1.1 The Architectural Heritage Society of Scotland (‘the AHSS’) is a Scottish charity registered under the number SC007554REG and a company limited by guarantee, registered in Scotland (SC356726) at 15 Rutland Square Edinburgh EH1 2BE.
1.3 As a not-for-profit organisation, the AHSS qualifies for an exemption from the requirement to register with the Office of the Information Commissioner as a data processor, as long as it gathers and processes only such information as is necessary:
1.3.1 to establish or maintain membership or support;
1.3.2 to provide or administer activities for people who are members of the Society or have regular contact with it.
1.4 The AHSS has availed itself of this exemption and as such is not a ‘data controller’ of your personal data. Nevertheless it holds itself to high standards as detailed below.
1.5 Your membership is administered on behalf of the Society by a firm, currently Hall McCartney Ltd (‘our membership administrators’), with whom we have a contractual relationship. Hall McCartney are registered as data processors under the GDP Regulations and are obliged to apply the same standards of confidentiality and privacy as we do ourselves.
2. How we collect your information
2.1 We may collect your personal information in a few limited ways, namely:
2.1.1 directly from you, when you fill in an application for membership, when you make enquiries on our website, or when you interact with us during your time as a member in various other ways (for example, where you attend our AGM or an event organised by us);
2.1.2 directly from you, when you provide your email address to us for the purpose of keeping you informed about our campaigns, events and newsletters;
2.1.3 from someone else who has bought membership on your behalf (for example where they have bought AHSS membership for you as a gift and provided us with your contact details for that purpose).
3. The types of information we collect
3.1 We may collect the following types of personal data about you (and your family members, where relevant):
3.1.1 Contact and communications information, including your contact details (including email address(es), telephone numbers and postal address(es)) and records of communications and interactions we have had with you;
3.2 We may also collect limited data concerning your mobility, special needs or dietary requirements, where you have volunteered this, for example so that we can cater for you when you attend an AHSS event.
3.3 We hold no information on your bank accounts or payment cards.
4. How we use personal information
4.1 Personal information provided to us and / or our membership administrators will be used for the purposes outlined at the time of collection or application in accordance with the preferences you express.
4.2 Personal data collected and processed by us may be used for the following purposes:
4.2.1 administration of membership(s);
4.2.2 fulfilment of orders for goods and services;
4.2.3 where this is necessary for the performance of a contract (including the Terms of Membership) with you;
4.2.4 communication about our work, membership, and other activities that we think may be of interest to you;
4.2.5 administration of donations and legacies.
5. Your location
5.1 Our website does not use geolocation data.
6. Your marketing preferences
6.1 The AHSS and our membership administrators need to manage your membership subscription and may contact you from time to time in this regard. Examples of the type of communication would be:
6.1.1 membership-related mailings such as your renewal reminder, our regular magazine and AGM notices;
6.1.2 transaction notifications, such as payment receipts or Direct Debit confirmations.
6.2 For all other types of communication, you always have control of how we communicate with you, for example by subscribing or unsubscribing to receive newsletters by email. You can sign up to receive newsletters on our website; unsubscribe via a link contained in each newsletter, or update your choices and/or your contact details by contacting us at firstname.lastname@example.org
7. Sharing your information with others
7.1 We do not share your personal information for other organisations to use, other than as set out below.
7.2 Personal data collected by us, or collected and processed on our behalf by our membership administrators, may be shared with the following groups where necessary:
7.2.1 AHSS employees and volunteers, for the purposes of administering your membership and giving you access to the full range of membership benefits to which you are entitled.
7.2.2 Also, under strict obligations of confidentiality and with other appropriate protections in place:
18.104.22.168 our Contractors (such as our membership administrators, Hall McCartney Ltd and the firm which deals with dispatching the Magazine, Journal and any other mailshots);
22.214.171.124 our professional advisors
7.3 Third party access to your information is always subject to our control.
8. How long is your information kept?
8.1 We hold your information only as long as necessary for the purpose for which we use it. For most membership data, this means we retain it for so long as you have a valid AHSS membership and for a period of six years after your last interaction with us (for accounting, tax reporting and record-keeping purposes).
9. Your rights
9.1 You have the right to ask us, in writing, for a copy of all the personal data held about you (this is known as a ‘subject access request’). A copy will be sent to you as soon as possible and this will be no later than one month after your request.
9.2 If you would like to access your personal data held on our behalf, please apply in writing to our membership team:
AHSS – Subject Access Request, PO Box 21, Baldock SG7 5SH.
9.3 Under the GDPR, you have the following rights:
9.3.1 To require us not to send you marketing communications;
9.3.2 To require that we cease processing your personal data if the processing is causing you damage or distress.
9.3.3 To require us to correct the personal data we hold about you if it is inaccurate;
9.3.4 To request that we erase your personal data;
9.3.5 To request that we restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal);
9.3.6 To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller; and
9.3.7 To object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights.
9.4 Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply: in particular the exemption relating to not-for-profit organisations managing their membership and activities, not constituting data processing.
10. Contact and complaints
or by post: AHSS, 15 Rutland Square, Edinburgh EH1 2BE.
10.2 If you are not satisfied with how we are dealing with your personal information, you can make a complaint to the Information Commissioner. You can find out more about your rights under applicable data protection legislation from the Information Commissioner’s Office website available at ico.org.uk.
Approved by Council 8 June 2023