Use of data about members - consultation

Member Groups’ membership details are kept on BCS's central database and Member Groups can arrange for mailings to their members.

All member data must be handled in strict accordance with the BCS Information Security Policy Statement Committee members who are professional members (MBCS/FBCS) of BCS may have access to BCS membership data, subject to:

  • An explanation of why access is necessary that is acceptable to the Member Group committee (i.e. no one has vetoed it)
  • Confirmation that the person requesting access understands the Data Protection Act.
  • Requests to use membership details should be sent to the Member Groups Team     

Where personal data about attendees is collected at, or for, an event it should not be passed on without the attendee’s approval. For example, if the speaker wishes to follow up with those attending they should get permission from those attending for them to do so.

Additional guidance on the treatment of Personal Data from members and attendees at events.

When collecting, using and securing items of personal data from members and/or event attendees/enquirers, two overriding principles must be applied:

  • the data must be used only for the purpose(s) that were declared prior to its collection/elicitation;
  • it is BCS policy that all data collected through an event booking/registration system (manual or electronic, central or local) shall be regarded as protected personal data unless otherwise declared to attendees/enquirers in advance (and effective opt-outs provided if necessary).

Particular care needs to be taken in circumstances when any of the attendees’ data may need to be shared with third parties, including: joint meetings;, sponsored events (especially if hosted on the sponsor’s premises); if it is intend to publish a delegates list; if it is intended to use the data to advertise other events or promotions; or for a speaker/sponsor to supply supplementary information.


Feedback forms

At the end of our events we often provide a feedback form and this has a space to request more information by providing an email address. What is the BCS' advice on how best to store this? This could be stored in an encrypted file (e.g. using Truecrypt) and then uploaded to the Committee's workspace (e.g. Huddle) but that still leaves paper copies. Fully appreciate the Data Protection act applies, which limits the usage and storage of data amongst other things, but there needs to be a mechanism for groups to collect data and store it responsibly. If BCS could provide a system online for this, with access controlled by the Member Groups board (forgive me if that's the wrong term) it would be easy to revoke a person's access if they leave a committee (or the BCS). At present I fear each group has their own stores of information which aren't managed appropriately (if I leave the YPISG I have plenty of data which arguably I should have continued access to).

Are there plans to introduce such a system?

Jonathan Haddock
Treasurer, YPISG

Personal data

The point about taking care not to share personal data collected from events with third parties is very important. I have been asked several times recently by external contacts for access to my schools mailing lists, which I always refuse.
A related issue is how to decide whether to respond to requests to forward details of non-BCS events/job offers etc to lists of contacts and especially the official MG mailing list - no wish to swamp people with useless information, but some may be interested.

Non-members lists

The Edinburgh branch use the BCS members list to promote it's events. Like many I suspect we also maintain a separate non-BCS members list managed by the branch to promote our event to people who have attended our events in the past and given us their email address for this purpose.

As far as I am concerned we fully comply with the data protection act as we request optional data on an attendance list, and people can choose not to provide it. At any point they can also unsubscribe from the list. We also ensure the data is kept securely.

However I personally feel using third party mailing lists does not make the BCS look good and it can't be centrally monitored by the BCS to ensure it is not used inappropriately.

I believe the BCS are looking to create a non-members list which I think would be a very good thing and I would encourage them to ensure that Branch and SG committee members can bulk add addresses when provided appropriately at events.

Jonathan Shenton
Publicity Officer
BCS Edinburgh Branch