EVERY club should have such a policy in place. It will need to be reviewed by each club committee and modified to suit their actual circumstances. Where found, the mnemonic "XYZ" should be replaced by the name of the club, and where there is wording inside square brackets, this indicates that a decision on adding or deleting text is required. This template should be sufficient and suitable for all but the largest of clubs. Any club with circumstances not covered by this template is welcome to contact the SBU Data Protection Officer for further information/assistance, by emailing Charmian Entwistle.
Such a Policy statement will define ...
a) What personal data the club holds
b) The legal basis on which it holds such information and why
c) How that data is handled and stored, what is it used for, and who has access to it
d) How the club member can express his wishes as to how it should be handled, changed or deleted
Club Officers are reminded that personal data of their club members is NOT owned by the club, it is owned by the members themselves, and as such, club members by law are entitled to request further information about how their personal data is being used.