GDPR Policy
Policy
Romsey Bowling Club’s General Data Protection Regulations Policy sets out its commitment to protecting personal data and how we implement that commitment with regards to the collection and use of personal data. Romsey Bowling Club (the Club) is committed to ensuring that it complies with the General Data Protection Regulations principles, as listed below:
- Meet its legal obligations as laid down by the General Data Protection Regulations.
- Ensure that data is collected and used fairly and lawfully.
- Process personal data only in order to meet its operational needs or fulfil its legal requirements.
- Take steps to ensure that personal data is up to date and accurate.
- Establish appropriate retention periods for personal data.
- Provide members with access to their personal information upon request.
- Abide by Article 15, granting members the right to have their personal information erased.
- Provide adequate security measures to protect personal data.
- Ensure Computer Security Software is current.
- Ensure computers containing personnel information have their passwords changed on a regular basis.
- Ensure that a nominated member is responsible for data protection compliance and provides a point of contact for all data protection issues.
- Ensure that all members are made aware of good practice in data protection.
- Ensure that queries about data protection, internal and external to the Club, are dealt with effectively and promptly.
- Regularly review data protection procedures and guidelines within the Club.
- Ensure that everyone handling personal data knows where to find further guidance.
Data Protection
Personal Data is any data which may be used to identify, contact or locate a single person. The Club holds for all members their name, address, post code, home and, where known, mobile phone number, as well as email addresses. This information is held on personal computers by those club officials with the need to process such information, principally the Honorary Treasurer and Honorary Secretary. Names and phone numbers are made available to all members on the Club Fixture booklet. Information on date of birth is held only for Junior members. Where members have declared a disability, this information is held in hard copy form. No financial information (e.g. Bank details) is held by the club although, where members have provided details of their Bank account, for the purposes of receiving BACS payments, that information is held within the Bank’s own system accessible only by authorised Officers
Data Sharing
The only personal information shared is that relevant information required by other Bowling Associations or organisations to which the Club is affiliated, and is needed by those Associations or organisations in order that they can inform other affiliated members of, for example, selection for Association matches, participation in competitions, maintenance of a register of affiliated members for insurance and other benefit purposes.
Data Erasure
Anyone who has their personal date held by the Club has the right to access, view and erase this data. A subject Access Request (Article 15) grants every citizen the right to a copy of all their personal data held by the Club. Romsey Bowling Club will provide this information in an electronically transportable format usable by the individual requesting the information. The Right to be Forgotten (Article 16 &17) entitles individuals to have this data erased. The Club understands that failure to fulfil this entitlement will be a violation of GDPR and subject to penalties.
Data Breaches
In the event of a data breach posing any kind of threat to members personal information, the Club will inform the affected individuals within 72 hours.