HOW WEY PROTECT YOUR DATA
The UK General Data Protection Regulations, or UK GDPR, seeks to provide protection of individuals' data and puts the onus on data holders to hold it legitimately, accurately and securely. Various senior members of the Club have investigated what is required, and as a result, we (along with all clubs and businesses) have reviewed and improved our data handling processes, continually seeking input and ways to improve and ensure compliance.
WHY WE HOLD DATA
We hold data on members to enable us to manage the Club business and financial affairs, to arrange coaching and training sessions, to keep in touch with rowing news and notices via our e-newsletter, 'By The WEY', to correspond with members and provide information to the national governing body, British Rowing.
WHAT DATA WE HOLD
We hold information such as the member's name, date of birth (so we can manage age group related activities), phone number and email (if given), parental (for Juniors) and emergency contact information (phone, email), home address, school (Juniors) or occupation (Seniors), medical (for safety reasons), and the date of a capsize drill.
If a junior member goes away on a training camp, we may need additional data, although very often the data we request is the same we have already, but need to it is up-to-date. Some data, such as a passport number, is held for the duration of the camp only.
We will also have to share some data with outside persons, such as informing an accommodation provider or restaurant, where members have allergies or other dietary requirements.
CAN CONSENT BE ASSUMED?
Consent requires a positive opt-in, i.e. we do not use pre-ticked boxes or any other method of default consent. In the intervening years since the original GDPR came in to effect (2018), we have made a point of asking for specific consents, namely, as part of our membership application, change of membership (type/details), and renewal processes.
If people provide data to a club they must reasonably assume that the data will be used. It is how the data is used and where it is held that was tightened up, under something called 'legitimate interests' - essentially, if we (the club) need the data to provide a service to you (the member) and we can't do it without your data, then consent can be assumed.
For example, a phone number for a parent of a junior member needs to be held so that they can be contacted in the event of an emergency. Similarly, if parents and/or members are expecting communications about events, training, etc. an email address is the best way to receive such communications.
WHAT WE DON'T DO
We will neither sell your data nor allow it to be used for other reasons, e.g. as a sales tool.
WHERE WE HOLD YOUR DATA
Member data is held 'in the Cloud', using a blend of the 'best bits' of Wix.com and Google, with Make (for integrations and automations), Trello (for workflow management), and Stripe (for online payments).
This setup affords us, as volunteers, effective and secure means of communicating with members, as well as managing personal details and meeting the needs of our various squads, at the same time, saving an immeasurable number of valuable volunteer hours.
British Rowing (our national governing body) have developed a GDPR-compliant membership system. We use this system for administering our club affiliation, boat licences, and member racing licence information.
WHAT IF I WANT MY DATA DELETED?
We do understand any former member wishing to have all their data deleted from our system – please read on below... However, if you are a current member, this could prove to be a problem and severely limit our ability to communicate effectively with you, for those reasons stated above ('Why we hold your data', above).
I USED TO BE A MEMBER, WHAT HAS BEEN DONE WITH MY DETAILS?
For former members, we have reviewed the couple lists held on past members and having anonymised the data, we keep only the data that helps us determine why members leave and for how long they were a member.
WHAT IF I HAVE A GDPR-RELATED QUESTION?
Whilst we are not experts, we have taken the time and some sound advice from experts and wish to assure you we do our utmost to protect your data.
We hope this information has been of help, but of course, feel free to contact us with your data request or other query. The Membership Secretariat are able to give any initial response within 48 hours.
Full details of our data protection policy are given below, along with some advice for staying safe online:
WHY WEY USE WEBCAMS
We are required to provide a notice, such as this, informing club members and the general, passing public that we have webcams installed, and why we do. It is highly unfortunate that we should have to, but we have installed securely (both software and hardware) and make use of two webcams to be able to target any necessary response to reports or suspicions of vandalism, theft and, in accordance with arrangements with our landlord, control access and prevent trespassing.
A further application of our webcam installation is to provide a reasonable level of assurance on the safety and security for all those attending or visiting our shared island location.