On the 25th May 2018 the way that organisations hold personal data on people changes, The GDPR is the EU General Data Protection Regulation which will replace the Data Protection Act 1998 in the UK and the equivalent legislation across the EU Member States. At Wollaton Park Golf Club the General Data Protection Regulation (GDPR) is already in force and we are currently implementing changes to meet the criteria .One of the principles of the Data Protection Act (and the GDPR), is that you can only process data for the purpose for which it is collected. This means that if you collect a name and contact details of an individual, so that they can become a member of a club, you can’t simply use that information to allow any affiliates to contact them for marketing purposes. You also need to tell people when they join the club if you are going to transfer their data, for example to another organisation.
So does this apply to Wollaton Park Golf Club?
GDPR applies to all companies processing the personal data of data subjects residing in the European Union, regardless of the company’s location. Therefore, as the Wollaton Park Golf Club stores personal data on its members, GDPR also applies to us and many other clubs.
What about BREXIT?
Leaving the EU makes no difference and does not make the UK exempt. The UK government are implementing the changes regardless of the current landscape.
So what are the key changes for clubs?
GDPR states that clubs will need to give members more information about how and what we do with your data at the point we collect it.
At Wollaton Park Golf Club data is collected for membership purposes only. Any communications will only serve for ‘legitimate Interest’ to a Golf Club Member.
Your details are only used by the Wollaton Park Golf Club Club so essentially we know who you are, how to contact you and financial matters surrounding membership. Your details are not passed onto any other third party unless ‘specific affirmative action’ is granted by the member.
What if someone ask for my details or email address?
The Wollaton Park Golf Club will never provide details to another party. If someone asks for your details we will send their request to you so that you may reply to them if you wish.
What happens if my membership expires?
For members of Wollaton Park Golf Club whose membership has expired, membership details will be held for 6 months to allow continuity of your profile, should you wish to renew. After a 6 month period following the expiry date, your membership account and details will be fully deleted.
GDPR policies indicate that there will be direct obligations on data processors as well as on data controllers. At the Wollaton Park Golf Club we use the following third partie for processing data:
- Gaining consent
Under GDPR it is important we get consent to use your personal data in certain ways, for example to send informative emails or newsletters:
All new members are required to tick a box on the application form to agree to their details being stored in accordance with GDPR policies and as such will receive newsletters via email. The email address may also be used by the club for direct contact about your membership but in no circumstances with be provided to anyone not associated with the mailing list or to anyone outside of the Club
- Club V1
All our members’ personal details are stored electronically and password protected in our Club V1 Administration System and therefore access can be monitored and controlled.
- Data breaches
In the unlikely event of a data breach where unauthorised access has been made to access member’s data, all members on the data base will be informed.
- Member’s concerns
Wollaton Park Golf Club have done their best we can to understand and be compliant with the new GDPR rulings that come into effect on May 25th 2018. Whist we trust that members should have no cause for concern about the way their details are kept, should anyone have any concerns or any questions then these should be addressed to firstname.lastname@example.org
Please note that this page may change up until should we discover sections that we may need to redraft to adhere with GDPR.