Last updated: June 2026. This policy explains how the Storage Scale User Group handles personal data under UK GDPR and the Data Protection Act 2018.
Who we are
The Storage Scale User Group (“the User Group”, “we”, “us”) is an independent, volunteer-run community for users of IBM Storage Scale (also known as GPFS). We are supported by IBM but operate independently; we are not IBM, and we are not OCF or any other commercial sponsor.
For the purposes of UK GDPR, the Storage Scale User Group committee is the data controller for the limited personal data described below. IBM, OCF, event sponsors and our service providers are not controllers of the data we hold about our members; where they process data on our behalf they act as our processors, and where they collect data directly from you (for example on their own websites) they are responsible for that data under their own policies.
The Storage Scale User Group is based in and managed from the United Kingdom, and this policy is governed by UK law. We also have regional chapters (for example in the USA and Australia). Local chapters may run their own privacy arrangements for their local activities and events; where that applies, it will be made clear at the point you sign up locally.
Our approach: we collect as little as possible
We are a community group, not a commercial organisation. If you simply browse this website we do not ask you for, or store, any personal data about you beyond the minimal cookies described in our Cookie Policy. We only hold personal data about you if you actively choose to engage with us, for example by joining the group, subscribing to the mailing list, or registering for an event.
What we collect, and why
- Joining the group / mailing list: your name and email address, so we can send you group news, event invitations and announcements. Lawful basis: your consent, which you give when you sign up and can withdraw at any time.
- Event registration: details needed to run an event (e.g. name, email, organisation, dietary or accessibility requirements). Lawful basis: consent and our legitimate interest in organising community events.
- Contacting us: if you email us or use a contact form, we keep your message and contact details to respond.
- Website analytics & cookies: limited, as set out in our Cookie Policy.
We do not sell personal data, and we do not use it for advertising.
Who we share it with (our processors)
To run the group we use a small number of third-party services that may process your data on our behalf as processors, for example: our website host, an email/mailing-list provider, event-registration tools, and community platforms such as Discord. We only share what is necessary, and only for the purposes above. Some of these providers are based outside the UK (for example in the USA); where that is the case we rely on appropriate safeguards such as the UK extension to the EU-US Data Privacy Framework or standard contractual clauses.
If you choose to join a third-party community (such as Discord) or register on a sponsor’s or IBM’s own site, you provide your data to them directly and their own privacy policies apply.
Events have their own privacy terms
Each event you sign up for usually has its own privacy notice, which may apply in addition to this one. Depending on the event, the organisers, venue and partners involved may need your details for things such as:
- venue or building access, security and site sign-in;
- catering, dietary or accessibility requirements;
- name badges and attendee lists;
- sponsors receiving attendee details for a one-off marketing follow-up, where you have agreed to it;
- health and safety, insurance or travel and accommodation arrangements;
- photography, filming or live streaming at the event.
The exact details vary from event to event, so please read the privacy notice on the event sign-up page before you register. Where a third party such as a sponsor, venue or event platform collects your details directly, they are responsible for that data under their own privacy policy, and they may keep it even if you later leave the User Group.
How long we keep it
We keep mailing-list and membership data for as long as you remain a member or subscriber. You can unsubscribe or ask us to delete your data at any time. Event data is kept only as long as needed to run and report on the event.
Your rights
Under UK GDPR you have the right to access, correct, erase, restrict or object to our use of your personal data, and the right to data portability and to withdraw consent at any time. To exercise any of these, contact us (see below). You also have the right to complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk.
Security
We take reasonable measures to protect the limited personal data we hold and restrict access to committee members who need it to run the group.
Changes to this policy
We may update this policy from time to time; the “last updated” date above will change accordingly.
Contact
For any privacy question or to exercise your rights, please contact the Storage Scale User Group committee via our contact page.
