Dundee Class of 1986

Privacy Notice

Last updated: 7 May 2026

This notice explains how the Dundee Class of 1986 Reunion Committee (“we”, “us”, “the Committee”) collects and uses personal information when you visit dums86.co.uk, register as a member, complete a profile, upload photos, or contact us. We are committed to handling your information carefully and in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

The Dundee Class of 1986 Reunion Committee is an informal group of graduates of the University of Dundee’s Class of 1986. We run this website to help classmates reconnect ahead of, and after, the 40th reunion.

For the purposes of UK data protection law, the Committee is the data controller for personal information collected through this website. You can contact us at admin@dums86.co.uk.

2. What information we collect

We only collect information that you choose to provide. The categories below cover everything held by the website.

When	What we collect
You register for an account	First name, last name, username, email address, an account password (stored only as a one-way hash — we never see it in plain text), and the invite code you were given. We also record the date and time you ticked the consent boxes.
You complete or edit your profile	Display name, current surname (if different from your graduation name), a contact email you choose to share with classmates, your home address, free-text answers to “Where are you now?”, “What have you been up to the last 40 years?” and “Significant memories of your time at Dundee?”, a profile photo, links to your social-media or web profiles (Facebook, Instagram, WhatsApp, etc.), and the per-field privacy settings you set.
You upload personal photos to your profile	Up to ten images and the captions you add to them.
You upload to the shared gallery	The image, any caption you add, and a flag showing whether you’ve marked it as visible to the whole class.
You send a message through our contact form	Your name, email address, subject and message. The message is emailed to the Committee at admin@dums86.co.uk.
You use the site	Standard server log data created automatically by our hosting provider, including your IP address, browser type, the pages you visited, and timestamps. This is used to keep the site secure and running properly.

We do not deliberately collect any “special category” data (such as information about health, religion, or political opinions). Please bear in mind that the free-text fields on your profile are visible to other verified members — only share what you’re comfortable with classmates seeing.

3. Why we use it and our lawful basis

Under the UK GDPR we must have a lawful basis for using your personal information. The bases we rely on are:

• Your consent (Article 6(1)(a)) — for storing your profile information and sharing it with other verified members, and for sending you reunion-related email notifications. You give this consent by ticking the boxes on the registration form, and you can withdraw it at any time (see “Your rights” below).
• Legitimate interests (Article 6(1)(f)) — for administering the website, reviewing membership applications, moderating photos, responding to messages sent through the contact form, and keeping the site secure. Our interest is running a useful and trustworthy reunion site for classmates; we’ve considered your interests and don’t believe this use overrides your rights.

We do not use your information for advertising or for any automated decision-making.

4. Who can see your information

Your information is shared in three limited ways:

• Other verified members. Once an administrator has approved your registration, your profile and any photos you’ve uploaded become visible to other members who are signed in to the Members Area. Each profile field has a privacy toggle so you can hide individual items (for example, your home address or contact email). The directory is not accessible to the public, search engines, or unapproved registrants.
• Committee administrators. A small number of Committee volunteers have administrator access to approve registrations, moderate photos, and respond to enquiries. They can see all profile data.
• Our hosting provider. The website is hosted by Hostinger, who store the underlying website database, files and email on our behalf. They act as our processor and are bound by their own data protection obligations. Data may be processed in the European Economic Area or in other countries with equivalent safeguards under their standard contractual terms.

Before you enter the Members Area for the first time, you are asked to agree not to share, screenshot or distribute any member information outside the platform. Please honour that — it’s the only thing keeping classmates’ details private.

We do not sell your information, and we do not pass it to advertisers, marketing companies, or any third party for their own purposes.

5. Yearbook entries and historic data

The Members Area includes a digitised version of the original 1986 University of Dundee yearbook. This contains names and photographs of people who graduated with the class. Where a former classmate has registered as a member, their yearbook entry is linked to their account and they control its visibility through their profile. Where an entry has not been claimed, it remains in the yearbook for historical reference and is visible only to verified members of the Members Area.

If you appear in the yearbook and would prefer your entry to be hidden or removed, please email us at admin@dums86.co.uk and we will action your request promptly.

Some yearbook entries are marked “In Memoriam” for classmates who have passed away. UK data protection law does not apply to information about deceased people, but we treat these entries with respect and will remove or amend them at the request of a family member.

6. How long we keep your information

• Member accounts and profiles are kept for as long as you remain a member, and for a reasonable period after the reunion to allow classmates to remain in touch. You can ask us to delete your account at any time.
• Photos you have uploaded are kept for the same period as your account, unless you delete them yourself or ask us to do so.
• Contact-form messages are kept in our email inbox for up to two years and are then deleted.
• Server logs are kept by our hosting provider for a short period (typically 30–90 days) for security and troubleshooting.

7. How we protect your information

• The Members Area, including the directory and the gallery, is only accessible to logged-in members whose accounts have been approved by an administrator.
• Photographs are stored in a directory protected by web-server access rules, so they cannot be loaded directly by guessing a URL.
• Account passwords are stored using one-way cryptographic hashing — we cannot read them, even if we wanted to.
• The website is served over HTTPS so traffic between your browser and the site is encrypted.

No website is completely secure. If we ever discover a personal data breach that is likely to put you at risk, we will notify you and the Information Commissioner’s Office in line with our legal obligations.

8. Cookies

This site uses a small number of essential cookies set by the underlying WordPress platform. These are needed to log you in and to remember your preferences during your visit. Typical examples are wordpress_logged_in_*, wordpress_sec_* and wp-settings-*.

We do not use Google Analytics, advertising cookies, social-media tracking pixels, or any other third-party tracker. Because the cookies we set are strictly necessary for the site to work, no separate consent banner is required under UK law (PECR).

9. Your rights

Under the UK GDPR you have the following rights in relation to your personal information:

• Access — ask for a copy of the information we hold about you.
• Rectification — ask us to correct inaccurate or incomplete information. (You can also edit most of your profile yourself in the Members Area.)
• Erasure — ask us to delete your account and personal information.
• Restriction — ask us to pause processing of your information in certain circumstances.
• Objection — object to processing we carry out on the basis of legitimate interests.
• Data portability — receive a copy of the information you provided to us in a portable electronic format.
• Withdraw consent — where we rely on your consent, you can withdraw it at any time. Withdrawing consent doesn’t affect the lawfulness of anything we did before you withdrew it.

To exercise any of these rights, email us at admin@dums86.co.uk. We will respond within one calendar month and will not normally charge a fee.

If you are unhappy with how we have handled your information, you have the right to complain to the UK’s data protection regulator, the Information Commissioner’s Office (ICO):

• Website: ico.org.uk
• Helpline: 0303 123 1113
• Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We’d appreciate the chance to put things right first — please get in touch with us before contacting the ICO.

10. Changes to this notice

We may update this notice from time to time, for example if we add new features to the website or change how we handle data. The “Last updated” date at the top of the page will always show the current version. If we make material changes, we will let registered members know by email.

11. How to contact us

For any privacy questions, requests or concerns, please email the Committee at admin@dums86.co.uk. Please put “Privacy” in the subject line so we can route your message to the right person.