Berkhamsted & District Chamber of Commerce (BDCC) respects the rights of its members and other users, including website visitors, to privacy and data protection. The Chamber is fully committed to complying with the provisions of all applicable Data Protection legislation. This Privacy Policy describes how the Chamber collects, uses, shares, and retains personally identifiable information provided by users of the website and in their other means of communication. The Policy is effective as of 10/06/2024. The Policy will be continuously assessed against new technologies, business practices, regulatory changes and the evolving needs of BDCC and the membership and other services provided by BDCC.

Statement of Intent

This privacy policy sets out how Berkhamsted & District Chamber of Commerce (BDCC) uses and protects the information you provide when using their services. This policy will be updated periodically in line with current legislation. Any data you provide is kept secure, managed respectfully and only used for the purposes for which it has been provided. When you make contact via the website, telephone or email the following will be collected: Your Name | Email | Address | Telephone Number | Any information you choose to supply regarding the purpose of your enquiry.

How will your data be processed and stored?

In May 2018, the Data Protection Act was replaced by the General Data Protection Regulation (GDPR). BDCC is GDPR registered. Changes to the Data Protection Act are aimed at ensuring your personal, confidential and sometimes sensitive data, is held privately and securely. This means that any data you give to BDCC must be processed in a way you agree with. GDPR exists to protect your rights as a consumer. It applies to your identifiable data, e.g. your name and address and any reason you might have for visiting BDCC. It also covers any records, text messages or emails between BDCC and you.

What are the reasons for processing and retaining information?

BDCC offers information and events to and for their members and the public and, to do so, collects data. The data is used by BDCC to provide information about BDCC membership, the BDCC website and other social media, BDCC events and services, Member and prospective Member administration, current Member account management, to process and respond to the public and relevant stakeholders, to seek Members’ comments and to send marketing communications from BDCC or on behalf of BDCC Members or BDCC’S strategic partners.

Collection of Data

BDCC collects and maintains a variety of personally identifiable information, including names, email addresses, phone numbers, payment information, social media profiles, business addresses, demographic information such as the local authority area or industry sector of the business. BDCC collects information directly from businesses or the parent companies. The information is collected using e-mails, phone calls, online registration forms, event registration forms and face-to-face meetings. BDCC does not collect personal data about individuals except when there is a legitimate business requirement or when such information is provided voluntarily.

Can you see or obtain a copy of the retained information? 

In line with GDPR, if you send BDCC a request in writing, specifying the data you wish to see, they will supply you with a copy of your data within 30 days. BDCC must confirm your identity before sending you the information. There will be no charge for this service. BDCC insurance company’s legal team may wish to verify any information BDCC sends out.

For how long will your information be retained? 

BDCC does not keep personal data for longer than required.

Current Members’ details are retained to communicate information, advice and guidance.

Members of the Public details are kept for as long as required for the purposes of their enquiries and deleted once such purposes are completed.

BDCC periodically reviews its information and erases or anonymises personal data when no longer required

BDCC identifies any data it is required to keep for public interest archiving, scientific or historical research, or statistical purposes.

What if you would like your data to be destroyed before this date?

Under the GDPR rules, you can request the deletion of any of your records at any time. Write to BDCC requesting that your records be destroyed and once they have confirmed your identity, they will do so. There is no charge for this service. BDCC will then ensure that all your paper records are shredded with a cross-shredding machine. Any electronic data held by BDCC, such as emails or texts will be permanently deleted from the devices they are stored on. BDCC may need to save the written deletion request you sent them, if their insurance company insists on it, but would destroy any other data.

Who is the Data Controller and What is their ICO registration number?

The Data Controller is Berkhamsted & District Chamber of Commerce of The Old Town Hall, 196 High Street Berkhamsted Herts HP4 3AP and their ICO registration number is ZB707870. This policy was last updated on 10/06/2024.  It may be updated at any time, so please check back regularly to ensure that you’re aware of the latest version.