The privacy of our members, supporters and others whose data we hold is important to APRS.

APRS is committed to processing data in accordance with its responsibilities under the EU General Data Protection Regulation (GDPR) 2018. For the purposes of this legislation APRS is a Data Controller and the APRS Administrator acts as the designated Data Controller who has overall responsibility for ensuring that the organisation complies with the legislation. 

Type/classes of data we hold 

We process information which may include: 

  • personal details (name, address, email, telephone etc.) 
  • membership details 
  • financial details 
  • visual images 

How we use data

In line with our registration with the Information Commissioner’s Office we process personal data to enable us to: 

  • provide a membership service to our members 
  • further our charitable purposes as specified in our constitution; 
  • administer membership records; 
  • fundraise and promote the interests of the charity; 
  • manage our employees and volunteers; 
  • maintain our own accounts and records. 

Who is collecting data 

Any member of APRS staff, office bearer or volunteer may collect personal data during their course of their work via interactions with members, supporters and representatives of other organisations. 

Legitimate interest 

Under the new legislation APRS believes we can rely on what is called ‘legitimate interest’ to process much of our personal data. In other words we undertake to keep members and supporters informed of our work via publications and email alerts as we believe they would expect us to do so. In addition to this members can opt in to receive our e-bulletin or to pay their membership subscription by direct debit. 

Disclosing personal data 

APRS will never disclose personal data to anyone outside of APRS except where we have consent or else are required to do so by law. Personal data (The GDPR classes names, addresses and contact details as “personal information”. ) is used solely to further the work of the organisation and is not used for any direct marketing purposes. APRS will not hold or process sensitive classes of information on its members or supporters (Sensitive classes of information includes: Physical or mental health details, Racial or ethnic origin, Religious or other beliefs of a similar). 

Storage of data 

All personal data held by APRS is held securely and will be retained for no longer than is necessary to provide our services. APRS will try to keep personal information as up to date as possible and request that members and supporters, contact the office if they believe any information is inaccurate. 

Accessing personal data 

Under the GDPR, individuals have the right to obtain: 

  • confirmation that their data is being processed; 
  • access to their personal data; and 
  • other supplementary information 

If members and supporters wish a copy of the personal information APRS holds they can do so by contacting APRS

Rectifying information 

Individuals have the right to have inaccurate personal data rectified and this can be done by editing details in your member account or contacting APRS

Right to Erasure 

Individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’ (the right is not absolute and only applies in certain circumstances) and this can be done by contacting APRS

Review 

APRS will keep its Data Protection Policy under annual review. 

 


 

Your privacy when on the APRS Website

Strictly necessary cookies

Our website uses some cookies to aid member sign up, payment processing and login. these cookies are necessary to the functionality of the website.

Optional Google Analytics cookies

If you select to accept all cookies on our website’s consent panel, Google Analytics cookies will be set on your device and start to collect information about how you use this site.

This data is collected by APRS and is used internally to help improve this website’s functionality. For more about what Google does with your data, read Google’s overview of privacy and safeguarding data

Embedded content from other websites

Our website embeds content from Facebook, Youtube and Twitter. Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

What personal data the APRS Website collects and why we collect it

We collect information about you during the the member signup process as well as some basic activities such as the dates you make purchases, login to the site, change  your details or cancel your membership subscriptions with us.

What we collect and store

When you set up a membership with us, we’ll ask you to provide, your name, email address, home address. We’ll use this information for purposes, such as, to:

  • Send you information about your membership account and subscriptions. This may include payment receipts, password reset emails, and payment reminders.
  • Create your membership account

Payments through the APRS website

The APRS website accepts payments through Stripe. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information.

Please see the Stripe Privacy Policy for more details.

 

Support APRS

Become a member of APRS or make a donation to support our campaigning, partnership and local community work to protect Scotland's countryside.

Support APRS