Understand the importance of GDPR
General Protection Data Regulation (GDPR) is a general digital privacy law that has unified practices of data protection across the UK and all EU member states, when it come into force on May 25th, 2018. It is a legally binding directive that, if not adhered to, can result in large fines, GDPR applies to all businesses that handle the personal data of European and UK residents.
The Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.
The Regulation protects the fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.
Some of the key privacy and data protection requirements of the GDPR include the following:
Requiring the consent of subjects for data processing
Anonymizing collected data to protect privacy
Providing data breach notifications
Safely handling the transfer of data across borders
Requiring certain companies to appoint a data protection officer o oversee GDPR compliance.
How can I be mindful?
Make sure that when you are collecting data from customers and fans, you give them the option to ”opt in” to communication. Opting in allows the customer to decide if they want to receive a communication from the sports organization. It is usually a tick box that they must tick if they want to receive information. Once they have don this you can contact them via their preferred channels, e.g. email, post or SMS. If they do not tick this, then you cannot contact them.
Other ways to be compliant
Thing about the data you collect
Where is it stored?
Ask yourself why you hold data you collect
What is its purpose?
Make sure you have consent from the person you are gathering data from.
Make sure customers can access their data and delete if they wish.
Make sure data is stored securely.