What Clubs should consider with GDPR
Please see below as to the recommendations from Canoeing Ireland to stay current and GDPR compliant.
When collecting data from your members, consider the following:
- When thinking about GDPR, consider the following:
- Who are you asking for information?
- Who can and should access it?
- What do you need the information for?
- What will happen the information when you have it?
- When do you need the information for? IE how long do you need to keep the information?
- Where will the information be stored? Is this place secure. Eg. Canoeing Ireland keep the office locked and the filing cabinets locked to ensure safety when we leave the office.
- Where will the information go to? IS it going to someone outside the Club and Canoeing Ireland?
- Why do you need the information requested?
It is Canoeing Ireland’s recommendation that Clubs should set up a generic email for their Club and the committees to secure the information sent to them. This removes people using their personal accounts for emails concerning a professional issue ie Club business. It also means that when the Committee members moves on from their role, all data is kept in the one place.
If you are keeping paper records, these need to be treated with the same security as the digital records. When setting up online filing systems think of the questions stated above. Make sure to password protect sensitive information. Do not leave sensitive data open for others to read.