Data Protection and Privacy Statement (Website Version)

The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 give you the right to be informed about how we process your personal information. The information below supports this right.

Introduction
The Grand United Order of the Knights of the Golden Horn (GUOKGH) is the data controller for purposes of data protection. We are committed to protecting the personal information of all our members, visitors, and partners. The GUOKGH recognises its obligations to keep personal information secure and believes it is important for you to know how we treat personal information.

We are happy to receive feedback to make this statement more user-friendly.

Who We Are
The GUOKGH is a fraternal and philanthropic charitable order under the governance of the Grand Encampment of England and The Grand Executive which provides day-to-day oversight and management.

Data Protection Officer
The Order appoints a Data Protection Officer to oversee application of the Data Protection legislation and act as a point of contact for all related matters and with the Information Commissioners Office (ICO).

Lawful Basis
The GUOKGH processes personal information about its members, visitors and wider community under any lawful basis, as defined in the UK Data Protection Act 2018 and GDPR.

Legitimate Interest
In all our operations as a charitable and fraternal order, we use the ‘legitimate interest’ lawful basis for processing in relation to delivering our services and meeting the high expectations of our members, visitors and the general public.

Consent
Sometimes, there will be situations where a member or visitor may wish to engage with additional services or opportunities. For processing personal information in this way, we seek direct consent.
We will always use ‘opted in’ Consent if we send you targeted marketing information. We will ensure that our marketing practices comply with the Privacy and Electronic Communications Regulation (PECR).

Vital Interests
We may be relied upon to provide personal information to the Emergency Services or other agencies in order for them to save a life or where an imminent or potential threat to life exists. We will disclose information to these agencies under these circumstances.

Public Task
On occasion, we will be required to disclose personal information to the police for the purpose of the prevention or detection of a crime. As this purpose would be to protect the general public, we will share such information under the legal basis of a Public Task. Where special category personal data is involved and we decide to disclose information, we will also rely on the Condition of a ‘substantial public interest’ (in the prevention or detection of an unlawful act). We will not always be able to let data subjects know that we have disclosed their personal information to the police, but we will keep a record of all such disclosures.

Collection
The GUOKGH may collect your personal information for the legitimate purpose of administering membership of the Order and providing goods and services requested.

The methods we use (electronic form, application form, etc) will inform users at the point of data collection that they are submitting personal information to the GUOKGH. When personal information is collected (in Enquiry Forms or Application Forms, etc), the GUOKGH will provide the reason for collecting the information and how the information will be used.

Where all such data collection takes place online, a secure, encrypted connection is presented to users to protect the data they are submitting. Furthermore, once that data has been safely collected by the system, only authorised personnel will have access to that data, offering additional security.

We may also collect personal information, submitted voluntarily, about users from their use of our website or social media pages. Users should note that information submitted to social media pages is not, in the first instance, collected by us, or held on our servers, but by the third party service provider such as Facebook, Twitter, etc. However, once we have collected such personal information from the external service provider, only appropriately authorised personnel will have access to this information.

We may share personal information with third party organisations (data processors) that we have engaged to provide services to us, or with whom we have a legal duty to share information, such as local authorities, etc. Such organisations are bound by the same regulations as us to use personal information only for the performance of a legal or authorised purpose.

We do not process personal data for any purposes or under any bases not listed here. If we wish to use your personal data for new purposes, we will ask for your permission directly first.
We may be required to share personal information before, during or after your relationship with us is established (member, visitor, etc).

Security of Collected Information
We maintain strict physical, electronic and administrative safeguards to protect users’ personal information from unauthorised or inappropriate access.

Data Protection and Privacy Statement