EVERY club should have such a policy in place, preferably by 25th May 2018.
It will need to be reviewed by each club committee and modified to suit their actual circumstances. Where found, the mnemonic "XYZ" should be replaced by the name of the club, and where there is wording inside square brackets, this indicates that a decision on adding or deleting text is required. This template should be sufficient and suitable for all but the largest of clubs. Any club with circumstances not covered by this template is encouraged to contact Member Services for further information/assistance, by emailing Bill Whyte at .
Such a Policy statement will define ...
a) What personal data the club holds
b) The legal basis on which it holds such information and why
c) How that data is handled and stored, what is it used for, and who has access to it
d) How the club member can express his wishes as to how it should be handled, changed or deleted
It should be routinely published on the club notice board and the club website.
If the club is able to send emails directly to their members, then it should be sent by email by May 25. It should be highlighted and distributed at any upcoming AGM.
Club Officers are reminded that personal data of their club members is NOT owned by the club, it is owned by the members themselves, and as such, club members by law are entitled to know what is being done with their data.
2 May 2018