GENERAL DATA PROTECTION REGULATION (GDPR)
The GDPR was passed by the EU in April 2017 and compliance is required by 25th May 2018. This regulation has implications on how we as a tennis club use, collect and store any personal data, including details about membership.
For the purposes of the General Data Protection Regulation (GDPR) and UK data protection laws, the ‘Controller’ is Wigmore Lawn Tennis Club of 43 Becmead Avenue, Streatham, London SW16 1UJ. The Data Protection Officer will be the current Secretary of the club and they can be contacted by email at email@example.com or by letter to the above address.
1. About this policy
1.3- We will always comply with the GDPR when dealing with your personal data. Further details on the GDPR can be found on the website of the Information Commissioner (www.ico.gov.uk).
1.4- The GDPR relates to any data held by the club, whether online or paper documents.
2. Information we collect (or may collect in the future), for what purpose and the legal basis
2.1- As a tennis club, we need to collect certain personal information with regards to your membership application and this information is deemed to be collected under a ‘contract basis’ when you apply for membership for yourself or on behalf of a junior or other member. Some information is necessary for the running of the club and to ensure that we have your contact details to keep you up to date on your membership application. Other information is requested but is not mandatory for you to complete.
Type of information and how it is collected
Member’s name, age, address, telephone number(s) and e-mail address.
Provided by Member / Applicant or person applying on their behalf on-line via our Club Solutions booking system.
Ethnicity information. May be provided voluntarily by member / applicant.
Emergency contact details – where provided by Member
Gender. Provided by Member / Applicant or person applying on their behalf on-line via our Club Solutions booking system.
Court booking transactions
Team players / competition entrants / event sign up. Name and contact details are collected, along with any relevant financial transactions. (includes but is not limited to: AEGON, Surrey Tennis Leagues, Millennium Cup, Road to Wimbledon, club leagues/ladders and club tennis or social events)
British Tennis Membership details. Either provided by Member on their membership profile page, or provided to the club by the Lawn Tennis Association (LTA) as i) part of the Wimbledon Ballot process or ii) via the LTA’s online competition results system.
Video footage or photography of events run at the club.
Contact details of the Head Coaches contracted to run Wigmore’s coaching programme and services. Details will be provided to the Club by the coaches.
Contact details of the current Committee Members
Sign up to Special Events held at Wigmore via the Club’s Clubspark website (hosted by the LTA)
Managing the Member’s membership of the club and renewals; ensuring the Member is in the correct membership category for their age group; enabling the club to make contact with regard to their membership; taking payment of membership fees or other services/events purchased.
Sending out membership communications in relation to essential aspects of membership of the club, including but not limited to membership renewals, club annual general meetings.
Sending communications about club volunteering /committees/working parties, club events and activities.
Summary age related data is also requested by LTA / Surrey Tennis as part of the club’s Annual Registration.
Sending out information via newsletters and or texts regarding tennis related services, activities or offers that we think may be of interest to our Members.
Tracking diversity of the club’s membership.
Contacting the next of kin, or person chosen by the Member, in the event of an emergency.
Provision of adequate facilities for members.
Summary gender data is also requested by LTA / Surrey Tennis as part of the club’s Annual Registration.
Manage and record the administration of your membership payments due and received on our online membership and booking system, via bank transfers and on the club’s accounting software.
Member’s bank details are only requested when a transfer from the club to the Member is required.
Manage and record the administration of your booking rights on our online membership and booking system.
Management of your guest bookings and fees paid – online and via written book in clubhouse.
Managing teams for competitions, enabling team captains to make contact with potential players and running events at the club.
Enables players to contact each other to organise games / matches.
Financial transactions are recorded but no bank details are stored.
Player results are entered onto the LTA results system as appropriate.
Enables the club to i) run the annual Wimbledon ballot draw and ii) enter match results into the LTA’s results software.
Video footage or photos of activities / events held at the club may be used on the Club’s social media accounts, the club website, leaflets and posters.
Used in the grounds and clubhouse to monitor the safety and security of the club and its Members / visitors. cctv footage is only accessed when an issue has arisen at the club or from time to time to check that the remote access to the screens / monitors is working.
Members have access to the 180 degree outside camera so that they can see the condition of the courts – it is not possible to determine who is on court, just whether the courts are in use.
To enable Members to contact the Head Coaches, or coaches offering services such as restringing, directly.
To enable Members to contact Committee Members if they have questions / queries /suggestions or complaints
To enable Event Organisers to communicate with participants (or their parents as appropriate) regarding events
Contract basis – performing the club’s ‘contract’ (membership) with the Member.
Also performed under legitimate interests to promote and encourage participation for all ages and abilities in tennis and for the purposes operating the club.
Legitimate interest to undertake statistical analysis about who is playing tennis at the club.
Legitimate interest of the sports National / County associations to maintain age diversity.
This will be on a ‘consent’ basis, with Members opting in to receive such information. Members will be able to remove consent at a later date by opting out.
Legitimate interest in helping the club to see whether its membership reflects the area it serves.
Protecting the Member’s vital interests and those of their dependants
Legitimate interest to ensure we provide sufficient and suitable facilities (changing rooms and toilets) for our members.
Legitimate interest of the sports National / County associations to maintain gender diversity.
Performing the club’s contract with the Member.
Note: the club does not currently hold bank account, debit or credit card details of its Members, except where necessary to transfer funds to a Member’s bank account.
Performing the legitimate interests of the club to provide access to courts for its Members and dealing with no-shows on the booking system in accordance with current club policies.
Performing the legitimate interests of the club in entering teams, providing competition and relevant club events (whether tennis or social)
Performing the club’s legitimate interest in i) providing Members with access to ballots for tennis events and ii) entering teams into competitions.
This will be performed on a consent basis, with participants asked if their images may be used at each event – whether verbally or by written consent (by parents for junior participants). Consent may be withheld or withdrawn. Names of participants may be included but not contact details.
Performing the club’s legitimate interest in the safety and security of the Members, visitors and premises.
This information is held on a legitimate interest basis.
3. How we protect your personal data
3.1 We will not transfer your personal data outside the EU without your consent.
3.2 Club Members with access to the data will be asked to sign a confidentiality contract with regard to the safekeeping of your data
3.3 We have implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction.
3.4 Please note that when transmitting data to us over the internet, there is a risk that this may not be 100% secure, depending on your internet connection or personal computer software.
3.5 Any payments taken from you online will be taken through a recognised online secure payment system.
3.6 We will notify you as soon as possible after we are aware of it in the event of any breach of your personal data which might expose you to serious risk.
3.7 You may update your personal data online at any time, or by writing to the Secretary at firstname.lastname@example.org
4. Who has access to the information you provide to us or that we hold on you?
4.1 We will never sell your personal data. We will not share your personal data with any third parties except where required to do so by law or a set out in the table above or paragraph 4.2 below.
4.2 We may pass your personal data to third parties who are service providers, agents or subcontractors to us for the purposes of completing tasks and providing services to you on our behalf (eg to send you newsletters). However, we disclose only the personal data that is necessary for the third part to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own purposes. Current service providers are Club Solutions; Joe&Scott Ltd (Head Coaches); Mailchimp; Dropbox and OneDrive; Administration Manager.
4.3 cctv service is provided by Pure Vision cctv (based in Streatham) who also have access to the footage. Club Members with access to the footage are: President; Treasurer; Secretary; Membership Secretary; and Bar staff (only cold room hard copy access, not remote online access)
4.4 We will respect your wishes in respect of what type of communications you want to receive from us and how you want to receive them. There are some communications however that we need to send you, regardless of your marketing preferences, in order for us to fulfil our contractual (Membership) obligations to you.
4.5 Where we process your personal information under legitimate interests, you have the right to opt-out. Please update your mailing preferences on the Club’s booking system or e-mail email@example.com if you wish to opt out of receiving such communications.
4.6 All current Members of the club have access to see the contact details of other Members for the purposes of making contact to organise games / matches. As part of the Membership ‘contract’ all Members agree not to misuse this data or provide it to third parties.
4.7 Administrators of the membership and booking system have access to all data and are bound by contract to keep the data secure, not to misuse the data nor provide it to third parties. Current Administrators are: Secretary; Match Secretary; Membership Secretary; Administration Manager; Social Secretary; Treasurer; Head Coaches.
5. How long do we keep your information for?
5.1 We will hold your personal data on our systems for as long as you are a Member of the Club and for as long afterwards as is necessary to comply with our legal obligations.
5.2 We will review your data annually to establish whether we are still entitled to process it. If we decide that we are not entitled to do so, we will stop processing your personal data except that we will retain your personal data in an archived form in order to be able to comply with future legal obligations (eg compliance with tax requirements and exemptions, and the establishment or defence of any legal claims)
5.3 We will securely destroy all financial information once we have used it and no longer need to keep it.
6. Your Rights
Under certain circumstances, by law you have the right to:
6.1 Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. For the purposes of data subject access requests, information deemed to be held by the club will be information held on: the Member’s profile (Club Solutions booking system); any on-line renewal or membership spreadsheets processed by the Membership Secretary or Administration Manager; and e-mails sent and received through the club’s e-mail account, currently firstname.lastname@example.org
6.2 Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
6.3 Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
4.4 Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
6.5 Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it. You can also withdraw your consent, where this is the basis for our processing your data (without affecting the lawfulness of our previous processing based on consent).
6.6 Request the transfer of your personal data to another party.
Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
If you are not satisfied with how we are processing your personal data, you can make a complaint to the Information Commissioner. You can find out more about your rights under applicable data protection laws from the Information Commissioner’s Office website: www.ico.org.uk. Wigmore Committee
14th May 2018