ROYAL ENGINEERS OFFICERS’ WIDOWS SOCIETY PRIVACY STATEMENT
Our Privacy Statement
V5 September 2023
Our Privacy Statement
This Privacy Statement tells you what to expect when you, as Members and Beneficiaries of the Royal Engineers Officers’ Widows Society (REOWS) Annuity Fund and The Samaritan Fund, give your personal information to us.
Personal information includes any information that identifies you personally, such as your name, address, email address, telephone number and date of birth. The REOWS recognises that your privacy is very important. We want you to be confident with the way we handle your information and with our commitment to protect and respect your privacy. We outline below how The Society collects, uses and protects this information; for how long we retain it; and how we dispose of it when we no longer need it. Also we inform you of your rights concerning the provision, use and retention of your data.
Data Controller
We, the Council of the REOWS, will be the ‘data controller’ of the personal information collected and used by the Society. This means we are responsible for deciding what personal data about you is required and how it should be protected.
What information we collect and what we use it for
We hold personal data on you to enable us to ensure your subscriptions into the REOWS Annuity Fund are accurate and to calculate and pay benefits to you or your dependants. The information will also be used, where necessary, for the financial management of the Annuity Fund.
For Members, the REOWS, as data controller, collects and stores personal information; name, initials, rank, date of birth, address, email address, telephone numbers, date and type of commission, relationship status and, if you are married or in a recognised long term relationship, we collect your date of marriage, your registered partner’s name and date of birth and the same for any children under the age of 21.
We may also hold and use more sensitive data (also known as ‘special categories of data’) such as health information collected when considering applications for units. We may need this sensitive data if it is necessary for us to pay death benefits to the people you have nominated. If we use this data it will be in accordance with our contract with you, and/or because you consent, at the time, to us holding and using this information. You may withdraw that consent at any time, in which case we will erase that sensitive data. However, if we consider that doing this will prevent us from paying the correct benefits to you or your dependants, we will let you know before proceeding.
We will use your personal information to inform you of changes in rules or subscriptions, administer your Membership, keep your details current, send you an annual newsletter and inform you of AGMs. We process this data under the legitimate interest of fulfilling the contract we are entering into with you. We will ask you for your consent to collect, hold and process any of your information which you have provided to us.
The Society does not hold banking details for its Members. From June 2021 all new Members will complete a Direct Debit mandate with GoCardless Ltd, a copy of which will be held on the Member’s record. Banking details will only ever be requested in order to process a refund to Members who are not paying via Direct Debit. Refunds will be processed via Lloyds Business Online Banking and the relevant bank details will not be retained.
For our Beneficiaries (registered spouses or partners of deceased REOWS members and dependent children under the age of 21), we maintain the personal information above adding your email address and telephone number as well as Next of Kin and/or those holding any Powers of Attorney. We will also request your bank account details in order to make an initial lump sum payment and set up a standing order instruction to our bank in order to pay annuities. We will also maintain similar details for any children under the age of 21 in order to maintain annuity payments. This data is collected under the legitimate interest of fulfilling our contract with the Member. We will ask you, or until you reach 18 years of age, your parent or guardian, for consent to collect, hold and process that information.
For beneficiaries of the REOWS Samaritan Fund, we will collect and store personal information, name, initials, date of birth, postal and email address and telephone numbers, plus information from third party organisations regarding individual cases.
Why do we hold this information?
We need to know this information in order to secure the benefits rights commensurate with the amount of subscriptions paid in. We will not retain any personal information that we do not need for these purposes without your explicit prior consent. No third parties will be given access to the personal information we hold unless they have a need to know it in order to provide a service covered by these purposes, or the law requires access to be given. We are required to state the legal bases upon which we rely to process your personal information; these are three in number and are:
- Legitimate Interests: we have a legitimate interest in ensuring that you and/or your dependants receive the benefits to which you/they are entitled and to ensure that the Annuity Fund is well run and has sufficient funds to pay the benefits promised.
- Contractual Performance: we hold and use this information so that we can perform our contractual obligations to you under your membership of the Fund and ensure that you and your dependants receive the benefits to which you or they are entitled.
- Compliance with a Legal Obligation: we also hold and use this information to comply with our statutory obligations, for example to calculate whether the Fund has enough money to pay future benefits.
Our actuarial advisers also hold and use some of your personal data. The lawful reason they hold this data is because they have a legitimate interest in providing actuarial advice and valuations for us. For example, the Scheme Actuary carries out calculations to advise us if the Fund has enough money to pay the future benefits promised to its members.
How we collect information and keep it current
We receive, store and maintain the information which is given to us by Members and Beneficiaries in writing, via email, on the phone, or via using the enrolment and/or contact forms form on the website when you apply for Membership, and when you make an enquiry or a claim or provide an update. When you contact us we check your details with you for accuracy and update them where necessary.
We also ask for your consent to be contacted by the Society by email, telephone, SMS and/or by post. Having agreed to this Privacy Statement, you may at any time choose to opt out of being contacted by any of these methods by emailing the Secretary at secretary@reows.co.uk.
If a Member’s contact details become invalid the Society may check for updates with the Institution of Royal Engineers.
The Officers’ Association, SSAFA and the Royal Engineers’ Association will routinely provide casework in order to inform support by the REOWS Samaritan Fund.
Keeping us informed
It is important that the information we hold about you is accurate and current. Please keep us informed if your personal information changes during your membership of the Society so that we can continue to pay your dependents benefits when due and contact you about your membership of the Annuity Fund. In particular, please let us know if you move home or change your email address, so that we can stay in touch with you.
How we safeguard your information
Your information is kept in a secure and confidential environment and is accessible only to permitted processors whose access is password-protected. Personal information can be seen by those who administer your Membership. This is limited to the Secretary and members of the Council.
Any bank account details provided are used to set up payments with our bank (Lloyds) and subsequently deleted.
The REOWS will never pass any of your information to other organisations without your specific consent or except where required to do so by law (this includes for annual auditing of accounts by our Auditors, Hillier Hopkins LLP). Your data may be shared with contractors that provide services (Dataware Consultancy Centre Limited for SubscriberCRM [SCRM] our current database system, with data stored on MS Azure) and such sharing will be subject to contract conditions that meet the requirements of GDPR, limit the use of the data to a specific purpose and require its deletion after use.
If there is a requirement to share your data with third parties such as, for example, The Lady Grover’s Fund, the Officers’ Association, the Royal Engineers’ Association or any other third party charitable organisation who may provide advice and/or support, we will request your consent first. When shared with external agencies, information will always be password protected.
How long we will keep your information
We will keep your personal information on our database while you are a Member or Beneficiary of the Society or beneficiary of the Samaritan Fund and for seven years after your Membership or benevolence ceases ends as required by HMRC for any financial data. We need to keep some of your membership details (name, date of birth, number of units of cover held and, where applicable, when your membership ended) for audit and analytical purposes. When shared this data will be anonymised and is used to inform actuarial analysis and advice which influences both subscription and benefit rates.
Your rights
You have the right to:
- Receive a copy of the personal data we hold on you by emailing us at secretary@reows.co.uk or writing to the Secretary, REOWS, Braeside Farm, Peat Inn, Cupar, Fife KY15 5LH.
- Object to processing where there is no legitimate interest.
- Have corrected any errors or omissions in the personal data held.
- Ask that your personal data be erased subject to any statutory or legal requirements placed on the data controller.
- Where you have given consent, you may withdraw it at any time. If you withdraw consent for the use of your information, we may be unable to fulfil our contract with you.
- Ask that the processing of your data be restricted, if you disagree about the accuracy of the data the controller holds or you object to the controller’s intention to erase your data.
- Claim compensation for damages caused by a breach of data protection legislation.
- Make a complaint to the Information Commissioner’s Office at: https://ico.org.uk/concerns/ or 0303 123 1113.
Our commitment to data security
To prevent unauthorised access, maintain data accuracy and ensure the correct use of information, we have put in place appropriate physical, electronic and managerial procedures to safeguard, secure and update the information we collect.
Using our Website
We may collect, store and use the following kinds of personal information about individuals who visit and use our website:
Information you supply to us. You may supply us with information about you by filling in forms on our website. This includes information you provide when you submit an enquiry form or membership update form. The information you give us may include your name, address, e-mail address, phone number and other personal information.
Information our website automatically collects about you. With regard to each of your visits to our website we may automatically collect information including the following:
- technical information, including a truncated and anonymised version of your Internet protocol (IP) address, browser type and version, operating system and platform;
- information about your visit, including what pages you visit, how long you are on the site, how you got to the site (including date and time); page response times, length of visit, what you click on, documents downloaded and download errors.
Cookies. Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.
Cookies expire after 365 days. You may delete and block all cookies from this site, but parts of the site may not work as they are meant to. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
This privacy policy does not cover the links within this site to other websites. We encourage you to read the privacy statements of the other websites.