1. Content of Member Information BMLS shall ensure that:
1.1. Member information shall be obtained only for the purpose of delivering and improving the Services and will not be processed in any manner incompatible with this purpose. 1.2. Member information shall be adequate, relevant, and not excessive in relation to the abovementioned purpose for which it is collated and/or processed. 1.3. Member information shall be accurate, and where necessary kept up to date and reasonable steps shall be taken to ensure that information which is inaccurate and/or incomplete, having regard to the purpose for which it was collected, is erased or rectified.
1.4. Member information shall be kept in a format which permits identification for no longer than necessary for the purpose for which the information was collected or
2. Member Consent Member information may only be processed if:
2.1 The member has unambiguously given his consent; or 2.2 Processing is necessary for: 2.2.1 The performance of a contract to which the member is a party; or 2.2.2 In order to take steps at the request of the member prior to entering into a contract; or 2.2.3 For compliance with legal obligation to which BMLS is subject; or 2.2.4 The performance of a task carried out in the public interest or in the exercise of official authority vested in the recipient; or 2.2.5 For the purpose of legitimate interest pursued by BMLS, except where such interest is overridden by the interest for fundamental rights as reflected in the constitution.
3. Access to Member Information BMLS shall ensure that: 3.1 Access to, or disclosure of member information will not be authorised without the documented commitment of the intended recipient so as to maintain confidentiality and the rightful use of such information. 3.2 Access to member information by BMLS personnel, contract workers, consultants, service providers or suppliers will be restricted to the level of access needed to
affectively perform delegated or contracted duties and/or the level of service needed to render a reliable and effective service to BMLS members.
4. Preventative Measures BMLS shall ensure that appropriate technical and organisational measures shall be taken against unauthorised access, processing, and disclosure of member information.