As you may be aware, General Data Protection Regulations (GDPR) will come into effect on 25 May 2018.
GDPR will replace the Data Protection Act 1998 (DPA), however, many of the GDPR’s main concepts and principles are much the same as those in the current (DPA).
Therefore, broad compliance with the DPA will remain valid under GDPR.
Clubs and counties are recommended at this stage is to ensure that they are compliant with the DPA.
All clubs face data protection questions. Swim England has a range of data protection guidance for clubs to help.
As a club you need to understand how the Data Protection Act affects you. It is the law and non-compliance can lead to complaints being made to the Information Commissioners Office (ICO).
The eight principles of the Data Protection Act are:
- Fair and lawful processing of personal data
- Processed for specified, lawful and compatible purposes
- Adequate, relevant and not excessive
- Accurate and up to date
- Not kept for longer than necessary
- Processed in accordance with the rights of the individual
- Processed with appropriate security.
- Not transferred outside the European Economic Area without adequate protection.