About this GDPR policy for all club members and staff

This policy explains when and why we, the Boxmoor Social Club, collect personal information about all our members and staff and how we use it; keep it secure and club member’s and staffs rights in relation to it. This includes probationary members, visitors and guests. We will collect, use and store personal data, as described in this Data Protection Policy when people engage in activities at the club. Normally this will be through membership or employment.

We reserve the right to amend this Data Protection Policy from time to time without prior notice. You are advised to check our Club notice board and the clubs website http://www.boxmoorsocialclub.co.uk regularly for any amendments.

We will always comply with the General Data Protection Regulation (GDPR) when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner (www.ico.gov.uk).

Responsible person

For the purposes of the GDPR, The Club Secretary will be the “data controller” of all personal data we hold about Club members, staff and others. The Secretary is responsible for making sure the club complies with the General Data Protection Regulation. (GDPR) We will review personal data every year to establish whether we are still entitled to process it or not.

Member’s and staff rights

You have rights under the GDPR:

  • To access your personal data
  • To be provided with information about how your personal data is processed
  • To have your personal data corrected
  • To have your personal data erased in certain circumstances
  • To object to or restrict how your personal data is processed in certain circumstances
    For more details, please address any questions, comments and requests regarding our data processing practices to the Club Secretary.


Specific use and sharing of personal information

In general, your personal data will only be used for the purposes of membership renewals etc. or staff management and your email and telephone numbers may be used for communication about staff matter, news/work at the club, competition entries/results and other important notices etc. Your personal data will not be passed to anyone else outside the Club and your email address will only be given to someone outside the Club with your permission.

Enquiries and other communications with the club

When enquiring about the Club or staff matters, we may hold your request for details for a period of time to deal with the enquiry. Any emails and other communications with the Club will only be retained for a period of time appropriate to the content or request. Club emails will be purged on a regular basis. People added to a Club waiting list for membership will be informed and asked for permission to store that data at that point.

How we protect your personal data

The Data Controller will process membership and staff employment information electronically and hold all the information on a database on a secure computer. A backup of this information will be held on an encrypted memory device and kept with the data controller. Paper copies of membership information and staff details will be held in a secured locked filing cabinet for probationary members and people on the membership waiting list.

In the unlikely event of a breach of the security of data we will notify members promptly and we will never sell or pass on your personal data.

Request to see your personal information

If you wish to check on the personal data that the club holds please email the Club Secretary to gdpr@boxmoorsocialclub.co.uk and the request will be actioned within 14 days (depending on availability).

Accuracy and retention of data

Each individual member of the club and members of staff are responsible for keeping the Club Secretary informed of changes to their data (e.g. address/telephone number etc. and this will be confirmed/updated at membership renewal and you are at that time authorising the club to hold such data on file.

The data will be kept on the electronic members register for the duration of the membership. Ceased members and staff will have their data permanently deleted from the membership register.

CCTV Images

CCTV is used to record activities at the Club in the interests of safety and crime prevention. All images are stored onsite in a locked cabinet.
The images/data are stored for 31 days and then these are overwritten. For these reasons the information processed may include visual images, personal appearance and behaviours. This information may be about Club members, customers and offenders and suspected offenders, members of the public and those inside, entering or in the immediate vicinity of the area under surveillance.

Where necessary or required this information is shared with the data subjects themselves, employees and agents, service providers, police forces, security organisations and persons making an enquiry. Any complaints which rely on this about theft/bullying/abuse etc. must therefore be made within 31 days of the incident otherwise the images will have been overwritten.

All members and employees of the club should be aware of Annex 4 to the Club's Bye Laws, ‘CCTV Policy’ and the terms and conditions therein. A copy can be found on the Club Notice Board.

Last Updated: January 2019