Carnethy HRC Privacy Policy
1. About this Policy
This policy explains when and why we collect personal information about our members, how we use it and how we keep it secure and your rights in relation to it.
For the purposes of the GDPR, Carnethy HRC will be a “controller” of the personal information that you provide to us.
Carnethy HRC is a company limited by guarantee incorporated in Scotland with registered number SC492072 and having its registered office at Munro Cottage, Loanstone, Penicuik EH26 8PH
2. What we need
When you register as a member of Carnethy HRC or renew your membership (including if you are registering or renewing on behalf of a child under the age of 18) we will ask you for the following personal information:
Contact details (name, address, email address) Personal information (date of birth, gender)
Membership criteria (for example racing/running club, social/family membership)
Payment details (payment card details, bank account number/sort code) Emergency contact details
3. Why we need your personal information – contractual purposes:
We need to collect our members’ personal information so we can manage your membership. We will use our members’ personal information to:
Provide you with core member services including creating and managing the club’s membership directory.
Send you membership communications by email in relation to essential membership services including, but not limited to, general meeting notices, membership renewals, organisation of club events and external competitions.
Be able to contact your nominated person in case of emergency.
Formulate club teams for races and for relays.
If you do not provide us with all the personal information that request, it may limit our ability to offer the above membership services and benefits.
4. Why we need your personal information – legitimate purposes:
We will also process our members’ personal information in pursuit of our legitimate interests to:
Promote and encourage participation by sending members communications and information of competitions and events.
Promote participation in fell running by managing entries for our competitions and externally organised relays and checking your personal information is correct to ensure you are entered into the correct category.
Our competitions and events may be filmed or photographed and these images may be used on the club website and social media.
Respond and communicate with members regarding comments, support needs or complaints.
Where we process your personal information in pursuit of our legitimate interests, you have the right to object to us using your personal information for the above purposes. If you wish to object to any of the above processing, please contact us on secretary@carnethy.com If we agree and comply with your objection, this may affect our ability to undertake the tasks above for the benefit of you as a member.
5. Why we need your personal information – legal obligations
We are under a legal obligation to process certain personal information relating to our members for the purposes of complying with our obligations under:
The Companies Act 2006 to maintain a register of our members, which includes our members’ name, address, the date they were admitted to membership and the date on which they ceased to be a member, and hold general meetings, including issuing notices and voting arrangements.
The Protection on Vulnerable Groups (Scotland) Act 2007 The Equality Act 2010
Our Sport Scotland and Scottish Athletics regulatory requirements
6. Other uses of your personal information
We may occasionally ask you if we can process your personal information for additional purposes. Where we do so, we will provide you with an additional privacy notice with information on how we will use your information for these additional purposes.
7. Who we share your personal information with
We may be required to share personal information with statutory or regulatory authorities and organisations to comply with statutory obligations. Such organisations include Police Scotland, Health and Safety Executive and Disclosure Scotland and Companies House.
We may also share personal information with our professional and legal advisers for the purposes of taking advice.
Carnethy HRC employs third party suppliers to provide services including membership and race entry. These suppliers may process personal information on our behalf as “processors” and are subject to written contractual conditions to only process that personal information under our instructions and protect it.
Carnethy HRC may also share personal information with other clubs to coordinate relay race entries.
We publish the results of competitions on our website. This includes competitors’ names, category and result, and may include photographic or video recordings.
In the event that we do share personal information with third parties, we will only share such personal information strictly required for the specific purposes and take reasonable steps to ensure that recipients shall only process the disclosed personal information in accordance with those purposes.
8. How we protect your personal data
Your personal information is stored electronically via a GDPR compliant secure cloud server (Dropbox), access to which is password protected. It is also stored electronically with EntryCentral on a collection of dedicated servers in Germany (Entry Central Privacy Policy: https://www.entrycentral.com/terms-and-conditions/privacy)
9. How long we keep your personal information
We will only keep your personal information for as long as necessary to provide you with membership services. We will review and remove your personal information from our Entry Central records where you have not renewed your membership with us for the subscription year and will remove you from our mailing lists.
We will keep certain personal information of members for longer in order to confirm your identity and when you were a member of Carnethy HRC. We need to do this to comply with the Companies Act 2006, which requires us to keep a register of members in event of a claim against Carnethy HRC.
10. Your rights
You can exercise any of the following rights by writing to us at secretary@carnethy.com or to the club’s registered address. Your rights in relation to your personal information are:
You have the right to request access to the personal information that we hold about you by making a “subject access request”
If you believe that any of your personal information is inaccurate or incomplete, you have a right to request that we correct or complete your personal information.
You have a right to request that we restrict the processing of your personal information for specific purposes and
If you wish us to delete your personal information, you may request that we do so; we will then retain only such information as is necessary to comply with our legal requirements.
Any requests received by Carnethy HRC will be considered under applicable data protection legislation. If you remain dissatisfied, you have a right to raise a concern with the Information Commissioner’s Office at https://ico.org.uk/concerns/

Website:
Carnethy.com uses WordPress to build the site.
By default WordPress does not collect any personal data about visitors, and only collects the data shown on the User Profile screen from registered users (site admins, editors etc, who have to log in).
All uploaded files are usually publicly accessible. Photo EXIF information (including location) is almost invariably lost in the process of compression. GPX files show location by definition.
Cookies
For Admins, editors and authors:
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
For viewers of the site:
This is an auto-generated list of the cookies that WordPress might place on your computer.
Cookie | Type | Duration | Description |
---|---|---|---|
None found |
Who we share your data with
By default WordPress does not share any personal data with anyone.