is Stephanie Galea and can be contacted on drachmadpo@gmail.com.
4.2.
This Data Protection Officer has the
duty to monitor the data handling by the Data Controller and may investigate
complaints lodged by any member at any given time.
4.3. This Officer has full authority to
investigate the data handling procedures of the Association and to see that
changes are made for proper data handling.
5. Confidentiality of this data
5.1. Drachma understands that this data
belongs to a special data group protected by the General Data Protection
Regulations that require even more attention, given the sensitivity of the data
and the serious negative repercussions that any data leakage may have on
members and their families.
5.2. For this reason, Drachma commits
itself to complete confidentiality and undertakes to take all possible
precautions to safeguard this data from any privacy breach or from divulging
such data beyond the parameters of this policy.
6. Data
required for membership and subscription to Drachma services or activities
6.1. Drachma may require some personal
data such as identification information and contact and financial details. If
an applicant for membership is unwilling to provide these details, the
Association will not grant membership to the applicant.
6.2. Drachma may require some personal
data of Individuals subscribing to a service operated by the Association or
attending an activity organised by the Association, and this data may include
contact and financial details. If an applicant for a service or an activity is
unwilling to provide such data, the Association may refuse to complete the
subscription or registration for that activity or service.
6.3. If a Member or Individual requests
the removal of data mandatorily required for Membership, or for subscription to
services and/or activities organised by Drachma, the Association will terminate
any such membership or services subscribed to by the Member or Individual. The
Association will inform the data subjects of any such termination, giving such
Member or Individual the possibility to revise or confirm their original
instructions
7. The
purposes for the retention of data records
7.1. The personal data pertaining to each Member
is used exclusively and solely for administrative purposes of membership
related to Drachma.
7.2.
The
personal data pertaining to Individuals subscribed to any service, mailing list
or online group/forum operated by Drachma or registered
to attend any activity organised by the Association, is used exclusively
for administrative purposes related to the subscribed services of the
Association or its activities.
7.3. The names of Members and Individuals,
as well as all personal data of such persons, will not be published on Drachma’s
website, newsletters, emails or reports, in any form, be it electronic or
otherwise, unless by the explicit written consent of these members.
7.4. These data records will not be
delivered to any third party under any circumstances, except if required by the
Voluntary Organisations Commissioner or other competent legal Authority under
Maltese and/or EU law in accordance with the General Data Protection
Regulations of 2018, with Convention 108 of the Council of Europe, and other
relevant EU and Maltese legislation.
8. Rights of the Data subjects
8.1. Members and Individuals are entitled to know what personal data Drachma holds in their name. They may
ask, in written form, for part, or all their personal data to be removed from
the Association’s records, except for data the Association is
required to keep by law and for the period required by law, as indicated in
Article 9 of this Privacy Policy.
8.2.
Members and Individuals may lodge a
complaint with Drachma’s Data Protection Officer at any time, if they believe
that the Controllers of Data are mismanaging or mishandling this data. Members
have a right to a written report by this Data Protection Officer reviewing the
action taken by this Officer to address their complaint.
8.3. Members may lodge a complaint with the Data Commissioner or any other competent authority as permitted by the General Data Protection Regulations, should they feel that their complaint with Drachma’s Data Protection Officer has not been addressed appropriately.
8.3. Members may lodge a complaint with the Data Commissioner or any other competent authority as permitted by the General Data Protection Regulations, should they feel that their complaint with Drachma’s Data Protection Officer has not been addressed appropriately.
9. Duration of consent
9.1. Drachma will hold the personal data
of any Member for the duration of membership with the Association, except for
data required for auditing and reporting purposes required by law. Personal data related to
financial transactions will be kept by the Association for the period required
by law. Other identifiable personal data will be removed from the Association’s
records beyond the term of
membership.
9.2. The data of Members, who have not yet
renewed their annual membership but have not clearly indicated their intention
to terminate membership, will be retained by the Association for a period of two years
from the last renewal date. During this two-year period, these Members will be
sent annual reminders to regulate their status. If the Association does not
receive any clear instructions from the Members in question, the Data
Controllers of the Association will, upon expiration of this two-year period,
proceed to remove the personal data of these Members, retaining only the data
referred to in Article 9.1.
9.3.
Drachma
will hold the personal data of Individuals for the duration of the activity and/or
subscription to a service provided by the Association, except for data required for auditing and reporting
purposes required by law. Personal data related to financial
transactions will be kept by the Association for the period required by law.
Other identifiable personal data will be removed from the Association’s records
beyond the term of the activity and/or
subscription.
Drachma Steering
Committee
9 August 2018