Privacy Policy & Notice
Version 24 May 2018
Introduction
The club is committed to respecting your privacy. This notice is to explain how we may use personal information we collect before, during and after your relationship with us as a member and/or volunteer. This notice applies to current and former members. This notice explains how we comply with the law on data protection, what your rights are and that for the purposes of data protection we will be the controller of any of your personal information.
We have not appointed a Data Protection Officer to oversee our compliance with data protection laws as we are not required to do so. Our membership secretary has overall responsibility for data protection compliance in the club. Contact details are set out at the end of this privacy notice.
What are my rights under the new General Data Protection Regulation (GDPR)
You have the right:
to be informed about the data we are collecting, why we are holding it, what we hold, how we use it, who we share it with, how long we keep it etc.
to ask for a copy of information held about you
to rectify any errors in the information the club holds about you
to object to us about how we are processing your data
to withdraw your consent for the club to keep your information and to ask for your information to be erased in certain circumstances
What is the lawful basis for our keeping information about you?
Our lawful basis for processing information under GDPR is that a) we have your consent to do this for club management purposes, and b) that processing data is necessary for the legitimate interests of you and the rowing club: keeping you up to date with club activities, managing session times, monitoring attendance at swim tests and capsize drills, managing subscriptions and payments, knowing who to contact if you have an accident whilst on club activities, making coaches aware of any relevant medical problems.
Where is this information held?
This information is held within spreadsheets on password protected computers. Paper copies of information are kept in locked filing cabinets. Information is kept by club officers and captains, and where relevant by club coaches
How long is Information held for?
Generally, where there is no legal requirement, we retain all physical and electronic records for a period of 6 years unless there are still any debts to the club outstanding, when records are retained until all debts are paid. Information about people enquiring about joining the cub is kept until they have started rowing. If they decide not to continue it is kept for 1 year and then deleted.
Who is the information shared with?
Membership information is shared with club committee members and officers/ captains but on a ‘need to know’ basis where those people need the information to manage club activities. Club coaches have access to mailing lists of email addresses, although junior mailing lists have a very limited circulation. Club coaches are informed of any medical issues that members have disclosed as being relevant to rowing, with the member’s consent.
In addition, we share information with:
Any party approved by you
Governing bodies or regional bodies for our sport to allow them to properly administer the sport on a local, regional and national level. For example, some aggregated, anonymised data is communicated to British Rowing about the number of members and their age break down.
Grant giving bodies when making grant applications. For example, aggregated and anonymised data such as total number of members in different age bands, ethnic groups, genders and with or without disability.
Police, law enforcement and security services.
To assist with the investigation and prevention of crime and the protection of national security. We never share club information with third parties for marketing purposes.
Who do I go to if I have a question or concern about my data?
The person at Leeds Rowing Club with responsibility for data protection is the membership secretary. In the first instance all queries about your data should be addressed to this person.
The current Membership Secretary is David Cottrell.
davidcottrell@ntlworld.com or 07973 325 919
You also have the right to take any complaints about how we process your personal data to the Information Commissioner: https://ico.org.uk/concerns/ or 0303 123 1113
Changes to this notice
We may update this privacy notice from time to time. When we change this notice in a material way, we will update the version date at the bottom of this page. For significant changes to this notice we will try to give you reasonable notice unless we are prevented from doing so. Where required by law we will seek your consent to changes in the way we use your personal information.
Version 24 May 2018