Background

When Drumcondra AFC –the Club- collects annual membership subscriptions it collects data that helps it maintain its football activities and related health and safety and club development activities. The Club will only ever look for necessary information from members (and parents/guardians knowingly acting on behalf of a child under 18 years of age. Such information will most usually be player name, date of birth, contact number/email and health conditions.

Once the Club collects such information it is subject to Data Protection requirements set down in law (1988 and 2003).

Data Protection laws place an onus on the Club to:

  1. Obtain and process information fairly;
    2. Keep it for one or more specified, explicit and lawful purposes;
    3. Use and disclose it only in ways compatible with these specified purpose(s);
    4. Keep it safe and secure;
    5. Keep it accurate, complete and up-to-date;
    6. Ensure that it is adequate, relevant and not excessive;
    7. Retain it for no longer than is necessary for the specified purpose or purposes; and
    8. Give a copy of his/her personal data to an individual when requested.

 

General Considerations

  • The Club will provide the relevant Club coach with the given contact name and number of each player in order to facilitate training and matches and, where necessary, other club activities.
  • The Club cannot use the information for purposes other than running the club. The Club will not pass your details to a third party, such as a private company, without your express consent.
  • All contact from the Club must also be made with the parent/guardian of any player aged under-18.
  • You have the option to have your details removed from the database and the Club will do so no more than 40 days after you request this.
  • Once a member has been removed from the Club database their contact details cannot be used again by the Club.
  • The Club will review data at least once a year to ensure that it is correct, this will coincide with renewal of memberships. Consequently, any data not still in use for membership purposes at that point in time will be destroyed.
  • The Club uses an online facility to handle all memberships completed online. This is provided by Easy Payments Plus for the 2017-18 season.
  • All membership subscriptions completed online will result in the recording of credit/debit card details, name and address and other details provided.
  • The Club must ensure that all information provided with a membership payment made online is held by Easy Payments Plus in accordance with Data Protection requirements.

 

Breaches

  • A breach of Data Protection arises when an incident of risk of personal data being disclosed, lost, destroyed or altered occurs.
  • If this happens the Club must consider notifying the affected member(s) and/or parents/guardians.
  • Where the Club is concerned about the nature of a (likely) breach it will also inform the Office of the Data Protection Commissioner no later than two days after becoming aware of the breach.
  • The Club will look to determine the amount and nature of personal data compromised, act to secure and/or recover the personal data, aim to limit damage and distress to those affected, compile a chronology of the events leading to the loss and determine what measures can be taken to prevent repetition of the loss
  • Keep a summary record of each incident of loss and any reason for not informing the Office of the Data Protection Commissioner about the matter.

 

Rights and Obligations of Members and their guardians

  • A member can request a copy of all of the information about them held by the Club in what is called a ‘Subject Access Request’. Any such request must be made in writing.
  • Each Request of the Club will incur a fee of €5.
  • The Club must provide the material sought in a Request within 40 days from the date of receipt of the Request.
  • All members undertake to inform the Club of any changes in personal data of relevance to club membership.
  • A member has the right to correct, modify or remove the personal information the Club holds about them. All such requests must be made in writing and will not incur a fee.

 

Complaint Procedure

  • Where a member wishes to complain about a Data Protection issue the following mechanism has been put in place:
    • A member will contact the Club (by email or in writing) setting out the complaint. This will list the (approximate) date of the grievance, identify any Club personnel involved and what occurred.
    • The Club will provide the member with an initial response within 10 days. 

 

Queries

  • All queries about this policy should be directed to the Secretary of Chair of the Club whose details are posted on the Contacts page of the Club website www.drumcondrafc.com.