Privacy Policy

Your privacy is very important to us. We have developed this Policy in order for you to understand how we collect, use, communicate and make use of personal information. The following outlines our privacy policy.

GDPR (General Data Protection Regulation) Compliance

The GDPR came into force on May 25th 2018 and we have updated our Privacy Policy accordingly:

1. Database Controller/Processor: See Data Protection Policy below

2. The purpose of processing your details held in our database, is to enable us to inform you of news, updates and notifications from The Worcestershire and Sherwood Foresters Regimental Association. Your details will be used (with your consent) for this purpose only.

3. The categories of personal data we hold, are:

(a) Your Full name

(b) Address

(c) Tel: No.

(d) Email Address

(f) Regiment you served with

(g) Battalion (if specified)

(h) Rank (if specified)

(i) Association Branch you are a member of (if specified)

We may contact you by any of the above means, unless you have opted out of us doing so. If you have opted in, or out of us contacting you, your preferences are automatically recorded in our database upon registration.

4. To ensure the security of personal information, all details are kept on a secure Database within a highly monitored environment and cannot be transferred without our, or your consent

5. All details are kept securely by us until such time as you may request us to remove them from our Database.

6. You may request us to forward your personal details we hold, under your Data Subject's Rights.

7. If consent is given for us to contact you, you have the right to withdraw your consent at any time. If you have opted out of us contacting you by; email, phone, text or post, we will not contact you by those means. However, If you have opted out in error or change your mind at any time, please re-register and your changes to consent will be updated within our database

8. You have the right to lodge a complaint with a supervisory authority

9. All details within our database were/are from individual membership registration with The Worcestershire and Sherwood Foresters Regimental Association and no details were/are obtained from any publicly accessible sources

10. Provision of your personal data forms part of a statutory requirement to enable us to keep in touch with you. Failure to provide personal data will not make it possible for us to do that



1.   Introduction

WFRA needs to collect and use certain types of information about the members or service users who come into contact with WFRA in order to carry out our work.  This personal information must be collected and dealt with appropriately whether it is collected on paper, stored in a computer database, or recorded on other material and there are safeguards to ensure this under GDPR.
2.   Data Controller
WFRA Executive Committee is the Data Controller under the Act which means that it determines for what purposes personal information is held or is likely to hold and what the general purposes that this data will be used for.
3.   Disclosure
WFRA may share data within the Membership such as the Branch Secretaries and other authorised officers.  The individual will be made aware in most circumstances how and with whom their information will be shared.  There are circumstances where the law allows WFRA to disclose data without the data subject's consent.
These are:
      a.   Carrying out a legal duty or as authorised by the Secretary of State.
      b.   Protecting vital interests of an individual or other person.
      c.   The individual has already made the information public.
      d.   Conducting any legal proceedings, obtaining legal advice or defending any legal rights.
      e.   Providing a confidential service where the individual's consent cannot be obtained or where it is reasonable to proceed without consent: eg. where we would wish to avoid forcing stressed or ill          individuals to provide consent signatures.
WFRA regards the lawful and correct treatment of personal data as very important to successful working and to maintaining the confidence of those with whom we deal it also intends to ensure that personal data is treated lawfully and correctly.  to this end WFRA will adhere to the Principles of Data Protection, as detailed in the EU General Data Protection Regulations.
Specifically, the six Principles require that personal data:
        1.   Must be processed lawfully, fairly, transparently and, in particular, shall not be be processed unless specific conditions are met.
        2.   Can only be collected for specified, explicit and legitimate purposes and shall not be processed in any manner incompatible with that purpose or those purposes.
        3.   Shall be adequate, relevant and limited to what is necessary for processing.
        4.   Shall be accurate and kept up to date.
        5.   Must be kept in a form such that the data subject can be identified only as long as necessary for processing.
        6.   Must be processed in a manner that ensures its security.
WFRA will, through appropriate management and strict application of criteria and controls:
        -   Observe fully, conditions regarding the fair collection and use of personal data.
        -   Meet its legal obligations to specifiy the purposes for which data is used.
        -   Collect and process appropriate data and only to the extent that it is needed to fulfill its operational needs or to comply with any legal requirements.
        -   Ensure the quality of information used.
        -   Ensure that the rights of Members about whom data is held can be fully exercised under the Regulation.  These include:
               -   The right to be informed that processing is being undertaken.
               -   The right of access to one's personal data.
               -   The right to prevent processing in certain circumstances.
               -   The right to correct, rectify, block or erase data.
        -   Take appropriate technical and organisational security measures to safeguard personal data.
        -   Ensure that personal data is not transferred without suitable safeguards.
        -   Treat people justly and fairly whatever their age, religion, disability, gender, sexual orientation or ethnicity when dealing with requests for information.
        -   Set out clear procedures for responding to requests for information.
4.   Data Collection
Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
WFRA will ensure that data is collected within the boundaries defined in this policy.  This applies to data that is collected in person or by completing a form.  When collecting data WFRA will ensure that the individual;
       a.   Clearly understands why the information is needed.
       b.   Understands what it will be used for and what the consequences are should the individual decide not to give consent to processing.
       c.   As far as reasonably possible, grants explicit consent, either written or verbl for data to be processed.
       d.   Is, as far as reasonably practicable, competent enough to give consent and has given so freely without any duress.
       e.   Has received sufficient information on why their data is needed and how it will be used.
5.     Data Storage
        Information and records relating to data subjects will be stored securely and will only be accessible to authorised Association Officers.
        Data will be stored for only as long as it is needed and will be disposed of appropriately.
        It is WFRA responsibility to ensure all personal and Association data is non-recoverable from any computer system previously used within the Association, which has been passed on/sold to a third party.
6.     Data Access and Accuracy
All individuals have the right to access the data WFRA holds on them.  WFRA will also take reasonable steps to ensure that this information is kept up to date by asking data subjects whether there have been any changes.
In addition, WFRA will ensure that;
         It has a Data Protection Officer with specific responsibility for ensuring compliance with data protection.
         Everyone processing personal data understands that they are responsible for following good data protection practice.
         It deals promptly and courteously with any enquiries about handling personal data.
         It will regularly review and audit the ways it holds, manages and uses personal data.
This policy will be updated as necessary to reflect best practice in data management, security and control to ensure compliance with any changes or amendments made to the GDPR.
In case of any queries or questions in relation to this policy please contact the WFRA Data Protection Officer c/o Secretary WFRA, Soley's Orchard, Rectory Road, Upton on Severn, Worcestershire WR8 0LX


To apply for membership please complete and return the following forms: