The Bowls Club is bound by data protection laws and the data protection policy put in place by GVH.
We have guidance in place to prevent unauthorised or unlawful processing of personal data, unauthorised disclosure of personal data or accidental loss of personal data.
WHAT INFORMATION DOES THE BOWLS CLUB COLLECT?
For membership purposes, we collect name, address, telephone number, email.
If you wish to play competitively, the above information and your date of birth will be needed to obtain British Crown Green Bowling Association (BCGA) and Cheshire County Bowling Association (CCBA) numbers.
We may also take pictures at Club events.
HOW WE USE THE INFORMATION YOU GIVE US
Some or all of your information (including any number allocated by the BCGBA or CCBA) may be shared with the Leagues you choose to play in as a requirement of registration.
We will use your email and/or telephone number to communicate with you about Club policies and events.
Captains of teams may circulate contact details so that members may communicate with one another regarding team business, including matches, car-sharing etc.
We may use pictures taken at events to publicise the Club on our website and on Facebook.
You may opt out of the sharing of your details within the Club and of the use of your image. Please write to [email protected] if you wish to do so.
OPERATIONAL GUIDANCE
All members are personally responsible for processing and using personal information in accordance with the Data Protection Act and GDPR, no matter how it is collected, recorded or used. This applies whether or not the information is held on paper, in a computer or recorded by some other means eg tablet or mobile phone.
Consider whether an email (both incoming and outgoing) will need to be kept as an official record. If the email needs to be retained, it should be saved into the appropriate folder or printed and stored securely.
Emails that contain personal information no longer required for operational use, should be deleted from the personal mailbox and any “deleted items” box.
When sending emails out to more than one member, always used blind copy (bcc) unless you have permission from all concerned.
Paper records
Store records securely in a locked box or cabinet.
Do not make more copies than you need and only distribute copies to those who need to access the information.
Destroy paper copies once the information is no longer required for operational use.
Phone Calls
Phone calls can lead to unauthorised use or disclosure of personal information and the following precautions should be taken:
- Personal information should not be given out over the telephone unless you have no doubts as to the caller’s identity and the information requested is innocuous.
- If you have any doubts, ask the caller to put their enquiry in writing.
- If you receive a phone call asking for personal information to be checked or confirmed be aware that the call may come from someone impersonating someone with a right of access.
Laptops and Portable Devices
All laptops and portable devices that hold data containing personal information must be protected by a password.
Ensure your laptop is locked (password protected) when left unattended, even for short periods of time.
When travelling in a car, make sure the laptop is out of sight, preferably in the boot. If you have to leave your laptop in an unattended vehicle at any time, put it in the boot and ensure all doors are locked and any alarm set. Never leave laptops or portable devices in your vehicle overnight.
Do not leave laptops or portable devices unattended in restaurants or bars, or any other venue. When travelling on public transport, keep it with you at all times, do not leave it in luggage racks or even on the floor alongside you.
Data Security and Storage
Store as little personal data as possible on your computer or laptop. Only keep those files that are essential. Personal data received on disk or memory stick should be saved to the relevant file on the server or laptop. The disk or memory stick should then be securely returned (if applicable), safely stored or wiped and securely disposed of.
Information should be stored for only as long as it is needed or required by statute and will be disposed of appropriately. For financial records this will be up to 7 years. Archival material such as minutes and legal documents will be stored indefinitely. Other correspondence and emails will be disposed of when no longer required.
Passwords
Do not use passwords that are easy to guess. All your passwords should contain both upper and lower-case letters and preferably contain some numbers. Ideally passwords should be 6 characters or more in length. Protect your password – do not give the password out or write it down and leave it near your device.
CHANGE LOG
Version 2 – 21 March 2024 – Updated to reflect all members, not just Committee. Insert of paragraphs about the information collected and how it is used and the ability to opt out.
Version 1 – 30 June 2021 – Adopted