DATA PROTECTION POLICY

With effect from 25 May 2018, the Data Protection Act 1998 will be replaced by the EU ‘General Data Protection Regulation’ or ‘GDPR’ as amended by the UK Data Protection Bill.

Contact of members by the Club:

Under GDPR, members must agree to be contacted by the Club IN CONNECTION WITH CLUB ACTIVITIES rather than ticking a box to ‘opt out’. 

It is therefore vital that members tick the box on the membership renewal or application form agreeing that the Club can contact them by e mail in connection with Club activities. In the case of Squash members, it is essential if they wish to utilise the squash court booking system.

The Club fully endorses and adheres to the principles of Data Protection legislation and will:

·         Only collect information needed for the administration of the Club
·         Keep the information secure
·         Ensure the information is relevant and up to date
·         Only hold as much information as we need and for as long as we need
·         Only use the information to contact Members if we have the specific approval of members
·         Allow Members to see the information held on request.

Information Held:

Information provided by members on renewal or on their application forms is held on password controlled membership software. Data comprises:

Adult members:   Name, address, telephone numbers and e mail.

Junior members:  As above plus date of birth required to specify category of membership ( A or B)

Data is deleted when members cease to be members for any reason.

Use of Information by the Club:

Where approval has been received from a member to contact them by e mail IN CONNECTION WITH CLUB ACTIVITIES, the data is transferred from the membership software to MAIL CHIMP  who act as a data processor. Mail Chimp have assured all its customers that it will be GDPR compliant by 25 May 2018

In the case of Squash members, the data is transferred to ebooking.com to allow members to book squash courts. The data can also be used by Club management to contact members related to Club Squash activities. Ebooking.com  have assured all its customers that it will be GDPR compliant by 25 May 2018.

Basic data for all members is held on the Paxton Net2 access control system. This is a stand alone system held on the Club computer and the membership secretary’s computer and is password controlled. This is purely used to control the access and expiry of members’ fobs.

Data will NEVER be passed to other third parties or used in any way not directly related to Club activities.

Security:

The membership database is held on the Club Computer and the Membership Secretary’s computer. In both cases, the Software is password controlled. Access is limited to the membership Secretary and the Tennis Coach.

The Net2 access control data is held on the Club Computer and the Membership Secretary’s computer. In both cases, the Software is password controlled. Access is limited to the membership Secretary and the Tennis Coach.

Registration:

The Club has registered with the Information Commissioner’s Office under reference ZA306046. The Chairman is recorded as the Data Controller.

Right to see information held by the Club:

Members may contact the Chairman to see a copy of the information held for them on the membership software.

Related Files: