Data Protection Policy 2018

Colwyn Canoe Club Data Protection Policy March 2018

The General Data Protection Regulation (GDPR) came into force on 25 May 2018. All organisations must conform with the guidelines laid out in the GDPR legislation. Colwyn Canoe Club Data Protection policy as laid out below details how data collected by the club is handled and stored and how the club is conforming to GDPR requirements.

Any personal data collected by the club will only be retained for as long as is reasonably necessary.

All current members personal data will, until further notice, be stored in the Membermojo online data system, this system is stored on remote servers operated and maintained by Membermojo.

Tickets sales through Yapsody also require personal data to be collected, this system is maintained by Yapsody.

The personal data of expired members will be automatically deleted in a maximum period of 12 months of their membership expiring.

Only club administrators are able to directly access membership or ticket sales data.

It may be required on occasion to pass on some sensitive data such as relevant medical information and contact details to coaches or trip leaders. In the event of this being printed off for events such as paddling trips the data will be destroyed as soon as practicably possible, once its use is no longer deemed to be required.

All membership data is input by members when applying for membership, registration for pool sessions or purchasing tickets, no personal data is entered by the club administrators.

Personal data retained by the club is always accessible to members.

Any changes can be made or mistakes rectified at any time by the members through the membership or ticket sales portals.

Any mistakes with this data is the responsibility of those members making the applications for themselves or on behalf of other members forming part of a family membership group or a parent or guardian making the application on behalf of a junior.

Colwyn Canoe Club are not responsible for checking or correcting incorrect information input by members on their membership applications. Deliberately providing incorrect information may result in memberships being revoked. Any changes in the data collected by the club such as contact details or relevant medical information must be kept up to date by the members who the membership refers to.

The club only collects relevant data from members.

We do require relevant medical information to be provided. This data is regarded as sensitive under the GDPR guidelines and regulations, due to the nature of the activities undertaken within the club the collection of this “sensitive” data is done so for legitimate reasons as laid out in the GDPR regulations.

Colwyn Canoe club has no direct links or access to any financial records or accounts of members. All payments to the club are either through secure intermediaries such as PayPal or via direct bank transfers set up and authorised by the members.

Any data gathered by Colwyn Canoe Club is not shared with any third party other than the details that may be required for membership registration with Canoe Wales (for those that take up the affiliated Canoe Wales membership through the club).

This policy replaces any previous data protection policy published by the club and forms part of the clubs constitution.