The Master Innholders Ltd holds personal data for, and communicates with, the following groups:
- Active and retired members of the Master Innholders
- Active and retired members of the St Julian Scholars Alumni
- Applicants for the Master Innholders Scholarship programme
- Applicants for the Master Innholders Aspiring Leaders Diploma (MIALD) programme
- Applicants for the annual Moét & Chandon Educational Tour
The database is held at Innholders’ Hall by the Worshipful Company of Innholders’ Assistant Clerk who is responsible for its accuracy, maintenance and communicating with members. Email group lists are held by the Executive Secretary and Custard Communications Ltd for the purposes of communicating with members.
Who is Responsible for the Data Security
The Executive Secretary of the Master Innholders is designated as the organisation’s ‘Data Controller’. The Data Controller is responsible for ensuring the Master Innholders and its data processors comply with the provisions of GDPR. A Master Innholders Executive Committee member is designated as the Data Protection Officer.
What is required to comply with GDPR
Article 5 of GDPR requires that personal data shall be:
a) processed lawfully, fairly and in a transparent manner in relation to individuals;
b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research or statistical purposes shall not be considered to be incompatible with the initial purposes;
c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Article 5(2) requires that:
A Data Controller shall be responsible for, and be able to demonstrate, compliance with the principles.
How we collect the information we hold
The Master Innholders collects personal information from you through your membership, scholarship, MIALD or Educational Tour application forms and through any subsequent amendments you may wish to make by e-mail or post.
We also collect information automatically each time you visit the Master Innholders or St Julian Scholars website and/or make a booking for an event. This information, which records what parts of the website you visited, is only used as aggregate information, not as identifiable individual information. Information used for booking an event will be held for that purpose.
What information do we hold about you?
We hold basic contact details, title, name, initials, postal and email addresses and landline and mobile telephone numbers and place of employment. Those who are members of a particular group are annotated as such. None of the data we hold would be classified as ‘Sensitive Personal Data’ as this generally relates to bank & medical details.
We also use the aggregate information about visitors’ site usage patterns to enable us to see how popular different parts of the website are with our visitors, helping us decide how best to further develop the website.
What we do with personal information
We use the personal information that you give us to keep a record of membership, attendance on programmes and to able to contact individual members. The postal address is required so that we can send you hard copies of information when necessary. We will also use this data to contact you from time to time via email, telephone or postal mail to inform you of events and other items deemed to be of interest to members.
How we ensure the accuracy of the information
To ensure the accuracy of the information we hold we will from time to time request individual members to update the information we hold on them and confirm it is accurate. We also request and rely upon members to inform the Executive Secretary of any changes to their personal details by writing, emailing or telephoning the Executive Secretary.
Who do we share information with?
The Master Innholders shares what information it holds about identifiable individual members with those who have a legitimate reason to have access to the data including Executive Committee members (Directors) of The Master Innholders Ltd, St. Julian Scholars Committee members, Assistant Clerk of the Worshipful Company of Innholders and its PR and marketing company, currently Custard Communications Ltd. The Master Innholders will not share any information we store about you with any other individuals or members without the express consent of the individual.
Upon joining the Master Innholders and St Julian Scholars, members agree to display a photograph and biographical details in the members’ area of the website for the information of other members unless specifically requested not to by the individual.
From time to time the Master Innholders may engage external ‘Data Processors’ to carry out such work as printing and distributing hard copy information and to carry out necessary data cleansing to ensure the accuracy to the data.
The Master Innholders has written agreements with any external ‘Data Processor’ given access to the information we hold, that requires them to comply with the DGPR and abide with the principles laid out in this document.
How we ensure the security and privacy of the data
The data is stored on a server and access to that part of the system where data is physically stored is via a User ID and Password login process. The number of personnel who have been issued with a User ID and Password is strictly limited to people who would have a valid requirement to process personal data.
The data file is encrypted and can only be opened and read by the input of a secure password. The number of personnel who have been issued with the password is strictly limited to people who would have a legitimate requirement to process personal data.
What if you would like us not to contact you in the future?
You can write, email or call us at the address below to request us not to contact you again in the future.
What if you would like your details removed from our records?
Once again, write, email or call us at the address below and we will, at your request, delete your details from our records.
Deceased Members’ Information
The Master Innholders does retain limited person data of deceased members including name and date of death for historical purposes unless specifically requested otherwise.
If you have any further enquiries you can contact the Executive Secretary, who is the Data Controller, at:
For more information about General Data Protection Regulations and your rights visit the following site – www.informationcommissioner.gov.uk