Without a centralised, dedicated system in place, achieving GDPR compliance is going to be tricky for any club. With so many members coming and going - who knows what or even where all the data is stored! Don't put your club at risk, start preparing for GDPR now.
What does my club need to do to become compliant?
Understand what personal data you hold, what you do with it, where it came from and who processes it.
Obtain consent from members if you intend to send any marketing communications (this can include newsletters). Consent needs to be as easy to withdraw as it is to give.
Create or update a Privacy Policy that outlines your procedures for capturing, storing & processing personal data. There are some specific GDPR requirements you'll need to consider.
Only capture & store relevant information for your club
Be able to provide the member with access to all personal data you hold on them without delay
Be able to delete all personal information held at a members request
Provide the member with the ability to update any incorrect personal data you hold
Have specific processes in place when processing personal data for Children (under 13). This may include a clear, easy to read privacy notice. Consent for marketing cannot be taken from Children.
How can ClubRight help? 😃
Implementing ClubRight cannot guarantee GDPR compliance, no software platform can, but we do have some features that make it much simpler to achieve. ClubRight can help by providing:
A simple, secure database to capture and store all personal data in one place, accessible to approved club personnel from anywhere.
An option for members to give or withdraw their consent online.
A real-time filterable database of members and their consent status
An online membership form that only captures personal data relevant to your club.
The ability for approved club personnel to delete all personal data.
A secure audit trail of user access
Peace of mind that all data is securely stored at the highest level of security
A 24/7 self-service membership portal that empowers the member to:
Access & view the personal data you hold on them.
Update any incorrect personal data
Give or withdraw their marketing consent
What ClubRight can't help with 👎
Your clubs Privacy policy is unique to your club and you will need to create one that represents your clubs needs. We recommend that you seek independent legal guidance to protect your club.
Any data captured outside of ClubRight. We highly recommend that data is only stored in ClubRight. The more locations you use to store data, the harder it will be for you to maintain compliance. It's harder to track and ultimately you'll be placing your club at a higher risk of a data breach.
Legal advice. We are not legal professionals and do not pretend to be. The information we provide is designed to be useful for clubs preparing for GDPR compliance and is not a direct replacement for independent legal advice. ClubRight Limited accepts no responsibility or liability for the accuracy of the information presented. Please seek your own legal advice.
In a nutshell:
Stop using paper, spreadsheets & out of date, insecure systems ❌
Create or update your clubs Privacy policy ✅
Start using ClubRight 👍
Also see
What is GDPR?
Useful external resources
GDPR Portal
ICO - GDPR definitions
ICO - 12 Steps to GDPR
ICO checklist for GDPR compliance