Privacy Policy

The Royal African Society's Privacy Policy as of 25 May 2018

The Royal African Society is committed to protecting your privacy and to being transparent about the information we hold about you. Using personal data helps us as a charity to engage with, and develop a better understanding of, our members, audiences, partners and supporters.

In accordance with the General Data Protection Regulation (GDPR), the Royal African Society is a data controller. This means we decide how your personal data is processed and for what purposes as governed by the GDPR regulation and other applicable data protection laws.

This Privacy Policy explains how we collect, use, share and protect your personal data.  We may make changes to this Privacy Policy from time to time and will make any material changes available to you on our website or by other means. This policy explains:

  1. Who we are
  2. How we collect your data
  3. How we process your data
  4. Legal basis for processing your data
  5. Sharing of your personal data
  6. How long we keep your data
  7. How we protect your personal data
  8. Your legal rights under GDPR
  9. Contact details
  10. Web pages covered by this policy
  11. Cookie Policy
  1. Who are we?

The Royal African Society is a charity (number 1062764) registered in England and Wales. Based in London, we are a membership organisation that provides opportunities for people to connect, celebrate and engage critically with a wide range of topics and ideas about Africa today. Through our events, publications and digital channels we share insight, instigate debate and facilitate mutual understanding between the UK and Africa. We amplify African voices and interests in academia, business, politics, the arts and education, reaching a network of more than one million people globally.

  1. How do we collect your data?

Personal data means any information about an individual from which that person can be identified. We collect personal data when you engage with us either online, in person or over the phone. We collect your personal data in the following instances:

  • When you apply for or renew your Royal African Society membership.
  • When you register or book to attend an event.
  • When you register your profile on our website or sign up to any of our newsletters.
  • When you make an individual donation on our website. 
  • Through networking at meetings and events and/or introductions.  

We collect some or all of the following personal data in the above instances: Username, Email Address, Title, Name, Surname, Position, Company/Organisation, Address, Phone Number, Mobile Number, Gender, Age, and Interests and Preferences. 

This personal data is collected based on active consent from you, the data subject, when you provide us with your details online, in person or over the phone. This data is stored in our secure Client Relationship Management system and database, which can only be accessed by a select number of Royal African Society staff.

We use MailChimp as our marketing platform, so we send data to MailChimp for processing in accordance with their Privacy Policy and Terms. We also use Eventbrite as our event management and ticketing platform and your personal data is processed in accordance with their Privacy Policy.

When carrying out evaluation and monitoring surveys, we collect a Special Categories of Personal Data about you (including details about your ethnicity and sexual orientation). However, this data is anonymised and not saved against your personal records. We also collect, use and share Aggregated Data such as statistical or demographic data for research purposes. Aggregated Data may be derived from your personal information, but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website. However, if we connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.

  1. How do we process your personal data?

We only collect information that is necessary for the Royal African Society to deliver its charitable objectives. There are four main types of interaction you may have with us - as Partner or Supporter, Member, Audience Member, or an individual interested in our news, activities and programmes. Based on those that apply to you, we collect and use your personal data for the following purposes:

  • To provide information about the events/programmes you have expressed an interest in
  • To manage our relationship with you and administer your membership account
  • To provide the benefits defined through membership
  • To book places at RAS events including the delivery of the event and necessary follow-up
  • To carry out monitoring & evaluation and regulatory reporting
  • To meet internal operational requirements
  • To investigate and resolve complaints
  • To verify your identity
  • For audit purposes
  1. What is the legal basis for processing your personal data?

We process your personal data based on the following legal grounds:

  • To deliver our contract with you in relation to the Society’s membership
  • Where we consider that, on balance, it is appropriate for us to do so
  • To comply with our legal obligations
  • Where we have received your consent
  • Where it is in the public interest
  1. Who do we share your personal data with?

The Royal African Society will never share, sell, rent or trade your personal information to any third parties for marketing purposes without your prior consent. We may ask for your consent to share personal information with organisations we have partnered with, but these requests will be specific to the individual organisation so that your consent decision is informed. 

We use a number of service providers who act as data processors in order to help us deliver our events and other charitable objectives. These organisations are obligated to act on our instruction in relation to their use of your personal data and do not have any control over your data in their own right. We ensure they act in accordance with our instructions and that they put suitable security measures in place to adequately protect your data. The main data sharing relationships the Royal African Society currently has are with Mailchimp and Eventbrite (as described above). 

  1. How long do we keep your personal data?

We retain your personal data for as long as it remains necessary with regards to the purposes for which it was collected.  We hold members’ personal data through the duration of their membership and up to 5 years after the membership lapses; we hold partners’ and supporters’ personal data for as long as the partnership is active and up to 5 years after the partnership lapses; and we hold newsletter subscribers’ personal data son long as they are opted-in.   

  1. How do we protect your personal data?

The Royal African Society is committed to protecting the personal information you entrust us with. We implement appropriate measures, including both physical and technical safeguards, so the information we have about you is protected from unauthorised access and improper use. We have a governance model that ensures adequate policies, procedures and controls are in place to manage the risks.

  1. What are your rights under GDPR?

Under the GDPR regulation you have the following rights:

  • You have the right to access, rectify or request erasure of your personal data
  • To ask us to restrict the processing of your personal data
  • To request the portability of your personal data
  • To object, on grounds relating to your specific situation, where the processing of your personal data is based on a legitimate interest basis
  • You have the right to withdraw consent of any direct marketing to which you have already opted-in
  • You have the right to lodge a complaint with the UK’s supervisory body, The Information Commissioner’s Office.

N.B. Not all of the above rights apply in all circumstances. If you wish to exercise any of these rights, we will explain at the time if they apply or not.

  1. How can you contact us?

If you have any questions or concerns about our use of your personal data, please contact us at The Royal African Society, 36 Gordon Square, London WC1H 0PD or at ras@royalafricansociety.org

      10. Web pages covered by this policy

This policy applies to all information collected or submitted on the Royal African Society domain www.royalafricansociety.org and its subdomains, as well as parts of the website, where you can create an account, comment on blogs, sign up for newsletters, enter competitions and book tickets for events as well as information collected automatically by cookies, if enabled. The Royal African Society is not responsible for the privacy policy of services on third party websites. You should refer to the appropriate privacy policies of each individual third party website for further information about them and their terms. 

      11. Cookie Policy

Some sections of the RAS website use cookies. Cookies are small, text-only strings of data which store information on the hard drive of your local computer or mobile device when you visit some websites. Our cookie policy details what cookies we use and the options you have when visiting this website.

25 May 2018