A new data protection law, the General Data Protection Regulation, is coming into force on 25 May 2018
The GDPR replaces the Data Protection Act and provides increased rights for individuals in respect of their personal data, as well as requiring organisations to give more information to people about what they do with their data, why and for how long.
The changes brought about by GDPR affect everyone involved in football including The FA, County FAs, leagues and clubs. If you haven’t done so already it’s time to take action - putting your house in order may not be simple, but it is essential.
Doing so requires an understanding of what data your organisation collects, where it is stored, what it is used for and how long you keep it. Once you know this you can then produce an appropriate Data Protection Policy and Privacy Notice.
We appreciate this is a complex area and not everyone will feel confident in understanding what needs to be done. Fortunately there is help available to assist you in ensuring your organisation complies with the new rules.
What support and guidance is available?
The FA has been working with law firm Muckle LLP to draft some new GDPR templates that are easy to customise and will help County FAs, leagues and clubs work towards compliance, ahead of the regulation coming into force.
The templates, which can be downloaded below, sit alongside a range of other GDPR resources including a series of Frequently Asked Questions, online training modules and fact sheets, are available on Muckle’s website.
Downloadable Template Documents
• Draft Data Protection Policy Template
• Draft Privacy Notice Template (Clubs)
• Draft Privacy Notice Template (Leagues)