The Clifton Club Data Protection Policy

THE CLIFTON CLUB COMPANY LTD
PRIVACY POLICY

The Clifton Club Company Ltd collects and uses personal information (data) about people in order to carry on its businesses. No matter how it is collected, recorded and used (on paper, in a computer, or on other materials and in other devices), The Company understands that this personal information must be handled in a proper and confidential manner.

The Clifton Club Company Ltd recognises its obligations under the General Data Protection Regulation (May 2018) and is duly registered as a Data Controller with the Information Commissioner’s Office (ICO). Its registration details are to be found in the Data Protection Register maintained by the ICO. This Register may be inspected online through the website of the ICO.

In its data processing, The Clifton Club Company Ltd undertakes, through management and controls, to abide by the eight Principles of the Act which require personal information:
1. To be fairly and lawfully processed, and not processed unless specific conditions are met.
2. To be obtained only for purposes specified in the Act, and not processed in any way which would be incompatible with those purposes.
3. To be adequate, relevant and not excessive to the purposes for which obtained.
4. To be accurate and kept up-to-date.
5. Not to be kept for longer than is necessary.
6. To be processed in accordance with the data subjects’ rights.
7. To be secured against unauthorised or unlawful access and processing, and against accidental loss or destruction or damage.
8. Not to be transferred to a country outside the European Economic Area, unless the country ensures adequate data protection of data subjects.

The Clifton Club Company has a responsibility to explain the purposes for which information is kept and used and there is a requirement on all staff and all connected to the Club to respect the confidentiality of information relating to Club members and Company business.

The Clifton Club,
May 2021