General Data Protection Regulation (GDPR)
- ¡New EU Regulation in force since 25th May 2018
- ¡Designed to protect the Right of Privacy for individuals
- ¡Regulates how data can be obtained, stored, processed and passed on to somebody else
- ¡Stipulates the rights individuals have in relation to their data that somebody has in possession
- ¡It puts responsibility and accountability on the Data Controller (the club) to ensure that GDPR is adhered to
- The club has to nominate a Data Protection Officer It defines potential sanctions in case of data breaches
-
- You need explicit consent from individuals for the intended use of each and every data element before it is collected
- You have to allow individuals to “opt in” or “opt out” of specific use of their data
- You have to allow individuals to get a copy of the data you hold
- Individuals can request that data is deleted, unless you are satisfied that there is a legitimate requirement for you to keep those data
- You have to inform individuals where they can make a complaint or report a suspected data breach (your Data Protection Officer and/or the Office of the Data Protection Commissioner, Canal House, Station Road, Portarlington, Co. Laois (info@dataprotection.ie)
Make sure your registration form will satisfy the above items
Ensure that every club member who has access to data is aware of the data protection policy and their obligations
- Perform a Data Audit in your Club:
- Determine what data is currently held within your organisation
- When and how were those data elements collected
- How and where is data stored and how is security ensured
- What data are passed on from the Data Controller to somebody else and for what purpose
- Who has access to data
Establish a data protection policy defining the following:
- Who controls information in the club
- What data is collected and the purpose for every data element
- How is data stored and who has access to the data and how is security of data assured
- What data can be passed on, to whom and for what purpose
- Procedure to remove redundant data
- How will data files be handed over to new officers and how is it ensured that previous officers delete all their old data
- How can individuals get to know what data is stored about them
- Procedure to detect, report and investigate data breaches
- How and in what frequency future data audits will be performed
- Define how often and by whom the policy will be reviewed
The Data Protection Officer for Clare Camogie is Martin Kaiser. He can be contacted at registrar.clare@camogie.ie
Click on the link below for any information you may need in order for your club to be GDPR compliant.
Click for GDPR info