SDFFA Privacy Policy

Our Core Beliefs Regarding User Privacy and Data Protection.

  • User privacy and data protection are human rights.

  • We have a duty of care to the people with their personal data.
  • Personal data is a liability. It is only to be collected and processed when absolutely necessary.
  • We will never sell, rent or otherwise distribute or make public your personal information.

Relevant Legislation.

  • UK Data Protection Act 1988 (DPA)

  • EU Data Protection Directive 1995 (DPD)

  • EU General Data Protection Regulation 2018 (GDPR)

Personal Information and Why We Collect It.

Personal information is required from SDFFA members in order to administer the Association, to provide access to the member’s area of the web site, to provide data on the type and location of fish caught and to administer the requirements of the MOD licence regarding eligibility of membership and usage of the river and lakes. Explicit permission for the Association to hold personal information is provided at the bottom of the rod application form.

What Information is Being Collected, Who is Collecting It and How?

  • A potential member submits to the secretary a written rod application form (with rank, name, address, phone numbers, type of subscription, rod number and where relevant, the justification for a half rod). This form is retained in DropBox
  • The SDFFA Web Site has the member’s name, email address and rod number in its database in order to enable the member to access the member’s area of the web site for administration purposes. This includes:
    • The submission of an on line catch return where the member submits the date, size and location of his catch with the name and rod number being entered automatically by the web site.
    • A member will enter their name, the name of their guest and the date of fishing for their 2 complimentary guest tickets for a full member or one guest ticket for a half rod.
  • In order to provide timely emails to members on association administration, the secretary imports a member’s first name and email address into Mailchimp At the bottom of each email is an option for a recipient to unsubscribe from further emails.
  • Members have the option of paying their annual subscription and purchasing additional day tickets by BACS. In order for the Treasurer and the Secretary to administer this, they share a spreadsheet in Google Drive which has the type of membership, rank, name, membership or guest ticket fee, the date of submission and how it was submitted (cheque or BACS).
  • The SDFFA web site uses web tracking software to better understand how people find and use our web pages and to see their journey through the website.
  • Should you choose to contact us using the contact form on our Contact Us page, none of the data that you supply will be stored by our website. The data will be collated into an email and sent to the Secretary over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS(sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by local computers and devices.

How Long is this Data Kept For ?

The on line Dropbox rod application is destroyed at the end of season which is 28 February yearly.  If a member does not renew their membership:

  • their membership details in the web site database are kept for six months (in case they renew during the year) and then deleted.
  • membership and guest ticket details held in Google Drive are deleted after one year.
  • first name and email addresses are retained in Mailchimp and people can unsubscribe from emails whenever they wish. Many ex members wish to keep in touch and re-join as and when their service or their personal circumstances allow.
  • personal catch returns are deleted at the end of February each year.

Sharing of Personal Data. Personal data is not shared with third party other information is stored within Google Drive, Dropbox and Mailchimp who have strict privacy guidelines and strive to adhere to GDPR legislation as detailed in paragraph 7 below. They do not share information with third parties.

How is Your Personal Data Stored ?

Cookies and how we use them

 What is a cookie?

A cookie is a small file placed on your computer’s hard drive. It enables our website to identify your computer as you view different pages on our website.

Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you.

How we use cookies

We may use cookies to:

  • Analyse our web traffic using an analytics package. Aggregated usage data helps us improve the website structure, design, content and functions.
  • Where applicable, identify whether you are signed in to our website. A cookie allows us to check whether you are signed in to the site.
  • Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.
  • There are no cookies that hold your personal information unless you are authorised to log into the web site.

Controlling cookies

You can use your web browser’s cookie settings to determine how our website uses cookies. If you do not want our website to store cookies on your computer or device, you should set your web browser to refuse cookies.

However, please note if you need to log into the web site, that doing this may affect how our website functions. Some pages and services may become unavailable to you.

Unless you have changed your browser to refuse cookies, our website will issue cookies when you visit it.

To learn more about cookies and how they are used, visit All About Cookies

Controlling information about you

Data Breaches 

We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

What are Your Rights ?

If at any point you believe the information we process on you is incorrect you can request to see this information, and have it corrected or deleted. There is no charge for this. If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated at If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you can complain to the Information Commissioner’s Office

Lead for Personal Data

The lead for personal data is the Secretary. Email:

Changes to our Privacy Policy

This privacy policy may change from time to time inline with legislation or industry developments. We will not explicitly inform our members or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes. Specific policy changes and updates are mentioned in the change log below.

Change Log

10th April 2018

  • Privacy policy instigated