GXSA Policy for Holding and Processing Personal Data under the General Data Processing Regulations (GDPR)


In relation to Personal Information (Personal Data) the GXSA will:

1) Only collect, hold or use personal data about members and other persons for the purposes of administering and running the association and its activities.

2) Avoid collecting, holding or using any sensitive personal data unless it is necessary, such as to facilitate collection of fees or to ensure the safety of activities. Where standing order bank details are obtained they will be processed and sent to the relevant bank in good time without details of the account being retained.

3) Not pass personal data to third parties other than for managing the purposes of the Association or allow it to be used in any commercial way or passed abroad.

4) Hold all electronic data on personal computers or reputable "cloud" sites protected by password and keep all other personal data safely so that it is only available to Officers and committee members of the association or to other members of the association authorised by the committee or others assisting those persons in managing the association's activities.

5) Keep personal data updated when aware of changes and where legitimately requested as set out below. As many members remain as such for life there will be no specific time limit after which personal data is deleted but if requested Personal Data will be deleted straight away unless the Association has reason to retain it, eg collection of unpaid fees.

6) Only make members' personal data available in any handbook or data site to other members if such member has specifically consented to their personal details being included in such a document or put on such site.


Please note:

a)  The personal data controller is the Gerrards Cross Sailing Association, which can be contacted at The Gerrards Cross Memorial Hall, East Common, Gerrards Cross, SL9 7AD

     Website: www.gxsa.org.uk         E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

b)  You have the right to find out what personal information the GXSA holds about you and to seek to amend it and/or have it deleted. If you wish to do so,  please contact the above.

c) You have the right to complain to the Information Commissioner's Office about the way your personal information is handled by the GXSA if you wish.  




Information Commissioners Office Fee Assessment

We have undertaken the evaluation at ico.org.uk/fee-checker. It appears that GXSA is exempt from paying a fee, on the basis of the following assessment:

 Start again

You are under no requirement to pay a fee

Some not-for-profit organisations are exempt and based on the information you have provided you do not have to pay a data protection fee to the ICO.

However, it is important that your organisation adheres to the principles of the General Data Protection Regulations and understands best practice for managing information. To help ensure you are complying with the GDPR, we have produced a range of training materials including practical toolkits, training videos and more. 

Even if you are exempt, you may still wish to pay a data protection fee.