The EU’s General Data Protection Regulations (GDPR) were introduced on 25th May 2018, simultaneously updating the Data Protection Act. The aim was to bring data protection legislation into line with changes in the way that data is being used. Amateur sports clubs are affected as we collect and use personally identifiable data within the EU.
WE TAKE YOUR PRIVACY SERIOUSLY
When you become a member of, or renew your membership with Velo Club Norwich (VCN) you will be registered in the secure membership area of the club website using British Cycling’s Club Manager tool.
VCN do not store any information classified as ‘Sensitive Personal Data’, only information classified as ‘Personal Data’. All of your personal data is stored in a secure manner, and none of your data is publicly accessible.
WHO HAS ACCESS TO DATA
Authorised club officers are able to view your complete membership profile on the club manager membership tool, and only in order to fulfil their role as an officer of the committee.
We only use the data to allow the club to function. We do not share data with any other organisations except in the case of an accident, for insurance or legal purposes, or for proving compliance with governing body rules and regulations, at their request. Cycling governing bodies are British Cycling and Cycling Time Trials.
THE LAWFUL BASIS FOR STORING YOUR DATA
To store peoples’ personal data, we need a Lawful Basis for doing so. VCN’s Lawful Basis is that we need some data in order to run the club in which you are a member or a guest, taking part in the club’s organised activities such as club runs.
We need to be able to contact you, so we use your email address in order to direct communication to you alone. This is to send you details of your registration, to remind you (if you are a member) about due payments and to pass on general club news. We do not share your email address with anyone else. We store your emergency contact name and number so that we can contact a member of your family or a friend should you have an accident whilst taking part in a club activity. We store your telephone number so that we can contact you if we have any difficulty reaching you by email.
DATA POINTS WE RECORD
The following details are stored:
- your name;
- your address;
- your gender;
- your date of birth;
- your email address;
- your telephone number;
- an emergency contact name and their contact number;
- a parent or guardian’s name (if you are under 18).
AUTOMATIC REMOVAL OF DATA
Members leaving the club through not renewing will automatically have all personal information removed 12 months after the date which membership lapses. The club’s membership by definition runs from 1st January to 31st December, therefore if you do not renew for the calendar year commencing 1st January 2019, your data will be erased on or soon after 1st January 2020 whenever it is practicable for the Membership Secretary to do so.
Your name and age will remain if you have had any competitive results published, as completely removing you will affect the ranking of past results, and this information will already be in the public domain via British Cycling and Cycling Time Trials.
WHO IS THE DATA PROTECTION OFFICER?
We are a small club and do not process large amounts of sensitive personal details, so we are not required to appoint a DPO. However, we still take your data protection seriously and VCN’s committee will be responsible for ensuring that the club maintains its obligations under GDPR.
We may send you periodic compact newsletters by email through the club manager tool and may sometimes contact you to ask for information or to share news about activities which may interest you.
We create and store these emails on the same secure system which stores your general data. We do not see your email address, as this is all done within the club manager tool.
Your rights under GDPR are not affected by using British Cycling’s Club Manager membership tool, which we hope will be of benefit to everyone, by being a centralised, access controlled, up-to-date resource.
EXTERNAL DATA OVER WHICH WE HAVE NO CONTROL
We also maintain a facebook group, Instagram page, and twitter account. Matters of GDPR for these sites are outside of our control, as they are run by facebook, Instagram, and twitter respectively.
Please refer to the Governing Bodies’ privacy policies for information on how they process data for events and activities held under their regulations.
British Cycling https://www.britishcycling.org.uk/privacynotice
Cycling Time Trials https://www.cyclingtimetrials.org.uk/articles/view/318
Feel free to contact us if you have any questions on this subject. Please contact a member of the committee, or email firstname.lastname@example.org