GDPR Statement

To enable us to validate and maintain your membership an amount of personal data will be processed to ensure (i) your right to join the Mental Health Lawyers Association (MHLA) and; (ii) your continued membership of MHLA. This data will be processed using both consent and contractual obligation as the legal basis for processing under the General Data Protection Regulation (EU) 2016/679 [hereinafter referred to as GDPR], Article 6. The MHLA will treat that personal data fairly, responsibly and in a transparent manner.

Documents proving your membership eligibility for the MHLA must be kept on file for the duration of your Association Membership. You have the right to request us to delete those documents from your file, by doing so we will not be able to further extend your membership and your membership will be deemed lapsed without refund.

The MHLA will process your personal data in a manner that is legal, effective and efficient. We will apply ethical best practice at the root of decision making, while protecting your privacy and confidentiality, as described in our Data Protection, Confidentiality and Website Privacy Policies. A full version of the MHLA’s Policies is available online on the website, in print, or on request from our administrative office, c/o PO Box 302, Cheadle, SK8 4EH. Headquarters.

The General Data Protection Regulation gives you the following rights regarding the processing of your personal data:

Right to be informed about how your data is processed and why in a concise, transparent, intelligible and easily accessible way.

Right to access your personal data and verify the lawfulness of the processing.

Right to rectification if the personal data we hold about you is inaccurate or incomplete.

Right to erasure or removal of your personal data where there is no compelling / legal / financial reason for its continued processing.

Right to restrict processing, to ‘block’ or suppress processing of your personal data.

Right to data portability allows you to receive your personal data we hold in a structured, commonly used and machine-readable format, and to transmit those data to another data controller.

Right to object to processing your data based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing or processing for purposes of scientific/historical research and statistics.

Rights related to automated decision making. The MHLA does not employ automated decision-making processes.

The MHLA’s Data Compliance Officer (DCO) is the Secretary of the Association and is responsible for protecting the personal data held by the MHLA by ensuring the Association has a suitably robust information governance function, supported by appropriate policies and processes. You can contact our DCO via email at

The MHLA takes the security of our member’s personal data very seriously, and we require all Officers, committee members and contractors (inter alia) to treat personal data with strict confidentiality. All the appropriate technical and organisational measures are in place to ensure a secure environment for information held both manually and electronically.

The MHLA  will hold personal data no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as described by GDPR in order to safeguard the rights and freedoms of individuals; or if it is necessary in order to comply with a legal obligation.

May 2018