WYJC Dojo, Hilton Hall Community Centre, Hilton Road, Lanesfield, Wolverhampton, WV4 6DR, UK. Established in 1973. Copyright © 2020 WYJC all rights reserved. e&oe
General Data Protection Regulations
Updated 21st May 2018. Below is our GDPR Policy Statement & Policy Document.
Changes to personal data laws (re: GDPR) from 25th May 2018 mean that we need your consent for us to keep your contact data and for us to contact you for any reason in the future. The sort of data requested by us includes:
Contact details of members & participants, so they can be informed about activities, events, closures, etc. Including; emergency contact information / next of kin incase of an emergency, permissions for first-aid, photographs & video, and consent of members and parents for participation, training, competitions, activities & events etc. with regards safe-guarding procedures and health & safety.
We promise to keep your details secure and only contact you with essential, relevant details & information that we may need to share with you from time to time. Should you change your mind at any time, you can simply contact us to update your preferences. But, if you do not give your consent, we will no longer be able to keep your data and therefore you will no longer receive emails or texts from us.
Please respond by text or email confirming that you give your consent / permission to add your data to our new GDPR records. Our contact email address is email@example.com or text to 07765 709 716. Thank you.
Ni-Co Coaching Partnership & Wolverhampton Youth Judo Centre
(and all of our outreach / satellite partner Schools Judo Clubs)
Data Protection Officers are: K.Jones & D.Cox.
Register of Systems
A register of all systems or contexts in which personal data is processed by the Company.
Reasons For & Use of Data
All data collected & maintained for the purpose of contacting members, clients, customers and parents (of children who attend sports and/or educational training sessions / classes), when dealing with individual’s details that are required for public health and/or safeguarding issues and as emergency contact details.
Duration Data is to be Kept, Reviewed and/or Deleted
All data will be kept safely & securely and not be shared with any third parties or persons (except when required by law) and shall be reviewed annually. Data will be updated annually and will be deleted when the Company no longer has a contractual and/or legal right to hold data. Personal data (of members, clients, customers, parents of children, and children) will be deleted upon request (with the exception of data required by law for public health and/or safeguarding issues and/or making or defending a legal claim).
Rights of Persons, i.e. Members, Clients, Customers, Parents of Children (and Children & Vulnerable Adults)
We recognize and accept the rights of individuals, groups & companies regarding such data and the way they are regulated and applied: i.e. The right to be informed, the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object and the right not to be subject to automated decision-making including profiling.
The Company is committed to processing data in accordance with its responsibilities under the GDPR.
Article 5 of the GDPR requires that personal data shall be:
· processed lawfully, fairly and in a transparent manner in relation to individuals;
· collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
· adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
· accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
· kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.”
· This policy applies to all personal data processed by the Company.
· The Responsible Person(s) shall take responsibility for the Company’s ongoing compliance with this policy.
· This policy shall be reviewed annually.
· To ensure its processing of data is lawful, fair and transparent, the Company shall maintain a Register of Systems and this Register of Systems shall be reviewed annually.
· Individuals have the right to access their personal data and any such requests made to the company shall be dealt with in 14 days.
· All data processed by the company must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task or legitimate interests.
· The Company shall note the appropriate lawful basis in the Register of Systems.
· Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
· Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available and systems should be in place to ensure such revocation is reflected accurately in the Company’s systems.
The Company shall ensure that personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
· The Company shall take reasonable steps to ensure personal data is accurate.
· Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date.
· To ensure that personal data is kept for no longer than necessary, the Company shall put in place an archiving policy for each area in which personal data is processed and review this process annually.
· The archiving policy shall consider what data should / must be retained, for how long, and why.
· The Company shall ensure that personal data is stored securely using modern software that is kept-up-to-date.
· Access to personal data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.
· When personal data is deleted this should be done safely such that the data is irrecoverable.
· Appropriate back-up and disaster recovery solutions shall be in place.
If you have a concern about the way we are collecting and/or using your personal data, we ask that you raise your concern with us in the first instance, by contacting our Data Protection Officers (contact details above).
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, the Company shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the ICO
END OF POLICY
General Data Protection Regulations (GDPR) Policy Statement & Contact details 2018
Record of Processing Activities:
Data Protection Officers are: K.Jones & D. Cox (email us at : firstname.lastname@example.org or text to 07765 709 716. Thank you).
Purpose of Processing
· To obtain contact details of members so they can be informed about activities, events, closures, etc.
· Emergency contact information and next of kin incase of an emergency.
· Permissions for first aid, photographs, video to be used on social media.
· Consent of parents for participation, training, competitions, activities & events etc. with regards safe gaurding procedures and health & safety.
Categories for data subjects and the personal data collected
· Adult members 16 years of age (and over).
· Child members under 16 years of age (data completed by parents).
· Personal data; Surname, Forename, DOB, Home address, Telephone numbers, Two emergency contacts, consent for photos/video, etc.
· Sensitive personal data; Medical details, consent for first aid
Transfer of personal data
· Data may be shared with other members of the committee who need to contact members directly. Data will be shared securely using password encrypted files.
· Data will not be shared with any third parties or other members of the company not on the committee.
· Data will be stored in paper form in a securely lock cupboard accessible only by the Data Protection Officers (listed).
· Electronic data will be stored using password protected documents on an un-networked computer.
· Company members, clients, customers and parents of children can ask for the data that we hold or for it to be deleted at any time (A few exceptions do occur such as when individual’s details are required for public health/safeguarding issues and/or making or defending a legal claim). This will be done within 14 days.
· Any Backups of data will be stored on an external drive which will be kept in a securely locked cupboard.
· There is no obligation for the company to register the data we hold with the ICO.
Archiving and Erasure of information
The data that we hold as a Company will be reviewed annually.
For members who continue with the Company the following year data will be checked and updated to ensure all data is accurate (i.e contact details, emergency numbers and/or changes in medical conditions or personal details such as address, etc.). Unnecessary sensitive personal data will be deleted and personal data (such as names and contact details) will be stored for 5 years in order to keep members up to date with new information (after five years of non-activity all data will be deleted (including electronic data and/or any paper records which will be shredded and destroyed). New records will be stored as specified in the Record of Processing activities.
New members, clients, customers and parents of children (and those who have requested deletion of data) must apply and complete new membership forms / consent forms each year.
Terms & Conditions of using this web site 2020. The use of this web site is subject to the following terms and conditions:
(1) The content of the pages of this web site is for your general information and use only and is subject to change without notice.
(2) Neither we nor any third parties provide any warranty or guarantee as to the accuracy, completeness, suitability, timeliness, performance, information and/or material found, offered or described on this web site for any particular purpose. You acknowledge that such material and/or information may contain errors and/or inaccuracies and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by Law.
(3) Your use of all & any material and/or information on this web site is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this web site meet your specific requirements.
(4) The material contained on this web site is owned by us and/or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance, graphics and photographs. And as such; is subject to copyright law, with ALL rights reserved by the copyright owner. Therefore, reproduction of material in any form, is prohibited other than in accordance with the copyright notice, which forms part of these terms & conditions.
(5) ALL Trademarks and/or Company Logos reproduced in this web site which are not the property of, or licensed to, the operator are acknowledged on the web site (and have links to those web sites sited).
(6) This website may include links to other web sites. We have no responsibility for the content or opinions of linked web sites and are provided for your convenience and information only. They do not signify or imply our endorsement of material and/or opinions contained or expressed on such web sites.
(7) Your use of this web site and any dispute arising out of such use of the web site is subject to the Laws of England, Scotland and Wales. Unauthorized use of this web site may give rise to a claim for damages and/or be a criminal offence.
(8) No part of this web site may be copied, in any form without the permission of WYJC / us, subject to copyright law, with ALL rights reserved by the copyright owner.
Copyright © 2018 - 2020 wyjc. All rights reserved(e&oe).
WYJC Dojo, Hilton Hall Community Centre, Hilton Road, Lanesfield, Wolverhampton, WV4 6DR, UK. Established in 1973. Copyright © 2018 WYJC all rights reserved. e&oe