Privacy policy

    Members and Subscribers

    The Relative Hills Society (RHSoc) takes your privacy seriously. We are a “controller” of the personal information that you provide to us and this privacy notice sets out how, why and for how long we will use your personal data, as well as who it is shared with. It also explains your legal rights as a data subject and how to exercise them.

    Information held

    We need to collect our members’ and subscribers' personal information so that we can manage your relationship with us.  When you first register, we may ask and securely store some or all of the following personal information:

    • Contact details, e.g. name, address, email address and phone number.
    • Membership of other climbing clubs, e.g. BMC or other clubs that provide liability insurance cover, and for affiliates, existing Mountaineering Scotland membership number.

    Why we need your personal information

    We may use your information to:

    • Provide you with core member and subscriber services, including confirmation of membership, membership card, end of year renewal and delivery of our journal by post.
    • Set up an online membership account, enabling you to manage your membership and communication preferences.
    • Organise club activities and manage risk and safety if you attend an Event or Trip
    • Where relevant, register your membership with the representative body, Mountaineering Scotland, to provide you with indemnity insurance cover, magazine subscription and other benefits they offer to members of clubs

    We also process our members’ personal information in pursuit of our legitimate interests to:

    • Provide you with news and updates about the activity of the club, opportunities to get involved in club meets, training, general meetings or other events.
    • Raise awareness of the club’s activities by capturing photos, videos, or live-streaming at events. We will use this for promotion, education and development purposes.
    • Respond to and investigate your questions, comments, support needs, complaints, concerns or allegations.

    Other uses of your personal information

    We may ask you if we can process your personal information for other purposes, for example, attending trips and events.

    Who we share your personal information with

    If we register your membership with Mountaineering Scotland, we pass on your personal data and Mountaineering Scotland, who become a controller of your personal data. Mountaineering Scotland provides full details of how it uses your personal data in its own privacy notice and will not use it for any other purpose.

    We may also share personal information (name and hill completions) for the publication of hill registers known as Halls of Fame.

    Third party suppliers with access to members’ personal data

    The RHSoc may use third party suppliers to provide services. These suppliers may process personal data on our behalf as  “processors” and are subject to contractual conditions to only process that personal information under our instructions and protect it.

    In the event that we share personal information with external third parties, we only share such information strictly required for the specific purposes and take reasonable steps to ensure recipients shall only process the disclosed personal information in accordance with those purposes.

    • Azolve Ltd provide an MS membership database.
    • Barclays Bank process payment transactions securely on our behalf.
    • Microsoft Teams is used for sending out emails to you from us
    • Mailchimp distribute MS email communications. Their servers are based in the US and they uphold the EU Privacy Shield to  certify their data security.
    • Stripe - our payment processor for fees. We do not hold any information on bank account or credit card details - these are managed directly by Stripe who also manage address information needed to verify payment.

    How we protect your personal information

    Your information is securely stored online with password controls and it is backed up. Your personal information is accessed by our Management Committee only for the purposes set out above. Your personal data is transferred to Mountaineering Scotland or between Management Committee Members by inputting it directly into a password-protected database or emailed via a password-protected spreadsheet.

    How long we keep your personal information

    We only keep your personal information for as long as necessary to provide you with membership services. Unless you ask us not to, we will review and delete your personal information where you have not renewed your membership with us for four years.

    We keep certain personal information for longer in order to confirm your identity when you were a member and for how long. We do this to comply with the Companies Act 2006, which requires us to keep a register of members, and in the event of a claim against the RHSoc.

    You have a right to:

    • Change your communication preferences or restrict the processing of your personal data for specific purposes.
    • Request that we correct your personal data if you believe it is inaccurate or incomplete.
    • Access the personal data that we hold about you through a “subject access request”.
    • Request that we delete your personal information.

    You can contact us about this by Email to RHSoc@RHSoc.uk.  If you are dissatisfied, you have a right to raise a complaint with the Information Commissioner’s Office at www.ico.org.uk.

    Website users

    We may collect and process the following data about you:

    • Personal Identification Data: We do not currently collect personal details about website visitors who are not members or subscribers.
    • Technical Data: Data about the devices that you use to connect to our site, including but not limited to IP address, browser type and version,
      time zone settings, browser plug-in types and versions, operating system and platform.
    • Cookies: As with the majority of sites, we use anonymised cookies (which don't contain personal information) to identify return visitors and for Members and Subscribers to remember you so that you don’t have to log-in each time you visit the site.
    • Usage Data: Anonymised information about how you use our site stored within Google Analytics.

    How We Use Your Data for our website services

    We use the data we collect in the following ways:

    • To provide, operate, and maintain our Site.
    • To improve and expand our Site.
    • To understand how you use our Site.
    • To develop new products, services, features, and functionality.
    • To communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the Site.
    • To process and manage your entries.
    • Data Sharing

    We do not share your website data with third parties other than for tracking as described above.

    Data Security

    We have implemented appropriate website security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed.

    Data Protection Principles

    We adhere to the following principles when processing your personal data:

    • Lawfulness, fairness, and transparency: We process personal data lawfully, fairly, and transparently.
    • Purpose limitation: We collect personal data for specified, explicit, and legitimate purposes and do not further process it in a manner that is incompatible with those purposes.
    • Data minimization: We ensure that personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
    • Accuracy: We take every reasonable step to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is erased or rectified without delay.
    • Storage limitation: We keep personal data in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.
    • Integrity and confidentiality: We process personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.