Supporters Direct Scotland (SDS) will comply with its obligations under GDPR by:
Who are we?
Supporters Direct Scotland Limited (SDS) is a Registered Society under the Co-operative and Community Benefit Societies Act 2014. Our registered address is 64A Cumberland Street, Edinburgh, EH3 6RE. Our Registered Number is 7681.
What is personal data?
Personal data means any information relating to an identified or identifiable person (‘data subject’); an identifiable person is one who can be identified, directly or indirectly, by reference to an identifier such as:
What is sensitive data?
Under GDPR sensitive data uses the term ‘special categories of personal data’ meaning personal data that reveals:
What is data processing?
Data processing includes:
What data do we hold?
We hold contact details (email address) for Scottish Supporters Network members / Supporters Direct Scotland full members. Sensitive data may be held via our Annual Supporters Survey.
How do we collect this data?
We collect this data from you when you complete your membership application. We also collect data via our Annual Supporters Survey.
Where do we hold this data?
We hold this data securely in a file hosting service called G Suite (cloud based) and via SurveyMonkey/Mailerlite.
Which payment processors do we use?
We use GoCardless (www.gocardless.com) to process membership fees and PayPal (www.paypal.com) for the processing of ad hoc online payments.
Which communication processors do we use?
We use Mailerlite (www.mailerlite.com)
What legitimate interest do we have in holding and processing your personal data?
We use your personal data to:
Who do we share your personal data with?
We do not share your personal data with anyone.
Will your data be processed outside the UK or EU?
Your data will not be processed outside the UK or EU.
How long do we hold your personal data for?
We will hold your personal data for as long as you continue to be a subscriber/member.
What are your rights under GDPR?
You have the following rights with respect to your personal data under GDPR:
What is our Data Breach Policy?
A data breach is a breach of security leading to the accidental or unlawful destruction of, alteration of, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.
In the event of a security breach SDS (data controller) will make a report to the Information Commissioner’s Office (ICO) without delay and at the latest, within 72 hours of becoming aware of it if it presents a risk to the rights and freedoms of the data subjects.
How do you contact us?
You can contact us by email at:
Or by writing to us at:
Supporters Direct Scotland, 64A Cumberland Street, Edinburgh, EH3 6RE.