On 25 May 2018, the General Data Protection Regulation (EU Regulation 2016/679) came into force. The Regulation confers upon organisations the obligation to be explicit about retention of personal information. Under normal circumstances the Regulation prohibits organisations from holding and using individuals’ personal information without their explicit and freely given consent. However, the relationship between the University of Edinburgh Graduates’ Association and its membership is that of a contract; members pay a subscription fee and receive membership services, including attending regular events and receipt of the University of Edinburgh Journal.
Purchasing membership automatically provides consent for UEGA to hold personal membership information. UEGA cannot operate without retaining personal membership information.
What follows is a general breakdown of a member’s rights, how we gather information, and what we do with it.
Individual Rights Under the General Data Protection Regulation (GDPR)
The GDPR confirms the following rights for individuals:
1. The right to be informed
2. The right of access
3. The right to rectification
4. The right to erasure
5. The right not to be subject to automated decision making, including profiling
UEGA and Personal Information of Members
UEGA is a non-profit alumni organisation. It collects and stores personal information regarding members. For the purposes of this Regulation, “Members” includes (a) those individuals who have current paid-up membership; (b) individuals who have previously been members of UEGA in the last ten years. “Personal information” means the member’s name, address, any additional addresses, any e-mail addresses, any telephone numbers, the type of membership held, and any degree information supplied by the member.
Collection of Information
Personal information is collected through completed membership forms or through provision of the same information in an equivalent form, or communicated verbally to members of UEGA committee or staff (for example at a UEGA event), and/or through any additional correspondence
between individual members and UEGA committee members or staff.
Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
Other cookies may be stored to your computers hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Storage of Information
Members’ personal information is held and stored by the Honorary Secretary, Honorary Editor, Assistant Secretary, and Assistant Editor on behalf of UEGA. Some information may be held by other committee or staff members of UEGA when it is relevant to the execution of Association duties. Copies of correspondence, including e-mails, may also be retained, usually by the Assistant Secretary, Assistant Editor, or the committee/staff member contacted. Committee and staff members may also share correspondence when the duties of their office or position so dictates.
Use of Information
The personal information of members of UEGA will be used to (a) maintain the integrity of the membership list; (b) inform members of upcoming events and to make announcements concerning other activities of direct relevance to members; (c) make other notifications to members where the committee or staff of UEGA deem it necessary, either in the interests of individual members or the well-being of UEGA as an organisation; (d) maintain accurate records relating to the financial and other activities of UEGA; (e) distribute the University of Edinburgh Journal and any supplements to UEGA members.
Communication with Members
Communication with members will normally be by e-mail address, where an e-mail has been provided, or by postal address where not. Requests for communication by channels other than e-mail will be honoured wherever reasonably practicable.
Member Control of Personal Information
Members have the right to ask at any time for a copy to be provided to them of the personal information that UEGA holds on them. Members also have a right to correct this information. The Assistant Secretary will comply with any member request for rectification or deletion of personal data of this kind within one calendar month. Additionally, the Assistant Secretary will comply with any member request for access to personal data of this kind within one calendar month.
Protection of Information from Third Parties
UEGA will not share members’ personal data with third parties except (a) if HMRC makes a request for information that is directly relevant to the prudent exercise of that role and office; (b) a list of delegates attending an event is requested by the staff of an institution or venue hosting that is made on security or safety grounds; (c) in the event of UEGA being in receipt of a court order or warrant to cooperate with an official investigation by the Police or a like body; (d) if the University of Edinburgh makes a request for information; (e) to any supplier and/or printer for distribution of the University of Edinburgh Journal.
Questions and Complaints
Complaints or queries about data handling or breaches of privacy should be directed in the first instance to the Honorary Secretary of UEGA. For a more comprehensive explanation of GDPR, members can also visit the University of Edinburgh’s website at: