GDPR (General Data Protection Regulation)
On Friday 25th May the General Data Protection Regulation (GDPR) will replace the Data Protection Act 1998. The introduction of GDPR will see significant changes regarding accountability and how data is captured.
If your sports club/ organisation collects and uses personal data, then GDPR will apply directly to your club.
Personal data refers to any information that allows an individual to be identified directly or indirectly by that information, it can include but is not limited too; name, IP address, email addresses, photographs.
To comply with GDPR make sure you have a record of all the personal data you hold, you may want to carry out an audit. An audit template can be found HERE.
Under the GDPR you will not be permitted to handle or process any such data without satisfying a relevant condition for processing as set out in the GDPR. This is not optional.
There are several organisations with information available to help your club navigate GDPR. Below are some ideas of where to start:
- Both the Sport and Recreation Alliance and Club Matters have resources available regarding GDPR including, a toolkit with templates for you to download; and a podcast produced by Club Matters which any club can access.
- A number of NGBs have hired specialists to support sports clubs with the GDPR process. To find out if your NGB has resources available, visit the relevant website which can be found HERE, or contact them directly; NGB contact details can be found HERE.
- For further support and information, you can contact your local Council for Voluntary Services:
- Local law firm Muckle, Newcastle has some grassroots specific advice and guidance available for community clubs and organisations.
If you require further information on GDPR, there is a wealth of knowledge on the following websites:
Remember, complying with the GDPR is not optional and organisations that breach the new regulation can be subject to extremely heavy fines.