This Privacy Policy outlines how St. Catharine’s College Alumni Society collects, uses, stores, and processes the personal data of our members. We are committed to protecting our members’ privacy and have implemented measures to ensure that their personal data is treated securely and in accordance with the GDPR.

Personal Data Collection

We collect personal data from our members when they sign up for a membership on our website. This personal data may include but is not limited to, name, address, photos (profile picture), phone number, and other information provided by the member. We collect this information to provide our members with the best possible experience on our website and offer personalised services and content relevant to their interests.

Use of Personal Data

The personal data collected from our members is used for the following purposes:

1. To provide and maintain our membership services, including account management and communication with our members.
2. Send our members regular updates about their accounts, renewal reminders, and other relevant information.
3. To improve our services and develop new ones based on the preferences and feedback of our members.
4. To personalise the experience of our members on our website by presenting content and advertising tailored to their interests.
5. To advertise and track actions on our website through the use of cookies.

Storage and Processing of Personal Data

The personal data collected from our members is stored and processed on cloud storage services, including but not limited to Google Workspace, Google Cloud, TypeForm, MailChimp, Facebook Chat for Website, Stripe, AirTable, Softr.io, Accio Data, Dropbox, and iCloud. Some of these services are located outside of the UK and EU, but we make all reasonable efforts to ensure that their processing of personal data complies with the GDPR. We have entered into agreements with these services that require them to provide an adequate level of protection for personal data and to take appropriate technical and organisational measures to ensure the security of personal data.

Data Security

To ensure the security of our members’ personal data, we have implemented the following measures:

1. Use of a firewall to secure our internet connection and protect against unauthorised access to our network.
2. Choosing the most secure settings for our devices and software, including encryption for sensitive information.
3. Controlling who has access to our data and services, including strict access controls and regular reviews of access permissions.
4. Protecting ourselves from viruses and other malware, including up-to-date anti-virus software and regular software updates.
5. Implementing two-factor authentication for all accounts to provide an additional layer of security for our members’ personal data.

Data Retention

We retain personal data for as long as is necessary for the purposes for which it was collected or as required by law. After this, the personal data will be deleted securely.

Data Access and Correction

Our members have the right to access their personal data and request the correction or deletion of their personal data. To do so, they can contact us using the contact information provided in this Privacy Policy. We will respond to such requests promptly and n accordance with applicable laws.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our data collection and processing practices or to comply with new laws and regulations. When we make changes to this Privacy Policy, we will revise the date at the bottom of this policy and post it on our website. We encourage our members to review this Privacy Policy periodically to stay informed about how we are protecting their personal data.

Contact Information

If you have any questions or concerns about this Privacy Policy or would like to access or correct your personal data, please contact us using the contact page.

This Privacy Policy was last updated on 1.2.2023