Angling Coaching Initiative (ACI)
The Angling Coaching Initiative (ACI) needs to collect information about individuals that come into contact with the Club either as Board Members, Coaches, Volunteers, Students or guests. This personal information must be collected and dealt with appropriately whether is collected on paper, stored in a computer database, or recorded on other material and there are safeguards to ensure this is in accordance with the General Data Protection Regulation 2016 which replaces the Data Protection Act 1998 fully on the 28 May 2018. The ACI as a not for profit organisation does not need to register with the Information Commissioner but is required to adhere to the Principles of Data Protection, as detailed in the Data Protection Regulation.
The Club is also required to publish a Privacy Notice which is a legal document that discloses the ways in which it gathers, uses, discloses and manages member's data. It fulfils a legal requirement to protect a member's privacy under the Data Protection Regulation.
Your personal data - what is it
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the Data Controller's possession or likely to come into such possession.
Who we are
When we say ‘we’, we are referring to Angling Coaching Initiative (ACI) made up of Board Members, Coaches, Volunteers, Students or guests who have joined the Club or as guest members and is governed by the ACI Management Board elected by those members at an Annual General Meeting.
The Chairman of the club is deemed to be the Data Controller for ACI. The Data Controller is the person who in consultation with the Committee of the Club who decides what personal information the Association will hold and how it will be held or used.
The information we collect
We collect information from member's primarily from the application form individuals complete to join us. The information is retained in a database maintained by the Data Controller. The data is updated as each individuals joins or rejoins the Club. Past members details are held as part of that individuals record of membership with the Club and is updated when and if the individual rejoins.
The following information is held in the member's database; name, address, landline number, mobile number, email address, date of birth for intermediate and junior members, membership category, where joined and a record of any disciplinary action taken by the Committee for rule infringements. We also hold all the data collected from the completed Parental Consent Form’s, The Adult Consent Forms, and the Volunteer & Coach Consent Form’s. These forms also give or withhold permission to use photos for our angling publicity purposes.
How we use your data
We will only use your information where we’re allowed under the Data Protection Regulation because we have a legitimate interest or where you agree to it or when fulfilling a legal obligation
We use the information to record your current or past membership of the Club and to keep you informed of the activities of ACI, for example, by sending you a Newsletter or notice of up coming events If you have supplied an email address then we will send all communications by email including updates in year about our activities and information about our coaching events.
Who we share your information with
Information contained in the member's database is not shared with any third party apart from our legal requirements to gather information for Environment Agency rod licence waivers at events, our legal requirement to submit data to Sport England to validate our Grant/s from them, and to submit data to Angling Trust to validate our Grant/s from them.
An extract of the member's database is made available to Coaches and Volunteers only on a “ need to know” basis for those attending coaching days etc. An extract of the database showing that a member's disciplinary record exists is also made available to Coaches and Volunteers if this was ever deemed necessary
Any document files emailed between officials are password protected.
How long we’ll keep your information
Currently we keep a record of members in the database started in 2017 This enables us to identify the length of membership with the Club and any relevant information.
Paper records containing personal data, for example, application forms, are physically destroyed after three years by the Data Controller
Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -
· The right to request a copy of your personal data which the Association's Data Controller holds about you;
· The right to request that the Data Controller corrects any personal data if it is found to be inaccurate or out of date;
· The right to request your personal data is erased where it is no longer necessary for Data Controller to retain such data;
· The right to withdraw your consent to the processing of your data at any time. However, that would you require you to forgo your membership of the Club and return your membership card to the Data Controller
· The right to request that the Data Controller provide the data subject with his/her personal data.
· The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
· The right to lodge a complaint with the Information Commissioners Office
8th May 2018
Data Protection Policy and Privacy Notice
Angling Coaching Initiative (ACI) needs to collect information about individuals that come into contact with the Association either as coaches, Volunteers, or students, or as guests. This personal information must be collected and dealt with appropriately whether is collected on paper, stored in a computer database, or recorded on other material and there are safeguards to ensure this is in accordance with the General Data Protection Regulation which replaces the Data Protection Act 1998 fully on the 28 May 2018. The KDAA as a not for profit organisation does not need to register with the Information Commissioner but is required to adhere to the Principles of Data Protection, as detailed in the Data Protection Regulation..
Officials, Board members, Coaches and Volunteers who have access to personal information, will be expected to read and comply with this policy
2. Principles of Data Protection
Specifically, the Principles require that personal information:
a) Shall be processed fairly and lawfully and, in particular, shall not be processed unless specific conditions are met,
b) Shall be obtained only for one or more of the purposes specified in the Act, and shall not be processed in any manner incompatible with that purpose or those purposes,
c) Shall be adequate, relevant and not excessive in relation to those purpose(s)
d) Shall be accurate and, where necessary, kept up to date,
e) Shall not be kept for longer than is necessary
f) Shall be processed in accordance with the rights of data subjects under the Act,
g) Shall be kept secure by the Data Controller who takes appropriate technical and other measures to prevent unauthorised or unlawful processing or accidental loss or destruction of, or damage to, personal information,
h) Shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of Individuals/Service Users in relation.
3. Applying the Data Protection Act
The Chairman of ACI is deemed to be the Data Controller for the Club. The Data Controller is the person who in consultation with the Committee of the Club and decides what personal information the Association will hold and how it will be held or used
He/She will through appropriate management and strict application of criteria and controls:
· Observe fully conditions regarding the fair collection and use of information
· Meet the Club's legal obligations to specify the purposes for which information is used
· Collect and process appropriate information, and only to the extent that it is needed to fulfill its operational needs or to comply with any legal requirements
· Ensure the quality of information used
· Ensure that the rights of people about whom information is held, can be fully exercised under the Act. These include:
o The right to be informed that processing is being undertaken,
o The right of access to one’s personal information
o The right to prevent processing in certain circumstances and
o The right to correct, rectify, block or erase information which is regarded as wrong information)
· Take appropriate technical and organisational security measures to safeguard personal information.
· Treat people justly and fairly whatever their age, religion, disability, gender, sexual orientation or ethnicity when dealing with requests for information
· Set out clear procedures for responding to requests for information
4. Data Security
Information and records relating to members will be stored securely and will only be accessible to authorised officials of the Club.
Information will be stored for only as long as it is needed and will be disposed of appropriately.
Any Word or Excel files that contain personal data that are emailed between officials should be password protected.
Paper records containing personal data, for example, application forms, will be physically destroyed after three years by the Data Controller
Officials holding any member's personal data and Association information should ensure such data is non-recoverable from any computer system or mobile device used within the organisation, which is passed on or sold to a third party.
5. Data Access
All members have the right to access the information the Association holds about them and any request for such information should be provided within one month of the date of the request.
6. Privacy Notice
The Association is required to publish a Privacy Notice which is a document that sets out the ways in which it gathers, uses, discloses and manages member's data. It fulfills a legal requirement to protect a member's privacy under the Data Protection Regulation.
Reference; the new UK data privacy law, comes into effect on 25th May 2018
Under the new General Data Protection Regulation Act (EU Regulation 2016/679) data protection and privacy is regulated for all individuals within the European Union and includes all export of personal data outside of the EU. In short, GPDR gives you control over your own personal data and so we need to ensure that you are happy for us to contact you electronically and verbally.
Angling Coaching Initiative and Angling Trust will never share your details with third parties without your specific consent in writing. We will only use your details to communicate with you news and information relating to our organisations, coaching and services.
If you wish to opt out of receiving correspondence from us and/or
Angling Trust please notify us by return email or post.