HADLEIGH CRICKET CLUB, SUFFOLK - Privacy Policy

HCC Privacy Policy

  1. About this Policy

     

    1.1

    This Privacy Policy explains when and why we, Hadleigh Cricket Club, collects personal information about our members, how we use it and how we keep it secure and your rights in relation to it.

    1.2

    We may collect, use and store your personal data, as described in this Policy and as described when we collect data from you.

    1.3

    We reserve the right to amend this Policy from time to time without prior notice. You are advised to check our website (http://hadleigh.cricketclubwebsite.co.uk/default.aspx) or our Club

    noticeboard regularly for any amendments (but amendments will not be made

    retrospectively). The website is provided by Hitsports Ltd, and holds all electronic data on a secure UK server.

    1.4

    We will always comply with the General Data Protection Regulation (GDPR) when

    dealing with your personal data. Further details on the GDPR can be found at the

    website for the Information Commissioner (www.ico.gov.uk). For the purposes of

    the GDPR, we will be the “controller” of all personal data we hold about you.

     

     

     

  2. What information we collect and why.

 

Type of data

How is data held?

Purpose

Legal basis for processing

Member's name, gender, email

address(es), mobile telephone number, postal address, landline telephone number, date of birth.

 

 

Electronic format. On password-protected PCs of specific club officers – Secretary.

 

On secure UK server of club website. Access restricted to specific club officers – Secretary, Website manager, Junior team managers, Child Welfare Officers, team captains, Head of Cricket.

 

Enabling the Member to be a functional Member of the Club.

 

Informing Member of key news & documentation about the club.

 

Enabling Member to be selected as part of the website match management process.

 

Enabling online payments to be processed as part of the match payment system.

Performing the Club’s contract with the Member.

 

For the purposes of our legitimate interests in operating the Club.

 

Consent. Given by member on membership application/renewal form. Members may withdraw their consent at any time by contacting the club by email or letter.

 

 

Name, school year, date of birth & gender of all players under the age of 18.

 

Email address, postal address, landline and mobile telephone number of parents/guardian.

 

Medical information relating to all players under the age of 18, including the name and telephone number of family doctor or surgery, existing illnesses, disabilities or learning differences.

Electronic format. On password-protected PCs of specific club officers – Junior Chairman, Junior team managers, Child Welfare Officers.

 

Ensuring a safe & organised environment for young players.

 

Enabling effective communication about club activity.

 

 

 

Health and child welfare.

Performing the Club’s contract with the young player/parent.

 

For the purposes of our legitimate interests in operating the Club.

 

Protecting member’s health and vital interests.

 

Consent. We will seek consent on the club’s Junior Parental Consent form. Parents may withdraw their consent at any time by

contacting us by email, text or letter.

 

Emergency contact details of Members under the age of 18

 

Electronic format. On password-protected PCs of specific club officers – Junior Chairman, Junior team managers, Child Welfare Officers.

 

Contacting next of kin in the event of emergency

 

For the purposes of our legitimate interests in operating the Club.

 

 

Photos and videos of members

 

 

Online.

For display on the club’s website, social

media pages and local printed news media.

 

Consent. We will seek the Member’s consent on their

membership application or renewal form. The Member may withdraw

their consent at any time by

contacting us by email, text or letter.

 

Bank account details of

the Member or other

persons making or receiving payment to and from the Club.

 

Electronic format. On password-protected PCs of specific club officers –Treasurer.

On secure financial data server of club website payment provider Go Cardless, separated from application server by multiple firewalls.

Managing the club’s finances in the most secure and effective way.

 

Ensuring members & other persons receive payment for the provision of services rendered to the club.

 

Ensuring the club receives payment.

 

Performing the Club’s

contract with

the Member, other persons and tradesmen.

 

Names & email addresses of Members registered to play in the Two Counties Cricket Championship.

3rd party use. Held electronically on ECB Play Cricket website as part of the player registration rules of the Two Counties Cricket Championship.

For the official registration of players participating in the Two Counties Cricket Championship.

For the purposes of

the legitimate interests of the Two Counties Cricket Championship.

 

 

 

 

 

 

3. How we protect your personal data

 

3.1

We will not transfer your personal data outside the EU without your consent.

 

3.2

We have implemented generally accepted standards of technology and operational

security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction.

 

3.3

Please note, however, that where you are transmitting information to us over the

internet this can never be guaranteed to be 100% secure.

 

3.4

For any payments which we take from you online we will use a recognised online secure payment system.

 

3.5

We will notify you promptly in the event of any breach of your personal data which

might expose you to serious risk. If you or the Club believes that there has been any breach of your personal information held by the Club, we will notify the Information Commissioner’s Office within 72 hours of being made aware of the breach.

 

 

4. Who else has access to the information you provide us?

 

4.1

We will never sell your personal data. We will not share your personal data with any

third parties without your prior consent (which you are free to withhold) except where

required to do so by law or as set out in the table above or paragraph 4.2 below.

 

 

5. How long do we keep your information?

 

5.1

We will hold your personal data on our systems for as long as you

are a member of the Club and for as long afterwards as is necessary to comply with our legal

obligations. We will review your personal data every year to establish whether we

are still entitled to process it. If we decide that we are not entitled to do so, we will

stop processing your personal data except that we will retain your personal data in

an archived form in order to be able to comply with future legal obligations, e.g.

compliance with tax requirements and exemptions, and the establishment exercise

or defence of legal claims.

 

5.2

We securely destroy all financial information once we have used it and no longer

need it.

 

 

6. Your rights

 

6.1

You have rights under the GDPR:

 

(a) to access your personal data

(b) to be provided with information about how your personal data is

processed

(c) to have your personal data corrected

(d) to have your personal data erased in certain circumstances

(e) to object to or restrict how your personal data is processed

(f) to have your personal data transferred to yourself or to another business in

certain circumstances.

6.2

You have the right to take any complaints about how we process your personal data

to the Information Commissioner:

 

Website: https://ico.org.uk/concerns/

Tel: 0303 123 1113

Address:          Information Commissioner's Office

Wycliffe House

Water Lane

Wilmslow

Cheshire SK9 5AF

 

For more details, please address any questions, comments and requests regarding our data

processing practices to Gary Wiles, Hadleigh Cricket Club’s Data Protection Manager: gdwiles@btinternet.com.