Barnes Bridge Ladies Rowing Club needs to gather and use certain information about individual people. These can include members, coaches, volunteers, suppliers and other people the organisation has a relationship with or may need to contact from time to time.
This policy describes how this personal data must be collected, handled and stored to meet the data protection standards – and to comply with the law.
WHY THIS POLICY EXISTS?
This data protection policy ensures that Barnes Bridge Rowing Club:
- Complies with data protection law and follow good practice
- Protects the rights of members, partners and suppliers
- Is open about how it stores and processes individual’s data
- Protects itself from the risks of a data breach
DATA PROTECTION LAW
The General Data Protection Regulation (GDPR) came into force in the UK on Friday, 25th May 2018.
The focus of the regulations are to lay out the way in which organisations handle personal information. They specify the rights of the individual and the responsibilities of any organisation that captures and stores data that can be identified as personal. This includes names, date of birth, address, performance data – anything that relates to a person.
Here at Barnes Bridge Ladies Rowing Club we take your privacy seriously and will only use your personal information to run the membership list, for the committee and coaches to store and access performance data. We follow the data Protection Act at all times when asking for or handling your information including: personal data shall be processed fairly and lawfully. Data is processed only for the purpose(s) for which it was collected. Data is accurate and kept up to date.
- What information do we collect? Membership records like name, address, date of birth, next of kin and contact details, as well as rowing and performance related data, coach and volunteer records. We only use the data for the purpose for which it is collected for.
- Where do we store the data? All data is stored in an encrypted document on Google Drive.
- When do we delete it? When you decide to leave the club, all data about you is deleted.
WHAT DO YOU DO WITH THE PERSONAL DATA?
You may wish to subscribe to email alerts about information of interest to you. If you do this, we will use the information that you submit to provide the alerts to you and to analyse who is receiving email alerts from us.
You may ask us to remove you from our email alert lists at any time by writing to the Company Secretary at the address above or speak to the Captain. Barnes Bridge Ladies Rowing Club will also offer you the option of correcting your details and of being removed from future email alerts when we send you an email alert.
We may share your information with our funders (Civil Service Sports & Leisure – CSSC) or potential funders, such as our bank and with our professional advisors who have a reasonable need to see it.
We may disclose your information to enforcement authorities if asked to do so, or to a third party in the context of actual or threatened legal proceedings or if otherwise required to do so by law.
Everyone who works for or with the Barnes Bridge Ladies Rowing Club has some responsibility for ensuring date is collected, stored and handled appropriately as well as processed in line with this policy and data protection principles. However, the committee is ultimately responsible for ensuring that the club meets its legal obligations.
The only people able to access data covered by this policy should be those who need it for their work. Data should not be shared informally nor disclosed to unauthorised people. Data should be regularly reviewed and updated. The club will provide training to anyone who wishes to understand their responsibilities when handling data.
When data is stored on paper, it should be kept in a secure place (locked drawer or filing cabinet) where unauthorised people cannot see it. Data printouts should be shredded and disposed of securely when no longer required.
When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts. Data should be protected by strong passwords, backed up frequently and not saved directly to laptops or other mobile devices like tablets or smart phones.
When working with personal data, ensure the screens of the computer are always locked with left unattended, when data is being transferred electronically, it must be encrypted and copies of personal data should not be saved to their own computers.
We are the organisers of the annual Pairs Head race on the river Thames and collect data from participants for this event. This policy also applies to the data collected for this event.
WHERE CAN I FIND OUT WHAT PERSONAL DATA IS HELD BY BARNES BRIDGE LADIES ROWING CLUB?
If you have any questions about what information the club holds and why, how it is being kept up to date, please contact the company secretary at Barnes Bridge Ladies Rowing Club or speak to a member of the committee. The company secretary will always verify the identity of anyone making a subject access request before handing over any information.
Further information about data protection issues including the online Register of Data Controllers can be found at the Information Commissioner’s website.
Revised Policy approved on 10 September 2019.
Next review September 2021.