Data Protection Policy
Being transparent and providing accessible information to individuals about how we use member’s personal data is a key element of the Data Protection Act 1998 (DPA) and the EU General Data Protection Regulation (GDPR).
This policy sets out how Hailsham Bowling Club (the Club) will collect and store personal information about the Club’s members and others, and the use to which that information will be used.
No other information shall be collected and stored by the Club nor shall any information held about members or others be used for any purpose other than that described herein.
The Data Controller shall be the Membership Secretary for the time being, and all data processing shall be carried out by the Membership Secretary for the time being.
Information to be held
The Club shall collect and store the following personal information about its members:
- Name and Surname
- Landline Telephone number
- Mobile Telephone number
- Email address
- Category of membership
This information shall be collected at the time of application for membership. From time to time, the Club is required to share certain information with the sport’s governing body, Bowls England, and with the County Association, Sussex County Bowls. It shall not be shared with any other person or organisation unless specifically required by law.
The Club shall not collect or store any other information about its members.
The Club may also collect and store personal information from individuals who are not members of the Club but with whom the Club is in contact regarding specific events or functions. Such information shall include information that is relevant to the event and is necessary for the proper organisation of the event. This information shall not be shared with any other person or organisation unless specifically required by law.
Storage of personal information
The information held by the club in respect of its members shall be held by the Membership Secretary for the time being.
This information shall be held in a computer file that is password protected and to which only the Membership Secretary and Club Secretary for the time being have access. An individual’s information shall be held in the computer file for as long as the individual remains a member of the Club. It shall continue to be held for at least 12 months after the individual has ceased to be a member in order that any outstanding issues in respect of that individual’s membership can be resolved. All information concerning a member shall be deleted from the computer file not later than 18 months after they cease to be a member.
The information held electronically may be shared from time to time with the following officers of the Club. They shall request the information they need from the Membership Secretary or the Secretary with a written statement as to the reason why they need the information.
- Club Captain (Gentlemen’s Captain and Ladies’ Captain prior to November 2018)
- Competition Secretary
- Ladies Secretary
The officers referred to in the preceding paragraph shall not keep electronic or hard copies of the information for longer than necessary for the use for which it was provided, and prior to its use they shall ensure that the information is accurate and up-to-date.
Hard copies of applications for membership shall be retained for as long as an individual remains a member of the Club. It shall be destroyed within 3 months of an individual ceasing to be a member.
Hard copies of any membership renewal forms shall be retained until after the end of the period for which they renewed their membership, and shall be destroyed within 3 months after the end of the period to which they refer.
The information held in respect of non-members collected in respect of specific events shall be kept in either electronic or hard copy by the organiser of the event and made available to those individuals who have need of it. Such information may be held for as long as is necessary for the proper organisation of the event after which time it shall be destroyed. If the event is a recurring one held at regular intervals, than such information may be held until such time as invitations to that recurring event are issued, following which time it shall be destroyed.
Use of personal information
The personal information held by the Club about its members shall be used only for the following purposes:
- Maintaining a record of current club membership and the relevant category of membership
- Contact with members concerning their membership of the Club
- Registering members with the appropriate sport’s governing body, Bowls England, and county association, Sussex County Bowls, which may involve the passing of certain personal information to the governing body and/or county association
- Keeping members informed of news about and events organised by the Club, Bowls England and/or Sussex County Bowls.
- Selection for matches and competitions organised by the Club
- Requesting assistance with tasks required to be carried out for the Club
The personal information of members shall not be used for any marketing or commercial purposes.
The names and telephone contact numbers for each member will be made available to all other members for the purposes of enabling members to contact each other. Members shall not pass the contact details for any other member to any person or organisation outside of the Club for any reason whatsoever without the express consent of the member whose details are passed on.
The GDPR includes the following rights, amongst others, for individuals;
- the right to be informed
- the right of access
- the right to rectification
- the right to erasure
- the right to restrict processing
- the right to object
Upon joining the Club, prospective new members will be asked to sign an application form that contains the following statement:
We store and use this data for the purposes of contacting you and, apart from your telephone numbers which we share with all other members, we do not share this information with any other party. Application for membership will constitute your agreement to our storing of your personal details.
At each membership renewal date, each member should be provided with a copy of the personal data that we hold for them, and they should be asked to confirm that the information is correct or provide the appropriate corrections, and that we may continue to hold it.
Subject access requests
All members are entitled at any time to request a copy of the personal information that the Club holds about them.
All such requests must be complied with within one month from the date of the request. Such requests should be dealt with by the Membership Secretary for the time being. No charge may be made for complying with such a request nor may any request be refused unless the request is manifestly unfounded or excessive.
If such a request is refused, the the individual who has made the request must be told the reason for the refusal and that the individual has the right to complain to the supervisory authority and to a judicial remedy. This must be done without undue delay and in any event within one month of the date of the request.
Lawful basis for processing personal data
The basis on which we hold and process member’s personal data is a legitimate interest and their explicit consent upon joining and upon renewal of membership each year.