The Data Processor(s) is responsible for ensuring that Club members and Officers have the appropriate password access to the Play-Cricket system:
- For registering players
- For entering weekly scoresheets & reports
- The viewing of scoresheets and tables are open to anyone with access to the system.
Should a member leave the Club, the Data Processor(s) should immediately review their data access & restrict it as appropriate.
The Data Processor(s) will produce a report for the Annual General Meeting of the Club, detailing who has access to what data and include a review of all GDPR compliance
Sharing of data
The Club will not share data with any 3rd parties, without the express permission of the members.
Club members have the right to view all data relating to themselves held by the Club.
This request should be made via the Data Processor and the relevant data provided within one month, at no charge to the member.
It is necessary to store data relating to individuals in order to:
1. Register Club members with the West of England Premier League and the Bristol and District Cricket Association – held on Play-Cricket
Name, Date of Birth, address, gender, Country of birth, date last entered UK (if born abroad)
2. To contact players for team selection and Club administration
Email address, phone number(s)
This data is entered & kept up to date by the Data Processor(s) - Membership Secretary, Club Secretary and Website administrator
For Junior Members, a Junior Membership Form must be completed and signed by a guardian. The data will then be entered by the Data Processor.
Junior membership Forms are stored securely and not shared with anyone.
3. Club Officials will have their contact details (name, phone number, email address) published in the Member's Handbook, as may senior players.
Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data
DATA PROTECTION POLICY
Our data protection policy sets out our commitment to protecting personal data and how we implement that commitment with regards to the collection and use of personal data.
Each sports club that processes personal data must register with the Information Commissioners office each year, unless they are exempt
This Club only processes personal data for “domestic or recreational reasons” and are therefore exempt from registration. However, it is important that we still adhere to the principles of the Data Protection Act (DPA) and understand best practice for managing information.
We are committed to:
· Ensuring that we comply with the eight data protection principles, as listed below
· Meeting our legal obligations as laid down by the General Data Protection Regulation (GDPR) (EU) 2016/679
· Ensuring that data is collected and used fairly and lawfully
· Processing personal data only in order to meet our operational needs or fulfill legal requirements
· Taking steps to ensure that personal data is up to date and accurate
· Establishing appropriate retention periods for personal data
· Ensuring that data subjects' rights can be appropriately exercised
· Providing adequate security measures to protect personal data
· Ensuring that a nominated officer is responsible for data protection compliance and provides a point of contact for all data protection issues
· Ensuring that all club officers are made aware of good practice in data protection
· Providing adequate training for all staff responsible for personal data
· Ensuring that everyone handling personal data knows where to find further guidance
· Ensuring that queries about data protection, internal and external to the organisation, are dealt with effectively and promptly
· Regularly reviewing data protection procedures and guidelines within the club