GDPR (General Data Protection Regulation)
- The personal data that Cadw is collecting is necessary to administer your membership contract with Cadw and provide you with membership benefits. Your personal data will only be kept for 12 months after the expiry date and then anonymised for auditing, reporting and evaluation purposes - no personal data will be retained after this time. During these 12 months you will be contacted occasionally by post or e-mail with information on membership renewal only.
- The data controller is Cadw, Welsh Government. If you have any questions please e-mail firstname.lastname@example.org and we will respond to you within 10 working days. If you want to contact the Welsh Government with a query or concern about how your personal data is being used please contact: Data.ProtectionOfficer@gov.wales
- The expiry date is when your membership has run for 12 months, or the date your membership is cancelled. Members will receive a renewal letter and form to renew after 12 months. Those paying by Direct Debit will receive a notification letter to inform you that your membership will be renewed automatically unless you instruct us otherwise, prior to the expiry of the membership.
- Cadw will share your data with Equinox, a third party agency, to administer Cadw membership.
- You have the right to:
• access the personal data that we are processing about you
• require us to rectify inaccuracies in that data
• object to or restrict processing (in certain circumstances)
• ask for your data to be erased (in certain circumstances)
• obtain and reuse your personal data for your own purposes across different services (in certain circumstances)
• lodge a complaint with the Information Commissioners Office (ICO) who is our independent regulator for data protection
- For terms and conditions of your membership please visit: cadw.gov.wales/membership