What this Privacy Notice covers
The data controller is:
Grand Lodge Communications Officer
Grand Lodge of British Freemasons in Germany (GL BFG)
(referred to in this Notice as “we” or “us”),
The Data Protection Officer of the controller is:
Wolfgang Schneider data-protection-hannover
Lange Weihe 39A
We are committed to doing the right thing when it comes to how we collect, use and protect your personal data. Your privacy matters to us, so please do take the time to read our Privacy Notice which explains:
- What types of personal data we collect and why we collect it.
- When and how we may share personal data within the Grand Lodge and with our constituent lodges.
- The choices you have, including how to access and update your personal data.
We have tried to keep this Notice as simple as possible, but if you are not familiar with terms such as data controller, special categories of personal data, then read about these and some others in Key terms.
Personal data we collect
When you use or register for any of our services (contact form, guest book, member-log-in), you may provide us with:
- Your personal details, including your, email address, phone number, nick name, lodge number, Masonic constituency.
- Your account login details, such as your username and the password you chose.
When you browse our websites, we may collect:
- Information about your browsing behaviour on our websites.
- Information about the way you access our digital services, including operating system, IP address, online identifiers and browser details.
When you contact us, or we contact you, we may collect:
- Personal data you provide when you connect with us, including by email, post and phone, such as your name and contact details.
- Details of emails and other digital communications we send to you that you open.
Other sources of personal data:
- We may use personal data from other sources, such as constituent lodges with-in our Grand Lodge that supply information and public registers or public websites.
Using your personal data
We use your personal data in a variety of ways, as explained below.
To provide the services or information you request
We need to process your personal data so that we can manage your account, provide you with the information you requested and help in any way necessary.
To manage and improve our website
We use personal data to manage and improve our websites.
We monitor how our services are used to help protect your personal data, detect and prevent fraud, other crimes and the misuse of our organisation. This helps us to make sure that you can safely browse our website.
We use personal data to carry out internal research and development, and to develop and improve our know-how and the way we communicate with you.
To make contact and interact with you
We want to serve you better as an interested party in Masonry so if you contact us, for example by email, post, or phone, we may use personal data to provide clarification or assistance to you.
We do not sell your personal data to third parties.
Sharing personal data with constituent lodges of GL BFG
To provide services or information requested by you we may share personal data with constituent lodges near you.
We also work with carefully selected suppliers that carry out certain functions on our behalf. For example, companies that help us with IT services and storing data.
We may need to share personal data to establish, exercise or defend our legal rights.
When we share personal data with other organisations we require them to keep it safe, and they must not use your personal data for their own purposes.
We only share the minimum personal data that enable our suppliers to provide their services to us.
Sharing personal data within the United Grand Lodges of Germany
We may share the minimum personal data necessary with other Grand Lodges in Germany, for example, to make contact and interact with you.
Protecting your personal data
We know how important it is to protect and manage your personal data. We take appropriate security measures to help protect your personal data from accidental loss and from unauthorised access, use, alteration and disclosure.
The security of your data also depends on you. For example, where we have given you or where you have chosen a password for access to certain services, you are responsible for keeping this password confidential.
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by organisations operating outside the EEA who work for us or for one of our suppliers. We put in place appropriate protections to make sure your personal data remains adequately protected and that it is treated in line with this Notice. These protections include, but are not limited to, appropriate contract clauses, such as standard contract clauses approved by the European Commission , and appropriate security measures.
We will retain your personal data for only as long as it is necessary for the uses set out in this Privacy Notice and/or to meet legal and regulatory requirements. After this period, we will securely erase personal data. If data is needed after this period for analytical, historical or other legitimate business purposes, we will take appropriate measures to anonymise this data.
About cookies and similar technologies
Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device. Cookies help us to provide important features and functionality on our websites and mobile apps, and we use them to improve your customer experience. Please see our separate Cookie Notice below.
The cookies are hashed and thus non-reversable; they are stored on your computer and your identity is thus undisclosed.
Links to other websites
Our websites may contain links to websites operated by other organisations that have their own privacy notices. Please make sure you read the terms and conditions and privacy notice carefully before providing any personal data on another organisation’s website as we do not accept any responsibility or liability for websites of other organisations.
Accessing and updating your personal data; and complaints
You have a right to ask for a copy of the personal data we hold about you. You can write to us asking for a copy of other personal data we hold about you.
Please include any details to help us identify and locate your personal data. Where we can provide data access, we will do so free of charge except where further copies are requested in which case we may charge a reasonable fee based on administrative costs.
We want to make sure that the personal data we hold about you is accurate and up to date. If any of the details we hold are incorrect, please let us know.
You can also ask for your personal data to be rectified or erased, to object to the processing of your personal data and, where technically feasible, to ask for personal data you provided to be transmitted to another organisation.
We will update or erase your data, unless we must keep it for legitimate business or legal purposes.
You can also contact us if you have a complaint about how we collect, store or use your personal data. We aim to resolve complaints but if you are dissatisfied with our response, you may complain to the Die Landesbeauftragte für den Datenschutz Nordrhein- Westfalen, Kavalleriestraße 2-4, 40213 Düsseldorf.
Please submit your request or complaint in writing to the Data Protection Officer:
By post: Grand Lodge of British Freemasons in Germany, Data Protection Officer, Lange Weihe 39A, 30880 Laatzen, Germany.
By email: email@example.com
Please note that we may ask you to verify your identity before we can act on your request or complaint. We may also ask you for more information to help ensure that you are authorised to make such a request or complaint when you contact us on behalf of someone else.
Legal basis for processing personal data
We will only collect and use your personal data if at least one of the following conditions applies:
- We have your consent;
Example: Member account
You give us permission to process your personal data when you register for a member account.
- It is necessary for membership purposes of yours or to take steps at your request prior to entering into a membership;
Example: To provide the information you request
We need to process your personal data so that we can manage your account or, provide you with the information you may ask for.
Changes to our Notice
This Notice replaces all previous versions. We may change the Notice at any time so please check it regularly on our website for any updates. If the changes are significant, we will provide a prominent notice on our website including, if we believe it is appropriate, electronic notification of Privacy Notice changes.
Last update: May 2018
Data controller: The data controller determines the purpose and way personal data is used.
European Economic Area (EEA): EU Member States plus Norway, Iceland and Lichtenstein.
Special categories of personal data: This are categories of personal data revealing racial or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; genetic data, biometric data for uniquely identifying a natural person; health data; and data concerning a natural person’s sex life or sexual orientation.