General Data Protection Regulations (GDPR)
The General Data Protection Regulations (GDPR) came into force on 25 May 2018. These regulations apply to any organisation, including small sport and social clubs which collect, retain and use personal information which is defined as any information about any living person. The regulations apply equally in respect of paper records and information held electronically.
The Office of Information Commissioners are responsible for overseeing and enforcing the regulations and can impose severe fines in the case of serious data breeches. Non compliance is simply not an option.
Currently, with the exception of a few long standing members, the club holds limited information on all members. This basic information includes names, addresses, email addresses, contact telephone numbers, dates of birth, emergency contact details, and can include brief details of relevant medical conditions as provided on membership application forms. Club bank statements will also include bank account details of members who have paid their club subscriptions electronically.
The club have never disclosed member’s personal information to third parties for marketing or other purposes, nor is it likely that we would do so in the future except with the expressed consent of the member. We have however circulated information to members about promotions by or offers from our official club sponsor, JE James Cycles Ltd and from British Cycling.
The club committee have reviewed our use and management of information and have implemented several changes:
- We have produced a RWCC privacy policy which explains how we use member’s personal information, our reasons and the legal basis for doing so, subject’s rights in respect of their data and who to contact in the event of concern or complaint. The privacy policy is available by clicking on the drop down menu on the HOME page on the club website.
- We have amended our membership application form to include consent […]