GENERAL PRIVACY
NOTICE
We
at the Amersham and Chalfont Hockey Club (“we” or
“our” or “us”) want to make sure all the
personal information we have collected about you is safe and secure
whether we collect it through our website at www.achc.org.uk
(“Site”) or from other sources. This Policy set outs our
commitments to you, in compliance with and beyond the General Data
Protection Regulation (commonly known as the GDPR) and
explains how we collect, store and use your personal information.
We have not appointed a Data Protection Officer to oversee our compliance with data protection laws as we are not required to do so, but our Playing Committee Chairman has overall responsibility for data protection compliance in our organisation. If you have any questions about this Notice or what we do with your personal information, their contact details are set out in the "Contact" section below.
Amersham
and Chalfont Hockey Club's Data Protection Policy applies to all of our
staff, workers, directors, volunteers and consultants (“Workers”). This can be found here - ACHC-AGP Data Protection Policy Apr 18.doc
Privacy NOTICES
Collecting
specific, relevant personal information is a necessary part of us
being able to provide you with any services you may request from us
or in providing services to our customers and members or just
managing our relationship with you.
When
we hold or use your personal information as a data controller
(see below for a description of what this is) we will provide
you with a privacy notice which sets out in detail what information
we hold about you (such as your contact details, address, etc.), how
your personal information may be used and the reasons for these uses,
together with details of your rights.
Where
we collect personal information from you directly, we will provide
this privacy notice at the time we collect the personal information
from you. Where we receive your personal information indirectly, we
will provide this privacy notice when we first contact you, first
pass the data to someone else or within a month, whichever is the
earlier.
We
will only provide this privacy notice to you once, generally at the
start of our relationship with you. However if the applicable
privacy notice is updated substantially, then we may provide you with
details of the updated version. You are encouraged to check back
regularly for updates.
Copies
of our current privacy notices can be found below:
Please
note that it is possible for you to be covered by more than one
privacy notice, for example you may be a member who comes onto our
premises and is recorded on CCTV. In this example both our member
privacy notice and our CCTV privacy notice would apply to you.
THE
DIFFERENCE BETWEEN DATA CONTROLLERS/PROCESSORS
A
data controller is a person who controls how personal information is
processed and used. A data processor is a person who processes and
uses personal information in accordance with the instructions of a
third party, i.e. the data controller.
This
distinction is important. You have certain rights in relation to
your personal information, for example the right to be provided with
the personal information held about you and details of its use and
the right to have certain of your personal information either erased
or anonymised, commonly referred to as the right to be forgotten (see
below to see what rights you have). These rights can generally
only be exercised against a data controller of your information.
In
most cases we will be a data controller of your personal information.
In any case where we are not a data controller this means that you
cannot exercise these rights against us directly (i.e. where we only
act as a data processor), but you can do so against the data
controller (i.e. the person who controls how we process the personal
information). In these cases we will endeavour to inform you who is
the data controller of your personal information so that you can
direct any such requests to them.
Also
it is only a data controller that will provide you with a privacy
notice about your personal information, so where we process your
personal information as a data controller we will provide you with a
privacy notice. Where we process your personal information as a data
processor for a third party, that third party should provide you with
a privacy notice which will set out details regarding the processing
of your personal information, which should also include the
processing to be carried out by us on their behalf.
HOW
DO WE USE YOUR PERSONAL information?
We will use your personal
information as described in the privacy notice provided to you, but,
for example, we may use your personal information to administer any
account(s) you have with us or to send you information we think you
might find useful, provided you have indicated that you are happy to
be contacted for these purposes. To see how we use your personal
information, please see our current privacy notices, which can be
accessed above.
WHO DO WE SHARE YOUR
PERSONAL INFORMATION WITH?
Details
of how we disclose your personal information are set out in the
relevant privacy notice provided to you, but generally it is where we
need to do so in order to run our organisation (e.g. where other
people process information for us). In such circumstances, we will
put in place arrangements to protect your personal information.
Outside of that we do not disclose your personal information unless
we are required to do so by law.
If
we transfer personal information about you outside the European
Economic Area (EEA), we will let you know and ensure that all
reasonable security measures are taken and that any third party
processors will be required to process the information in accordance
with information protection laws and we will notify you in your
privacy notice if we are the information controller.
We
do not sell, trade or rent your personal information to others.
HOW
LONG DO WE HOLD ON TO YOUR PERSONAL INFORMATION?
Further
details of how long we hold onto your personal information for are
set out in the relevant privacy notice provided to you, but we will
only hold your information for as long as is necessary or where you
ask us to delete records we may delete it earlier.
The
duration for which we retain your personal information will differ
depending on the type of information and the reason why it was
collected. However, in some cases personal information may be
retained on a long term basis: for example, personal information that
we need to retain for legal purposes will normally be retained for at
least six years in accordance with usual commercial practice and
regulatory requirements.
what are Your rights?
Full
details of your rights set out in the relevant privacy notice
provided to you, but you are entitled by law to ask for a copy of
your personal information at any time. You are also entitled to ask
us to correct, delete or update your personal information, to send
your personal information to you or another organisation and to
object to automated decision making. Where you have given us your
consent to use your personal information in a particular manner, you
also have the right to withdraw this consent at any time.
To
exercise any of your rights, or if you have any questions relating to
your rights, please contact us by using the details set out in the
"Contact" section below. You can also unsubscribe
from any direct marketing by clicking on the unsubscribe link
in the marketing messages we send to you.
You
should note that some of your rights may not apply as they have
specific requirements and exemptions which apply to them and they may
not also apply to personal information recorded and stored by us.
However your right to withdraw consent or object to processing for
direct marketing are absolute rights.
If
you are unhappy with the way we are using your personal information
you can complain to the UK Information Commissioner’s Office or
your local data protection regulator. More information about your
legal rights can be found on the Information Commissioner’s website
at https://ico.org.uk/for-the-public/.
However, we are here to help and would encourage you to contact us
to resolve your complaint first.
linking with third party
sites
Our
Site may, from time to time, contain links to and from the websites
of our commercial partners, other regional bodies, advertisers and
clubs. If you follow a link to any of these websites, please note
that these websites have their own privacy policies and they will be
a data controller of your personal information. We do not accept any
responsibility or liability for these policies and you should check
these policies before you submit any personal information to these
websites.
In
addition, if you linked to this Site from a third-party site, we
cannot be responsible for the privacy policies and practices of the
owners or operators of that third-party site and recommend that you
check the policy of that third party site and contact its owner or
operator if you have any concerns or questions.
SECURITY
We
employ a variety of technical and organisational measures to keep
your personal information safe and to prevent unauthorised access to,
or use, or disclosure of it. Unfortunately, no information
transmission over the Internet is guaranteed 100% secure nor is any
storage of information always 100% secure, but we do take all
appropriate steps to protect the security of your personal
information.
Cookies
Certain
parts of our Site may use "cookies" to keep track of your
visit and to help you navigate between sections. A cookie is a small
data file that certain websites store on your computer's hard-drive
when you visit such websites. Cookies can contain information such as
your user ID and the pages you have visited. The only personal
information a cookie contains is information that you have personally
supplied.
We
use cookies on our Site to enable us to deliver content that is
specific to your interests and gives us an idea of which parts of the
Site you are visiting and to recognise you when you return to the
Site. Reading cookies does not give us access to other information on
your computer's hard-drive and our Site will not read cookies created
by other websites that you have visited.
You
may refuse to accept cookies by activating the setting on your
browser which allows you to refuse the setting of cookies. If,
however, you select this setting you may be unable to access certain
parts of the Site. Unless you have adjusted your browser settings so
that it will refuse cookies, our system may issue cookies when you
access the Site.
Please
note providers of third party content may also use cookies over which
we have no control.
LOG FILES
In
common with most websites, our Site logs various information about
visitors, including internet protocol (IP) addresses, browser type,
internet service provider (ISP) information, referring / exit pages
and date / time stamp.
We
may use this information to analyse trends, administer the Site,
track your movement around the Site and gather broad demographic
information.
Changes to this policy
Any
changes we may make to this Notice or our Data Protection Policy in the future will be posted on
our Site and, where appropriate, notified to you by e-mail. When we
change this Notice in a material way, we will update the version date
at the bottom of this page. Please check back frequently to see any
updates or changes to this Notice and should you
object to any alteration, please contact us as set out in
the "Contact"
section below.
Contact
In
the event of any query or complaint in connection with the
information we hold about you, or any of our privacy policies please
email mark.mccree@gmail.com
Whilst
this privacy policy sets out a general summary of your legal rights
in respect of personal information, this is a very complex area of
law. More information about your legal rights can be found on the
Information Commissioner’s website at
https://ico.org.uk/for-the-public/.
Version
Date: 30th April 2018