GDPR

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).

hero__image

What is GDPR and what does it mean for rowing clubs.

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).

The UK Government intends to incorporate these requirements into UK law under the Data Protection Bill, with the regulations coming in to force on Friday, 25th May 2018.

Pulsant GDPR webinar

Click here to listen to  an exclusive GDPR webinar brought to you by our Official Hosting Solutions Partner, Pulsant

The webinar covers a range of different topics that include:

  • What is data protection and GDPR?
  • Who do the new regulations apply to and how do they apply?
  • Where might the risks be for community rowing clubs?
  • What steps can clubs take towards GDPR compliance?
  • What useful resources and information are available?

Listen to the GDPR webinar now.

Please note, the audio quality for the first couple of minutes during the initial introduction is not the best but it corrects itself from the start of the presentation.

The focus of the regulations are to lay out the way in which all organisations handle personal information. They specify the rights of the individual (the data subject) and the responsibilities of any organisation that captures and stores data that can be identified as personal.  This includes names, dates of birth, addresses, performance data – anything that relates to a person.

Preparation for GDPR

The Sport & Recreation Alliance have been commissioned by Sport England to create a GDPR toolkit for the sport sector, including specific guidance for sports clubs. This can be accessed for free, and includes guidance, templates and supporting notes to help clubs meet the requirements of GDPR.

We recommend clubs start by working through the Sport & Recreation Alliance’s ‘GDPR Compliance Questionnaire’, which can be found via the link above, and also by undertaking an audit of all personal information held by the club.

This audit should include details of what the data is, where it is stored and in what format, who has access to the data and for what purpose the data is held. The focus should be on data held directly by the club, away from the British Rowing membership platform. This is likely to include membership records, performance data, coach and volunteer records – if the information contains a name, or other information that could identify an individual, it will be covered by GDPR.

As well as auditing the data that is held, clubs should also focus on how the information was obtained and whether this was through explicit consent. Is the data subject fully aware of the information being held (informed) and have they given their explicit consent?

British Rowing is currently undertaking an audit of all information we hold in preparation for GDPR.

Top tips to start your journey to GDPR readiness

Here are a few suggestions to help you get started towards compliance with the GDPR.

1. Process

Understand the journey that personal data takes through your club. What information do you collect and do you need that information? What do you tell people when you collect it? On what legal basis have you collected it? Where and how do you store that data? What do you do with it? When is it deleted? This will allow you to identify any areas of risk.

2. Awareness

Make sure that your coaches and volunteers are aware of the GDPR and data protection issues and that they know who to talk to if they receive a subject access request or if there is a breach.

3. Policy

Make sure the policies and procedures you have in place help your volunteers deal with data protection issues.

4. Communication

Make sure you tell individuals at the point of collection what you will do with their data and when you will delete it.

5. Publish

A simple data protection statement that includes a way for your members to contact you should they wish to see the data you hold on them.  Make it clear they have a right to ask for changes should they consider the information you hold to be inaccurate.

6. ICO Guidance

You can find more information on GDPR on the Information Commissioner’s Office (ICO) website here including the ‘12 steps to take now‘ and the ‘Getting ready for the GDPR‘ self-assessment tools. The ICO also now offers a helpline. Representatives of small organisations should dial 0303 123 1113 and select option 4 to be diverted to staff who can offer support.

 

For more information, visit the GDPR FAQs page.

 

Download your GDPR guide for clubs here

 

The guidance given here is aimed at assisting British Rowing affiliated clubs, competitions, Regional Rowing Councils and Associations with identifying the key areas that should be addressed as a result of the additional requirements arising from the upcoming introduction of GDPR. Many people will no doubt already have considered – and where appropriate have taken specialist advice – regarding the impact of existing UK Data Protection legislation insofar as that may impact their activities.

It is similarly recommended that clubs and associations take appropriate advice if they have concerns or are still in doubt regarding specific issues having read this document. There are some suggestions within this document as to where that advice may be sought, but those should not be viewed as exclusive.

More in this section

GDPR FAQs

Does this apply to our club? GDPR applies to any “data controllers” or “data processors”. Those are technical terms but, in essence, if you collect any personal data in the running of your club (which you will do if you have any members) then the regulations (GDPR) will apply to you.   My club is…

View Content

Affiliation

Clubs are at the heart of rowing and British Rowing is committed to supporting all those involved in developing the sport.

View Content

Club Directory

Please note that this club finder only shows rowing clubs in England. 

View Content

ClubHub

ClubHub is an online membership management system developed by an industry leading provider, supported by a comprehensive set of ‘how to’ guides covering all aspects of running a rowing club

View Content

Stay up to date...

widget__hero__image
Get the latest rowing news, tips, event info and updates straight to your inbox.

Click here to subscribe