Below is a summery of the Cygnet RC policy with regards to GDPR. The detailed policy is here
General Data Protection Regulations
The General Data Protection Regulations come into force on 25th May 2018. The Regulations seek to
provide protection of individuals' data and puts the onus on data holders to hold it legitimately, accurately
Various senior members of the Club have attended conferences or investigated this and as a result we continue to review our data handling processes.
Why does Cygnet RC hold data?
We hold data on members to enable us to manage the club's business and financial affairs, to arrange coaching and training sessions, to keep in touch and liaise with members and to provide information to the National Governing Body, British Rowing.
What we don't do
We will not sell the data nor allow it to be used for other reasons, as a sales tool etc.
What data does the Club hold?
We hold information such as the member's name, date of birth (so we can manage age group related activities), phone number and email (if given), emergency contact information (phone, email), home address, medical (for safety reasons), and the date of capsize drills and steering permissions as well as information on any safety reports they were involved in.
If members go away on a training camp we may need additional data, although very often the data we request is the same as we already have, but it is gathered in a different file and we need to ensure it is up to date. Some data, such as a passport number, may be held for the duration of the camp only.
Where is the data held?
The data is presently held on personal computers, password protected, and some will be on Googledocs. Google has registered Googledocs as being GDPR compliant and our intention is that all Cygnet Rowing Club data will be migrated to the Googledocs platform under password protection, and deleted from individual computers. In undertaking this migration we anticipate simply deleting many files which contain historical content.
Hard copies of membership forms are stored by the current Club Secretary and will be migrated in due course for archiving purposes.
British Rowing are working on a GDPR compliant membership database and Cygnet will continue to monitor this and when available, consider it as an option in the future.
We have lists of past members and will be reviewing what data we need to keep, if indeed we need to keep any at all. It is mainly used to send newsletters in hard-copy to older members and to Friends of the Club who have not indicated they are no longer interested. It seems a shame to just delete all our past members as they were a valued part of our history, whether recent or some time ago.
If I want my data deleted, what do I do?
Simply email secretary[at] cygnet-rc.org.uk or use this form and it will be deleted. Unless you're a current member, in which case it is a problem! See below.
Can consent be assumed?
Yes, consent can be assumed. If people provide data to a club (i.e. on the Membership Application Form) they must reasonably assume that the data will be used. It's how it's used and where it's held that is being tightened up.
There is also something called 'legitimate interests' - which essentially says that if you need the data to provide a service to the member and you can't do it without the member's data, explicit consent can be assumed. It's fairly obvious that if (for example) a phone number needs to be held so that a designated person (other half, parent, friend) can be contacted in event of an emergency - it's necessary to hold it. Similarly, if members are expecting communications about events, training etc. an email address is the best way of achieving the communication.
All members will have been asked for detailed specific consent in writing.
Can I talk to someone about this?
Yes, you can talk to me - but I'm not an expert. And you can't have my phone number because it's personal data! But my 'club' email address is secretary[at] cygnet-rc.org.uk or you can contact me here
Club Secretary, Cygnet Rowing Club 25th May 2018
Use of this website is monitored by collecting statistical user information. No personally identifiable data is collected in this process. Typically, we collect information about the number of visitors to the website, to each web page, the technology used to browse the internet and the domain from which the visitor originated. This information is used to understand the visitors use of the website.
Cookies are small files which are sent to your web browser and stored on your computers hard disk. This website itself doesn't drop cookies, however, third party tools added to the site may use and leave cookies on your computer. This includes tools like Google Analytics, social media such as Facebook and Twitter and embedded videos from sources like YouTube. We will try and make you aware if cookies are present and give you the opportunity to opt out.
You can also disable cookies in your website browser preventing them being saved. This may affect some of the websites functionality.
Contact and mailings
If making contact or purchasing through the website you may receive a reply from us as appropriate. Your message and supplied details will be used for the purpose given.
If you register for a mailing list you will be added to that list but can unsubscribe at any time by visiting the unsubscribe page.