GDPR - all you need to know and more.

The EU regulation named GDPR took effect throughout the EU on the 25th of May 2018.

“General Data Protection Regulation” (GDPR) is a set of rules, agreed by all 28 EU countries.  The GDPR applies to "personal data", which means any information relating to someone who can be directly or indirectly identified in particular by reference to an identifier ( a piece of data).  This set of rules applies to organisations operating within the EU, and the definition of organisations includes, ipso facto, associations of members such as a bridge or social club, and clearly the SBU itself.

The UK, no longer a member state (legally and now in practice) within the EU as of the 1st January 2021, has incorporated the GDPR fully into UK law, so there is no meaningful change for residents in the UK and this includes Northern Ireland. 

The GDPR affects the SBU to some extent but not in a major way. Clubs are affected slightly less than the SBU, and Districts are very little affected for the simple reason that they do not hold member's data in a structured way Nonetheless any organisation or officer of that organisation holding personal details has to be aware that they have a responsibility to guard that data securely and have a legal basis for holding that data.

This section of the SBU website will hold the information needed and will be made current as time passes.

In the period 1st January 2021 until the end of June, nothing changes. Depending upon decisions to be made by the EU in the next few months (this is the so-called data adequacy decision) there may be minor changes regarding the holding of personal data held for SBU members who are resident in any one of the EU member states. It is likely to be prudent that overseas SBU members are all registered in the DIRECT club as home members, to avoid clubs have any exposure to legal challenge.
Thank you.

Bill Whyte
Data Protection Officer
SBU Member Services
 

24th March 2021