IANAL, but after studying the regulations, consider the privacy policy from your users' point of view. They probably know what you are going to do with the information, and also what you are doing to protect their information from unauthorized used by others into whose hands it could fall.
For example, do you intend to use the email addresses for sending them promotional messages? Do you have an opt-out policy? Would you ever consider selling your email list? It could have some commercial value due to the special interest (photography) of the users. Can you promise never to sell their email addresses? Or if you can't promise that, can you promise to warn them before you do that?
Would you ever release personal information about the user who posted a particular photo? Even an innocuous-looking photo of a couple or a child could have unforeseen consequences if the identity (and location) of the photographer were revealed.
Think also of the viewpoint of the club leadership. They don't want to get in trouble with their club members because you have released (or sold) their personal information, or the club's membership list.
To earn the trust of the club leaders and members, consider stating your policy clearly. Mention that the policy might change. You could give the member the option of declaring that all of their personal information will be kept confidential.
If you are seeking to expand your website, you will benefit from having your user's trust.