Northern Football Club Data Protection Policy.
1.1 This policy provides details of how Northern Football Club (NFC) will collect and process personal data of individuals connected with NFC sporting or social activities.
1.2 Northern Football Club will ensure data is processed and stored in accordance with the requirements of the General Data Protection Regulations 2018 (GDPR) six principles –
- Fair Lawful and Transparent
- Legitimate purpose
- Adequate, relevant and limited
- Accurate and up to date
- Kept no longer than necessary
- Kept secure.
2. What Personal Data Do We Collect?
2.1 Data stored will be relevant to NFC business/sporting activities. This data will be
minimal but legitimately required.
2.2 Personal data means any information capable of identifying an individual.
2.3 Including –
- Identity Data supplied at the time of joining NFC in its aforementioned capacity.
- Contact data supplied as above.
- Technical Date, this can include e-mail address, username and password details when engaging with NFC web based applications.
- We will not collect individual sensitive date - Sensitive data refers to details regarding race, ethnicity, religious beliefs, sexual orientation.
3. Data Storage.
3.1 NFC will process and store data required to conform to legal obligations such as health and
safety, employment and accountancy records.
3.2 Data will only be retained securely for as long as is deemed reasonably necessary.
3.3 Access to data will only be by individuals with a legitimate purpose for doing so.
3.4 Access requests to data and the purpose will be will be recorded at the storage location.
3.5 NFC Clubhouse has an integrated CCTV system installed for the purposes of crime prevention
Safeguarding and Health and safety. Notices detailing the presence of CCTV are displayed
throughout the clubhouse. The system complies and is registered with the ‘Information
3.6 CCTV data if not required for whatever purpose will be deleted after 28 days.
4. How We Use Your Personal Data.
4.1 NFC will only use your personal data within accepted legal guidelines. The most common use of personal data will be –
- To register individuals as members of sporting/social activities of NFC.
- To deliver relevant promotional content regarding NFC events.
- Third party ‘legal requirements’ if required.
- NFC will not, without individual express consent, supply personal information to any third party for marketing purposes.
5. Rights Of Access.
5.1 Data subjects have the right to access the data stored by NFC. A request to access data must be sent to NFC Club Office in writing. An official response to any request will be provided within 30 days or sooner if possible.
5.2 NFC members can access the relevant GDPR legislation at – http://www.legislation.gov.uk/ukpga/2018/12/contents/enacted
6. NFC Review Process
6.1 NFC is committed to complying with all all legal requirements as they apply to GDPR. In doing so following control activities will be implemented –
- NFC will appoint a Data Protection Officer.
- Data protection will be a standing item on NFC Executive Meetings (NFC Governing Body)
- The Data Protection Policy will be reviewed annually.