What is GDPR?
The General Data Protection Regulations (GDPR) will come into effect on 25 May 2018 and will replace the Data Protection Act (DPA). Legal advice suggests that GDPR does not present a drastic overhaul to the current DPA framework but rather, it plugs gaps, or strengthens existing rights and obligations and defines certain concepts more precisely.
Therefore, if your organisation is compliant with the DPA this will put you in good stead for the move across to GDPR. It does however significantly increase the fines for failing to comply. It’s worth highlighting the basic principles of the original Data Protection Act which remain in place and which should continue to provide the basis for the way you manage people’s data.
– Data must be used fairly and lawfully
– Used for limited, specifically stated purposes
– Used in a way that is adequate, relevant and not excessive
– Accurate and kept for no longer than is absolutely necessary
– Handled according to people’s data protection rights
– Kept safe and secure
– Not transferred outside the European Economic Area without adequate protection
Does this apply to our club/association?
The GDPR applies to you if you collect any personal data in running your club/association (which you definitely will do if you have any members). This includes searchable paper records. GDPR refers to data controllers (those who own and control the data) and data processors (anyone who processes data on behalf of a data controller).
The Birmingham Lions have been working tirelessly to ensure that we are GDPR compliant and improving our data processing activities,. policies and procedures for our members. Below you will find our most up to date Data Protection Policy, Privacy Notices for our Members and updated Membership Application Form. If you have any questions required any of the below policies please contact email@example.com