The EU General Data Protection Regulation (GDPR) will come into force from 25 May 2018, when it replaces the current UK Data Protection Act 1998. This regulation significantly increases the obligations and responsibilities for all organisations and business in how they collect, use and protect personal data. It expands the rights of individuals to control how their personal information is collected and processed, and places a range of new obligations on organisations to be more accountable for data protection.
Tennis Clubs will process individual personal data in nearly all their activities. This includes data about employees, volunteers, players, members, website/app users and more. It is important that Organisations are fully transparent about how they are using and safeguarding personal data and can demonstrate accountability for their data processing activities.
If you hold information that could be used to identify a living individual (such as contact details sent in via a Membership Application Form, booking enquiries sent via a website or transaction details recorded in the club) then you will need to consider the impact of data protection legislation on how you handle that information – this will be different from club to club.
Guidance for Clubs can be found on Clubserve
Please also refer to the International Commissioner’s Office (ICO) website for further information and can be accessed via the link below.
ICO Guide to the General Data Protection Regulation (GDPR)