Data Privacy Policy
RIPON SAILING CLUB DATA PRIVACY POLICY
- About this policy
- This policy explains when and why we collect personal information about our members, our instructors and coaches and those who interact with the club on a regular basis. It explains how we use it and how we keep it secure, and your rights in relation to it.
- We may collect, use and store your personal data, as described in this Data Privacy Policy and as detailed when we collect data from you.
- We reserve the right to amend this policy from time to time without prior notice. You are advised to check our website (www.ripon-sc.org.uk) or the club noticeboard regularly for any amendments.
- We will always comply with the General Data Protection Regulation (GDPR) when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner (www.ico.gov.uk). For the purposes of GDPR we will be the 'controller' of all personal data we hold about you. SCM, who host our membership database for us, are data processors in terms of GDPR.
- All enquiries about this policy are to be directed to the Hon Secretary of the club via secretary@ripon-sc.org.uk.
- Who are we?
- We are Ripon Sailing Club. We can be contacted via ask@ripon-sc.org.uk or 01423 865467.
- What information we collect and why
Type of information | Purposes | Legal basis for processing |
Members name, address, telephone number and email address | Managing the member's membership of the club. Managing the duty roster. Communicating with the member. | Performing the club's contract with the member. |
Managing incident reports. | Legal obligation | |
Members date of birth/age related information | Managing membership categories which are age related. | Performing the club's contract with the member |
Managing incident reports. | Legal obligation | |
Managing our safeguarding responsibilities | Legal obligation | |
Emergency contact details | Contacting next of kin in the event of an emergency | Protecting the member's vital interests and those of their dependants |
Gender and Disability data | Provision of adequate facilities for members | Legal obligation |
Reporting information to the RYA and other bodies | For the purposes the legitimate interests of the RYA in maintaining diversity data required by Sports Councils | |
Managing incident reports | Legal obligation | |
The member's name, boat class and sail number | Managing race entries and race results | Performing the club's contract with the member |
Managing incident reports | Legal obligation | |
Sharing race results with other clubs, class associations and the RYA and providing race results to local and national media. | For the purposes of legitimate interests in promoting the club and sport | |
Managing the dinghy park | Performing the club's contract with the member | |
Photos and videos of members and their boats | Putting on the club's website and social media pages and using in press releases. | Consent. We will seek the Member's consent on their membership application form and at renewal on an annual basis. The member may withdraw their consent at any time by contacting the DPO by email or letter. |
Instructors and coaches name, address, email address, phone number and relevant qualifications and/or experience | Managing instruction and coaching at the club. | Legal obligation |
Members qualifications, occupation and/or experience | Managing the activities of the club. | Legal obligation |
Allocation of duties via the duty roster. | Performing the club's contract with the member | |
Name, address, telephone number, boat class and sail number, home club for visiting helms competing in open events hosted by the club | Managing race entries and race results and the circulation of these within the sailing community | For the purposes of our legitimate interests in holding races and events for the wider sailing community. |
Managing incident reports | Legal obligation |
Name, address, email address and telephone number of a member of the public who wishes to explore membership opportunities at the club including age related data for those under 18 | Managing the membership application process | Performing the club's contract with the parties involved |
Managing safeguarding issues | Legal obligation | |
Managing booking and payment for taster sessions | Performing the club's contract with the parties involved |
- How we protect your personal data
- We will not transfer your personal data outside of the EU without your consent
- We have implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorized alteration or destruction. We will notify you promptly in the event of any breach of your personal data which might expose you to serious risk. We have a clearly defined contract in place with our Data Processor which sets the requirements they are to meet.
- Members are asked to note that where they are transmitting information to the club over the internet this can never be guaranteed to be 100% secure.
- For any payments which we take from you online we will use a recognized online secure payment system.
- We will notify you promptly in the event of any breach of your personal data which might expose you to serious risk.
- Who else has access to the information you provide to us?
- We will never sell your personal data. We will not share your personal data with any 3rd parties without your prior consent (which you are free to withhold) except where to do so by law or as set out in the table above or paragraph 5.2 below.
- We may pass your personal data to 3rd parties who are service providers, agents and subcontractors to us for the purposes of completing tasks and providing services to you on our behalf. However we only disclose the personal data which is necessary for the 3rd party to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own purposes.
- How long do we keep your information?
- We will hold your personal data on our systems for as long as you are a member of the club and for as long afterwards as is necessary to comply with our legal obligations. We will review your personal data every year to establish whether we are still entitled to process it. If we decide that we are not entitled to do so we will stop processing your personal data except that we will retain it in an archived form to be able to comply with future legal obligations and the establishment exercise or defence of claims.
- We securely destroy all financial information once we have used it and no longer need it.
- Your rights
- You have rights under the GDPR:
- To access your data
- To be provided with information about how your personal data is processed
- To have your personal data corrected
- To have your personal data erased in certain circumstances
- To object to or restrict how your personal data is processed
- To have your personal data transferred to yourself or to another business in certain circumstances
- You have the right to take any complaints about how we process your personal data to the Information Commissioner https://ico.org.uk/concerns/, 0303 123 1113, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF
- You have rights under the GDPR:
For more details please address any questions, comments and requests to our Club Secretary via ask@ripon-sc.org.uk.
Issue History
Issue | Issue Date | Prepared by | Reviewed by |
1 | 20.5.18 | J Kerslake, Systems Mgr, RSC J Clark, Membership Sec, RSC | M Peters (RYA Legal) |
Downloads
Last updated 16:53 on 1 September 2024