Privacy Policy

 

Edinburgh United Private Hire Association

  1. Introduction

This Privacy Policy explains how Edinburgh United Private Hire Association (“the Association”) collects, uses, stores, and protects personal data of its members in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

The Association is committed to protecting the privacy and rights of all members.

  1. Data Controller

For the purposes of data protection law, the data controller is:

Edinburgh United Private Hire Association

Contact Email: info@euph.uk

  1. Personal Data We Collect

We may collect and process the following information:

  • Full name
  • Contact details (email address, telephone number)
  • Licensing status confirmation (e.g., confirmation of being a licensed private hire driver in Edinburgh)
  • Membership status
  • Records of votes cast in Association decisions (anonymised where possible)
  • Correspondence with the Association

We do not collect unnecessary personal data.

  1. Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Consent – where members voluntarily provide their information.
  • Legitimate Interests – to administer membership, conduct votes, communicate with members, and represent members’ collective interests.

Members may withdraw consent at any time by contacting the Association.

  1. How We Use Personal Data

We use personal data only to:

  • Maintain a membership register
  • Communicate updates, meeting notices, and consultation information
  • Conduct votes and democratic decision-making
  • Represent members in discussions with the City of Edinburgh Council and the Scottish Government
  • Ensure the integrity and legitimacy of the Association

We do not sell, rent, or trade personal data.

  1. Data Sharing

We do not share personal data with third parties unless:

  • Required by law
  • Necessary to protect the legal rights of the Association
  • Explicit consent has been given

When engaging with public authorities, we will not disclose individual member details unless expressly authorised.

  1. Data Storage and Security
  • Data is stored securely (e.g., password-protected systems).
  • Access is limited to authorised Committee members only.
  • Reasonable technical and organisational measures are taken to prevent unauthorised access, loss, or misuse.
  1. Data Retention
  • Membership data will be retained only while a person remains a member.
  • Upon resignation or removal, personal data will be deleted within a reasonable period (e.g., 3 months), unless required for legitimate record-keeping or legal purposes.
  1. Members’ Rights

Under UK GDPR, members have the right to:

  • Access their personal data
  • Request correction of inaccurate data
  • Request deletion (where applicable)
  • Restrict or object to processing
  • Lodge a complaint with the Information Commissioner’s Office (ICO)

Requests should be made in writing to the Association’s contact email.

  1. Data Breaches

In the event of a data breach posing a risk to individuals’ rights and freedoms, the Association will:

  • Notify affected members where appropriate
  • Report the breach to the Information Commissioner’s Office if legally required
  1. Policy Updates

This Privacy Policy may be updated by majority vote of members. The latest version will be made available to all members.

Scroll to Top