The Honourable Society of Cymmrodorion

Promoting the language, literature, arts and science of Wales

Privacy Policy

home > Privacy Policy

1. Introduction

The Honourable Society of Cymmrodorion takes your privacy seriously and is committed to ensuring that it is properly protected. This revised Privacy Policy has been drafted further to the requirements of the General Data Protection Regulation (GDPR) and is effective from 25 May 2018, when the GDPR came into force. For purposes of the GDPR, the members of the Society’s Council (the Trustees of the charity) are collectively the data controllers. The primary Data Processor is the Membership Secretary (a role currently undertaken by the Honorary Treasurer – The Honorary Secretary ( and other Officers may also process data from time to time.

Any changes that we may make to this Privacy Policy in the future will be posted on this page ( We will notify members of any significant changes but you might wish to check this page from time to time to ensure that you are aware of the most recent version of the Policy

2. The Honourable Society of Cymmrodorion

The Cymmrodorion Society exists to promote the language, literature, arts and sciences of Wales. It makes an important contribution to academic, cultural and political discourse and works to secure recognition of the nation’s contribution in contemporary society. It organises a series of regular lectures and meetings in London and Wales, encourages and supports scholarship and research, publishes an annual journal, the Transactions, and awards a medal to acknowledge the contribution of many individuals who have given distinguished service to Wales in many walks of life. The Society attracts a diverse range of individual and corporate members from across the globe. Its current membership includes men and women from all walks of life who are active in and passionate about the nation’s development and who enjoy socialising with others who also have an interest in Wales and Welsh affairs.

3. What is our legal basis for collecting, storing and using your data?

Organisations must have a valid lawful basis in order to process personal data. The Society has decided that the lawful basis for collecting, storing and processing its members’ personal data should be consent provided by those members (for example, when you first join the Society, when you complete a data consent form, or when you use the Society’s website). We may also need to collect and process your data in order to comply with the law. For example, we can pass on details of people involved in fraud or other criminal activity to law enforcement agencies.

4. When do we collect your personal data?

We collect your personal data when you:

  • first join the Society;
  • provide information in response to a request from us;
  • visit our website;
  • engage with us on social media;
  • contact us by any means with queries, complaints etc.;
  • ask one of our Officers to send you information by post or email;
  • choose to complete any surveys that we send you;
  • fill in any forms that we send you;
  • have given a third party permission to share with us the information they hold about you.

5. What personal data do we collect?

The Society collects the following information about its members:

  • Title • Name (first and family names)
  • Abbreviated professional, academic and other qualifications
  • Postal address
  • Email address (where provided)
  • Telephone number (landline – where provided)
  • Telephone number (mobile – where provided)
  • Preferred language of communication (English or Welsh)
  • Amount of subscription paid in the current year
  • Date on which the subscription paid in the current year was received
  • Method payment of subscription paid in current year (cheque, standing order, direct debit or other)
  • Whether Gift Aid may be claimed on the subscription

For current members (see section 8, below) and where records exist, a history of subscription payments and methods of payment is maintained for past years. For those members who have decided to pay by Direct Debit through the Charities Aid Foundation the Society also collects the bank account name, number and branch sortcode.

The information listed above is provided by the members themselves. In addition, for administrative purposes, all members are allocated a membership number by the Society. For your security, we provide a facility for you to change your login password whenever you wish.

Data kept on our website
Whether you are a member or not, when you visit our website, we may also collect the following information:

  • your social media username, if you interact with us through those channels;
  • contact information including email address;
  • information gathered by the use of cookies in your web browser.

Our website uses cookies to distinguish you from other users of our website. A cookie is a small file that, if you agree, we add to and store on your browser or the hard drive of your computer. It helps us to provide you with a good experience when you browse the website and also enables us to improve the site, by letting us monitor your needs, likes and dislikes. It does this by gathering and remembering information about your preferences, including which pages you find useful and which you do not. Cookies allow web applications to respond to you as an individual. They do not give us access to your computer or to any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer (but please be aware that this this might prevent you from taking full advantage of the website). Each browser is different so check the ‘Help’ menu of your particular browser to learn how to change your cookie preferences.

Our website may contain links to other websites of interest. However, once you have used these links to leave our site for another, you should note that we do not have any control over that other website. We cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites, which are not governed by this Privacy Policy. You should exercise caution and look at the privacy statement applicable to the website in question.

6. How and why do we use your personal data?

The information listed in the first paragraph of section 5, above, is stored in a database of members that is maintained by the Membership Secretary for use in the administration of the Society. The database is used for internal record keeping and in other aspects of the administration of the Society.

With your consent, and in accordance with the preferences that you have expressed, we also use the personal data that you have provided to us to contact you by surface mail and email; we might also do so in future by text or telephone. We do this in order to provide you with the information and services to which you have subscribed as a member and to keep you informed about the Society’s organisation and activities. Communication by surface mail includes circulation of the annual Transactions and communication by email includes both individual and group (including MailChimp) emails, for example with information about forthcoming lectures and other events.

You are free at any time to opt out of hearing from us by any of these means (see section 11, below).

We will use information gathered when you visit our website:

  • to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
  • to improve the services that we offer;
  • as part of our efforts to keep our site safe and secure; and
  • for internal record keeping.

7. How do we protect your personal data?

We know how much data security matters to all our members and other contacts. With this in mind we treat your data with the utmost care and take all appropriate steps to protect it. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information that we collect. In particular:

  • access to your personal data is password-protected, and any data entered into the website in encrypted by SSL;
  • we secure access to all transactional areas of our websites and apps using ‘https’ technology;
  • our website provider regularly monitors the system for possible vulnerabilities and attacks and has an additional firewall in place.

8. How long will we keep your personal data?

We only keep your personal data for as long as is necessary for the purpose for which it was collected. We retain data relating to an individual member of the Society only as long as that person remains in membership of the Society. If, for whatever reason, you cease to be a member, we will either delete your data completely or anonymise it, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis.

9. With whom do we share your personal data?

With some exceptions, we do not share your personal data with third parties without your prior consent.

The exceptions are:

  • where we use recognised third-party organisations to process financial payments from you (for example, the Charities Aid Foundation and the GoCardless organisation);
  • where we use trusted third parties to manage aspects of our work, for example postal mailings and maintenance of our website;
  • where we use Mailchimp (The Rocket Science Group, LLC) to manage email subscriber lists and send emails to our members. (You can read the MailChimp privacy policy here:

In such cases, in order to keep your data safe and protect your privacy:

  • we provide only the information such third parties need in order to perform their specific services; • they may only use your data for the exact purposes that we specify;
  • we work closely with them to ensure that your privacy is respected and protected at all times;
  • if we stop using their services, any of your data held by them will either be deleted or rendered anonymous. In addition, we may be required by law to disclose personal data to law enforcement or other regulatory or Government bodies.

If you tell us that you wish this to happen, we may also use your personal information to send you promotional information about third parties which we think you may find interesting (for example, when we are asked to circulate our members when some other relevant body wishes to publicise an event or other activity). On those occasions, it is the Society that circulates the information to the members. We do not pass the data to the other organisation.

10. What are your rights over your personal data?

You have the right:

  • to withdraw any consent that you have previously provided – if you have given us your consent to use your personal data, you can change your mind at any time and withdraw that consent;
  • to request:
  • access to the personal data we hold about you, free of charge in most cases;
  • the correction of your personal data when incorrect, out of date or incomplete (see section 11, below);
  • that we stop using your personal data for contacting you through all or some of the following: surface mail, email, text messaging, telephone; (you can cease to receive circular email messages by clicking on the “unsubscribe” button in any email communication that we send to you);
  • that we stop any consent-based processing of your personal data after you withdraw that consent;
  • that we delete all personal data relating to you (your “right to be forgotten”). You are welcome to contact us to request to exercise these rights. (See section 14, below, for contact details.)

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Policy. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.

11. How can you amend the information that the Society holds about you or ensure that it stops storing and using your personal data altogether?

If you believe that any information we are holding on you is incorrect, out of date or incomplete, please write to or email us as soon as possible, using the address given in section 14 of this Privacy Policy. We will promptly correct any information found to be incorrect.

12. How can you contact the Regulator?

If you feel that your data have not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO). You can contact the ICO by telephoning 0303 123 1113 or online at

If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.

13. Any questions?

We hope that this Privacy Policy has been helpful in setting out the way we handle your personal data and your rights to control it. If you have any further questions or comments, please do get in touch with us.

14. Whom should you contact?

For any queries or requests in relation to the Society’s Privacy Policy or the management of your personal data, please write to: The Membership Secretary The Honourable Society of Cymmrodorion 157-163 Grays Inn Road London WC1X 8UE or email:

This policy was last updated on 21 May 2018.