The following statement on the collection and use of data was adopted by the General Council of RIBI on the 25th / 26th October 2004:
RIBI Collection and Use of Personal Membership Data
As part of its effort to assist clubs and districts and facilitate communication with Rotarians, Rotary International in Great Britain and Ireland collects personal information about Rotary club members, and their partners and associates where appropriate, to be used solely for the purpose of conducting the following core business activities:
- Preparing the annual RIBI, Rotaract and Interact Directories
- Calculating semi annual dues payable to Rotary International
- Identifying prospective candidates for presidential and Foundation appointments to conferences, RIBI, RI and TRF committees, task forces, and other assignments
- Supporting The Rotary Foundation
- Providing information and updates to district governors, district officers and others involved in RI and RIBI programs and service projects
- Providing goods and services to clubs and districts for their general activities
- Providing guidance to clubs and districts in their general activities and public relations efforts
- Communicating key organisational messages and information to district leaders and to clubs for dissemination at the club level
- Facilitating conference, assembly and special event planning
- Supporting THE ROTARIAN and the RIBI regional magazine "Rotary"
- Identifying Rotarians who have specific language and/or professional skills
RIBI Secretariat follows the code of conduct for the principles of the Data Protection Act
which requires data to:
- Be obtained fairly and lawfully
- Be held only for specific purposes
- Not to be used or disclosed incompatibly with those purposes
- Be accurate and kept up to date
- Be kept no longer than necessary
- Be made available to data subjects on request
- Be appropriately protected against - unauthorised access, alteration, disclosure and destruction and accidental loss.
Note: The Executive of RIBI noted at their meeting of December 18th/19th December 2007 that data specifically referencing credit card details be destroyed after a period of 3 months had elapsed from the date of the event that the details had been used for.