St.Albans City ABC
Data Protection Policy
St.Albans City ABC is committed to safeguarding the privacy of our members, staff, and visitors. This Data Protection Policy sets out how the club collects, uses, stores, and protects personal data to ensure compliance with the General Data Protection Regulation (GDPR).
This policy aims to ensure that St.Albans City ABC:
Protects itself from the risks of a data breach.
It is transparent about how it stores and processes individuals’ data.
Protects the rights of staff, members, and partners.
Complies with data protection law and follows good practice.
This policy applies to all personal data processed by St.Albans City ABC, including data collected on members, employees, contractors, volunteers, and other third parties.
Definitions
Processing
Any operation or set of operations performed on personal data, whether or not by automated means, including collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, and erasure.
Personal Data
Any information relating to an identifiable person who an identifier can directly or indirectly identify.
Data Protection Principles
St.Albans City ABC commits to ensuring that personal data is:
Adequate, relevant, and limited to what is necessary.
Collected for specified, explicit, and legitimate purposes.
Processed lawfully, fairly, and transparently.
Processed in a manner that ensures appropriate security.
Stored only as long as is necessary.
Accurate and kept up to date.
Data Collection and Use
Consent is obtained for collecting all personal data, with individuals fully informed of the purpose for which data is collected.
Data collected includes, but is not limited to, names, addresses, telephone numbers, email addresses, and health-related information for fitness assessments.
Personal data is collected only to manage club membership, hire, market, or conduct other activities.
Data Storage and Security
Physical data (if any) is stored in locked cabinets in secure premises.
Electronic data is protected with strong passwords and, where appropriate, encryption.
All personal data is stored securely, with access restricted to authorised personnel only.
Data Sharing and Disclosure
Where third parties are used to process personal data, they must comply with this policy and no data is transferred outside of the European Economic Area (EEA) without appropriate safeguards.
Personal data is not shared with third parties without explicit consent from the individual unless there is a legal obligation to do so.
Data Subject Rights
Individuals have the right to:
Withdraw consent at any time, where relevant.
The right to data portability.
Object to processing and restrict processing in certain circumstances.
Request correction or erasure of their data.
Access their data.
Data Breach Response
St.Albans City ABC has procedures for dealing with data security breaches. It will notify the Information Commissioner’s Office (ICO) and affected individuals where we are legally required.
Review and Updates
Training will be provided to staff to ensure awareness and compliance with GDPR.
This policy will be reviewed annually or as required by changes in legislation or operational practices.
Contact Information
If you have any questions about personal data or this policy, please contact our designated Data Protection Officer at Hello@stalbansabc.co.uk.