The GDPR is designed to protect people's personal data, including information such as their name, age, contact information and medical conditions. This may mean you need to think about the following:
- What information do you have about individuals?
- How is this information stored?
- Who has access to this information and why?
- Do you have the person's consent to hold their data (or their parent/carer if they are under 18)?
The Sport and Recreation Alliance have produced a GDPR Toolkit for sports club which includes template policies, privacy notices, compliance checklists and much more. This can be accessed here:
The ICO have produced a general guide to the steps organisations will need to take which may be helpful. This can be downloaded here.