GDPR FAQ’s

To download the GDPR FAQ`s click here

Q. What changes do I need to make within our club?

A. Your club should be practicing the following:

  • One person in charge of any membership data (e.g. Club Secretary) or clearly defined who needs access to the data and rationale behind that decision
  • Storage of this information in a secure place (not in multiple locations) (e.g. Club Secretary Laptop)
  • Not printing out Membership data unless absolutely necessary (Names Only)
  • Only taking data that is relevant
  • Identifying how long you need to retain this information for
  • No mass e-mails where people can see other personal data (BCC in emails)
  • No passing of members details to third parties

 

Q. What should be on our membership forms?

A. Any future membership forms you can update with the following statement:

‘In Badminton Ireland we take your privacy very seriously and will only use your data to administer your membership, to inform you of  Badminton Ireland’s services and support, and to provide you with services and activities you have requested us to provide. For full details of how we use your data, you can refer to our Privacy Policy which is available on our website.’

If you have not had any information to your members so far, you can update your members that your club is complying with GDPR in line with the Privacy Policy implemented by Badminton Ireland, and direct them to the Badminton Ireland website.

 

Q. Can we print out membership details?

A. No, I would suggest not printing off membership details. You can print off a list of names if needed for checking attendance at club training / competitions. There should be no further information printed off such as emails, date of births etc.

 

Q. What details should I take from our members?

A. Only the information that you need. Name, Address, Email, Phone Number, Gender are examples of personal data that are necessary. Sensitive Personal Data such as Race, Political Opinion would be examples of Sensitive data that does not need to be taken. Medical Information can be asked for but should only be communicated with those who need to know.

Q. Where should we keep membership data?

A. Membership data should only be stored on the Badminton Ireland membership system. If membership details are stored elsewhere, it is outside of Badminton Ireland’s privacy policy and is no longer secure in terms of managing the data. Badminton Ireland would not be accepting liability in the case of a data breach if data is stored elsewhere other than the membership system we operate.

 

Q. Who should have access to data on members?

A. Your Club Secretary and Safeguarding Officer would be primary people within your club who should have this information. You can have other committee members such as Treasurer but your club should put in place robust rationale as to why they need this access to data.

 

Q. I need to contact club members regarding training/club nights on a weekly basis, Can I send out a group text?

A. It would need to be Club Secretary/Match Secretary in this regard. Information gained from members can be used to inform of club activity. You must be vigilant in how this data is used, and is not shared without their consent.

 

Q. What about using WhatsApp Groups to communicate with our membership in the club?

A. Badminton Ireland would advise clubs to avoid using social media groups for in-house membership communication as this shares peoples contact details in many circumstances. You may decide to seek out consent for people to be part of a WhatsApp group so long as they are aware that this will mean their contact information will be shared with other members of the group.

 

Q. What should I do if we have lost information of our members that we had printed off?

A. You should follow the steps set out in the Data Breach Procedures. You must contact Badminton Ireland to inform us of the breach within 72 hours, and from there we can assess the impact of the breach.

 

Q. What should we do in the event of a data breach within our club?

A. You should follow the steps set out in the Data Breach Procedures. You must contact Badminton Ireland to inform us of the breach within 72 hours, and from there we can assess the impact of the breach.

 

CONTACT  US

Badminton Ireland has a National Governance Officer, Conor Fadian, who can advise on any queries that affiliated bodies may have on this topic. Conor can be contacted on the following: 

Email: cfadian@badmintonireland.com     Phone: (086) 0288 555