GDPR in sport software

What’s GDPR for sports clubs all about?



To follow on this page is a full list of the General Data Protection Regulation (GDPR) related resources for people involved with running any type and size of club. However, this info is especially useful if you are involved with running or coaching at a sports club. We’re passionate about GDPR for sports clubs and want to share our knowledge with you and your club.

The FREE information on our website includes guides and templates, as well as simple explanations in plain English of some pretty complex legislation. There’s also the opportunity to hit the ‘gold standard’ of giving your club members control over their own data, which lies at the very heart of GDPR for sports clubs.





And GDPR for small clubs?

Any organisation of any size that collects and uses personal data is subject to the GDPR. Whether a business, a government body, a sports club or a social club or society, GDPR absolutely will apply. Turning a blind eye to it, or simply ignoring compliance requirements, may result in a fine being levied by the Information Commissioner’s Office (ICO) irrespective of how big you are.

As England Athletics point out on their website,

“The GDPR applies to any “data controllers” or “data processors”. Those are technical terms but, in essence, if you collect any personal data in running your club (which you will do if you have any members) then the GDPR will apply to you.”

(Source: England Athletics)

The same is true of any sport. GDPR for small clubs is as relevant as it is to large global multinational companies.





GDPR grass roots sports clubs







GDPR fines for sports clubs



Are there fines for not being GDPR compliant?



Yes, yes there are.

Potentially quite substantial fines at that.

However, as Mike Cherry, FSB National Chairman, said:

“Non-compliance must initially be dealt with in a light touch manner instead of handing down tough penalties. There must be a willingness to play a supportive role in ensuring that small businesses can and are able to comply. The ICO will be critical to creating an environment which focuses on education and prevention and not punishment.”

(Source: FSB)



How does GDPR affect sports clubs?

For any type of club, the main impact of GDPR will be around systems and process involved with collecting, storing and using people’s personal data. This will range from their email address through to personal medial notes. Next of kin information through to safeguarding notes. Most information that is ‘personal’ will fall under the GDPR.

If you follow a clearly defined suggested process (which we’ll give you to help guide you and your club), you will be able to get your club on the road to GDPR compliance and avoid potentially getting into trouble with the ICO.

As part of this, you must think about what personal data you need, how best to process it, and demonstrate at least a basic understanding of GDPR. You’ll also need to demonstrate its application, which is where club management software such as Coacha comes in.

These are all things we at Coacha can help you with – and at no cost to you or your club.









GDPR and small sports clubs



What do I need to know about sport club GDPR?


Let’s face it, this is a very complex subject. But don’t let that deter you from getting your head around sport club GDPR. With our guides and information, we can help you to get your club well on your way to compliance.

We’ve taken the legal jargon and broken it down in to plain English. We use specific examples throughout and have even struck a special deal with a legal firm to help our subscribers with any legal questions or problems they have, whether GDPR related or otherwise.

To follow are links and explanations to the useful resources on this website. The first place to start though is by downloading our FREE GDPR in Sport Guide. Remember, the info in this publication is relevant to any type of club or association, not just sports clubs.



6 incredibly useful GDPR resources

1 – FREE GDPR in Sport guide

In this article you will: Download a completely FREE GDPR in Sport guide

This guide is essential reading for anyone that is involved with a club. Any type of club – sports, social or otherwise. You will not only find out more about GDPR itself, but you’ll also get a FREE 22-point check sheet. Plus, links to download a FREE Privacy Impact Assessment (PIA) which you will need to complete as part of your GDPR compliance.

The guide also has links to further useful resources on the web which include really useful information from the ICO and the NSPCC’s Child Protection in Sport Unit (CPSU). Also, as the GDPR is relatively new, it is constantly evolving and being updated. As part of downloading this completely FREE guide, we’ll even send you notifications of whenever we update the document.

Feel free to pass this on to anyone you think may benefit from seeing it. We would suggest though that you get them to join our mailing list and update service, so they too can benefit from the GDPR (and other) information we regularly share.
 



GDPR resources for sports clubs




GDPR and sports coaches



2 - GDPR in sport:
What it means for sports Coaches like you


In this article you will: discover how GDPR in Sport will affect you.

One of the most popular pages on this website, this article really explores what GDPR means for clubs and coaches. It takes a good look at how GDPR will affect you and exactly where you should get started with tacking GDPR.

There’s info discussing how you need to update your privacy policy, and also many useful links showing how other organisations are tackling GDPR. Links to both sports related websites as well as examples of larger non-sport related portals such as the BBC.

We delve in to what it means if people ask for a copy of the data that you hold on them alongside them having the right to update the data and also the ‘right to be forgotten’ completely. If people do want a copy of the data you hold on them, you need to be able to provide it to them in an electronic / digital format that they can take away and use elsewhere (as a CSV file for example).

The piece also draws similarities between the ICO and the inland revenue (the new ‘VAT-Man’) and why fines are, and will continue to be, dished out to any type of organisation falling foul of GDPR.

Finally, the importance of Data Security is covered as well as why it’s important that all of your team are made aware of the importance of GDPR and what they should be doing to help your club.



3 - GDPR in sport: What is GDPR and how should you be preparing for it?

In this article you will: see why Sports Club GDPR is important to all clubs.


This is a meaty article and not for the feint hearted. However, we really boil down information that the ICO put out back in 2017 in their bright yellow publication ‘Preparing for the General Data Protection Regulation (GDPR) - 12 steps to take now’, so it’s worth a read.

The article explores the 12 steps and explains what they are. The 12 steps include:

1. Awareness
2. Information you hold
3. Communicating privacy information
4. Individuals’ rights
5. Subject access requests
6. Lawful basis for processing personal data
7. Consent
8. Children
9. Data breaches 10. Data protection by Design and Data Protection Impact Assessments
11. Data Protection Officers (DPO)
12. International


 



What is GDPR in sport?




GDPR in sport documentation



4 - What GDPR documentation does my sports club need?


In this article you will: get FREE sports club GDPR templates and guidance on how to use them.

In the business world, having bespoke GDPR documentation produced is a costly process. Even small businesses don’t see much change out of £1,500. The same would be true for any club if they were to pay a solicitor to have their own produced.

Fortunately, Sport England and The Sport & Recreation Alliance have produced an incredible set of documents that any sports club is able to download and use for their own purposes.

The process starts off with a GDPR Compliance Questionnaire which is designed to get you thinking about GDPR and how your club processes personal data. There are several Privacy Policy templates for you to chose from as well as a Data Protection Policy, Individual Rights Documentation and a Data Protection Impact Assessment (DPIA) template – all of which you a free to personalise for your club.

Add to this guidance for Direct Marketing under GDPR (a biggie to make sure you get on top of for your club) and lots of additional notes, the Sport England and The Sport & Recreation Alliance really have delivered top notch guidance and direction.

In this article not only do we provide links to these documents, but we also provide an overview of what they are. And there are a lot of them! Use this article to help you get through what the documents are and what they should be used for.



5 - Will computer or cloud-based software help me with GDPR compliance?

In this article you will: see if software for sports clubs can help with your GDPR compliance.


Whilst there is no software that can help you with some of the decisions you need to make about GDPR and processing data (deciding which legal bases to choose for example), there are tools to help you build GDPR into your club’s day to day running.

This article looks at some frequently asked questions about software (and Apps) and how it can both help save you lots of time on admin and help with your club’s on going GDPR compliance.

Questions like:

‘How do I let people amend the data I hold on them, or their children?’
‘How can I give my members an electronic copy of the info I have on them, or on their child?’
‘Why should I complete a Privacy Impact Assessment?’
‘How can I get my coaching staff to record information correctly’?

With the solution in place, you could be well on your way to achieving a good 75% of your ongoing GDPR compliance in next to no time. All for a lot less effort than you would think.


 



cloud based sports software




100% GDPR compliance



6 - Can a piece of sports club software make you 100% GDPR compliant?


In this article you will: find out how by using sports club software will be on your way to GDPR compliance.

We’re all looking for help or short cuts with admin, especially when it comes to running and managing a sports club (or any other type of club for that matter). None of us signed up to spend hours and hours sorting out paperwork and getting around all of the red tape.

Whilst there is no magic software solution that will make you 100% complaint there is a way to get you a good deal of the way there. However, choosing the right software combined with an awareness of GDPR, and using Sport England’s templates will make sure that you are well on the road to getting your club ship shape and GDPR ready.



7 - The Gold Standard of giving people access to their personal data

In this article you will: see that you can give people direct access to a submit a Subject Access Request using a sports club management system.


When it comes to GDPR, the ‘standard’ and therefore minimum requirements that you must meet when your club members / parent submit a Subject Access Request (or a Data Request) are:

• Provide them with their data within 30 days of them asking for it
• Provide it to them in a digital format that is easily transferable and can be used elsewhere (such as a CSV file for example)
• Supply them with the information using a secure process

It’s widely accepted that GDPR will bring more admin to any type of club. There more members a club has, the more admin this could potentially involve, especially if there aren’t robust systems in place.

By using a service that enables secure logins by members / parents themselves to access the data you hold on them, huge amounts of your time can be saved when people ask to see their data. The same is true for updating and deleting any personal data.

Although quite a small article, this piece shows you that there is a way to accelerate your GDPR compliance process, and at the same time save lots of time on your club admin.

 



Data protection for sports clubs




Sport England, NGBs and GDPR




Sport England, NGBs and GDPR


Sport England and The Sport and Recreation Alliance pushed out their GDRP documentation mid-May (2018) and many of the official NGBs have followed suit. Most NGBs have taken the templates produced by Sport England and The Sport and Recreation Alliance and personalised them for their own sport.

If you belong to either an official or unofficial NGB it’s worth visiting their website and doing a search for ‘GDPR’ and see what comes up. If there isn’t anything displayed in the search results either drop them an email or give them a quick call. Some NGBs have been quicker than others when it comes to GDPR so where info seems to be missing on their sites it may simply be a case that they have yet to add it.




The Legal Stuff

The content of this article is intended to provide a general guide to the subject matter and is not to be regarded as a substitute for consultation with a legal specialist who can advise you with a focus on your specific circumstance. Specialist advice should be sought about your specific circumstances.

 



GDPR and Coacha Software
  • *
  • *
  • *
  • *
  • *