General Data Protection Regulation (GDPR)


Who we are

Totteridge Garden Club (TGC) is a not-for-profit social group for people with a shared interest in gardens and gardening. The Committee of Totteridge Garden Club acts as the organisation’s data controller for the purposes of the GDPR. Individual officers of the Committee may act as data processors, in particular the Chair, Secretary and Treasurer.

Why we keep personal data and our legal basis for doing so

TGC keeps and uses personal data to run the Club efficiently and to provide our members with the services they have paid for. To do this the Officers and others involved in the organisation of the Club need to know who our members are and to be able to communicate with them. TGC is therefore adopting the legal basis of ‘Legitimate Interest’ to justify holding and using your personal data. The Committee is satisfied that it is in the legitimate interests of TGC to maintain this data, that it is necessary and proportionate to do so and that the purposes for which the data is used cannot be achieved in any other, less intrusive, way.

What we keep and what we do with it

TGC stores and uses contact details as provided by you. Those details are your name, address, telephone number/s and email address (if provided). We also have a record of your method of payment. We do not keep any bank details. We do keep a record of those attending meetings.

We use the information to keep you informed about TGC’s activities and other things that may be of interest to you. The information is held electronically on personal computers and in paper form as required. Every effort is made to ensure that your data is secure. The data of all members of the Group is held by the Chair, Secretary and Treasurer. Individual members’ details are made available to and held by other Committee members and other members involved in organising activities as and when required.

Who we share it with

We do not, and will not, share your information with anyone outside of Totteridge Garden Club, except for

  • a third party venue where we have a seating plan and specified meal choices – only your name and dietary request will be shared;
  • a travel agent, for the purpose of arranging a club holiday – here more specific personal data may be required (it may include your date of birth, insurance, dietary, mobility and medical details). This will be on the event-specific application form and you may consent or object at the time.

How long we keep it

We keep your information for the duration of your membership of Totteridge Garden Club and for 16 weeks after your last payment becomes due, unless you tell us that you do not wish to re-join. If you inform us that you are cancelling your membership all your data will be deleted from the electronic record as soon as possible.

Your rights under the GDPR

You have the right to:

  • Be informed about the collection and use of your personal data
  • Access the data held (a copy of your data will be provided on request)
  • Have any inaccuracies in your data corrected
  • Request your details be deleted from our records

·         Request that the use of your personal data is restricted

You have the right to object to the use of your personal data at any time.

If you wish to exercise any of the rights outlined above please contact the TGC Secretary

Maggie Philippson 020 8449 3687