Hurst Horticultural Show

Data Protection and Privacy Policy:

The Society ensures that personal information given to it is protected from unauthorised access and only used for:

● The purpose of processing show entries to organise site layout and judging sheets.

● Recording of class and trophy winners because there is a legitimate interest in keeping and publishing show records.

● Sending of notices by email of its meetings, shows or events to previous entrants and those that have specifically asked because it is reasonable to assume they may be interested in participating again. (This view is only valid if information sent is strictly limited to the Society´s core activities)

● Personal information is not used for marketing and never shared with anybody, unless required by law.

Protection is assured by:

● Having documented data protection procedures and keeping proof these are followed.

● Appointing a Data Controller responsible for regularly maintaining this Policy, and Data Processors responsible for ensuring that processing is done as documented.

● Regularly analysing where and how information is stored and processed to ensure all risks to personal information are properly identified, understood and appropriate protection measures taken. The analysis is recorded in the personal data map.

● Ensuring there is a legal basis for each process that uses personal information.

● Regularly removing the personal data of an inactive person from the email reminder list, and also if requested to do so by the recipient. Usually someone is regarded as inactive if they have not entered a show or attended an event or meeting for 3 years.

● Ensuring that all Society officers that hold and process information are regularly trained in protection measures, and that this includes the process of ensuring a prompt notification of any breach to the Information Commissioners Office as required by law*.

● Giving details about what information is held on a subject on request by that person.

● Never sharing personal data with third parties.

● Never sending direct or indirect marketing information (i.e. events or products not directly related to the Society´s core activities)

● Ensuring the email and web server provider gives written assurance of compliance with appropriate security and privacy standards to enable the Policy to be delivered.

● Not holding or processing data outside the EU.

● Not collecting information on visits to the website through logs or cookies that can be attributed to a person.

Awareness, Objections and Data Requests

● Awareness of the policy is ensured by publishing it on the website and displaying notices about it on email communications, entry forms and show schedules.

● Anybody can object to the Society´s use of their personal data by contacting the Data Controller to have it removed from the Society´s data stores, and if this is not possible an explanation will be given.

● Anybody can request details of what information is held on them.

● All questions relating to data protection and privacy should be sent to the Data Controller at the email address below. If this does not result in a satisfactory resolution the ICO's office can be contacted and details are on its website:

Data Controller - Frank Whittaker, email:

Data Processor, mailing and website - Keith Attfield

Data Processor, show entries and results - Paul Martin

* The relevant UK law is the General Data Protection Regulations that replaced the Data Protection Act on 25 May 2018. See the Information Commissioners website:

Frank Whittaker - Data Controller and Society Secretary 17/05/2018