For the avoidance of doubt Dance Wales UK policies cover all our group names including but not limited to Western Warriors and Reflex
Data Protection Policy
GDPR came into force on the 25th May 2018, there is a 12 step guide available to view from the Information Commissioners Office (ICO) here: https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf
GDPR basically gives increased privacy rights to individuals whose data is being collected.
Dance Wales UK is committed to a policy of protecting the rights and privacy of individuals, members, volunteers staff and others in accordance with The Data Protection Act 1998. The policy applies to all voluntary, members and staff at the school. Any breach of The Data Protection Act 1998 or The school`s Data Protection Policy is considered to be an offence and in that event, disciplinary procedures apply.
As a matter of good practice, other organisations and individuals working with the school and who have access to personal information, will be expected to have read and comply with this policy. It is expected that any staff who deal with external organisations will take responsibility for ensuring that such organisations abide by this policy.
Data is protected by the Data Protection Act 1998, which came into effect on 1 March 2000. Its purpose is to protect the rights and privacy of individuals and to ensure that personal data are not processed without their knowledge, and, wherever possible, is processed without their consent.
The Act requires us to register the fact that we hold personal data and to acknowledge the right of ‘subject access’ – members and staff must have the right to copies of their own data.
Purpose of data held by Dance Wales UK
Data may be held by us for the following purposes:
There are many reasons why Dance Wales UK will need to store members personal data.
- A register of all members that attend each session for safety reasons.
- We will also need all members to fill out an emergency contact form which will only be kept on file for the duration of your time at the school, after which will be destroyed.
- Your details will also be registered with each event we attend purely for the event providers to know who is attending and which age category you fall into, the information they will need is minimal.
- Dance Wales UK will also ask permission to take photographs and videos for the website, social media and also promotional materials such as flyers and posters.
- Dance Wales UK also record some of there performances for member to purchase
- At events there maybe other photographers and videographers taking pictures and videos
- Certain performances may need local council licences so data will be passed across when necessary
Dance Wales UK will make sure it keeps a record of all data received from its members and where the data is being shared. We will also ask all members to sign consent forms for any data which we require.
- Data Protection Principles
In terms of the Data Protection Act 1998, we are the ‘data controller’, and as such determine the purpose for which, and the manner in which, any personal data are, or are to be, processed. We must ensure that we have:
- Fairly and lawfully processed personal data
Will always put our name on all paperwork, stating their intentions on processing the data and state if, and to whom, we intend to give the personal data. Also provide an indication of the duration the data will be kept.
- Processed for limited purpose
We will not use data for a purpose other than those agreed by data subjects (members, staff and others). If the data held by us are requested by external organisations for any reason, this will only be passed if data subjects (members, staff and others) agree. Also external organisations must state the purpose of processing, agree not to copy the data for further use and abide by The Data Protection Act 1998 and our Data Protection Policy.
- Adequate, relevant and not excessive
Dance Wales UK will monitor the data held for our purposes, ensuring we hold neither too much nor too little data in respect of the individuals about whom the data are held. If data given or obtained are excessive for such purpose, they will be immediately deleted or destroyed.
- Accurate and up-to-date
We will provide our members (members, staff and others) with a copy of their data once a year for information and updating where relevant. All amendments will be made immediately, and data no longer required will be deleted or destroyed. It is the responsibility of individuals and organisations to ensure the data held by us are accurate and up-to-date. Completion of an appropriate form (provided by us) will be taken as an indication that the data contained are accurate. Individuals should notify us of any changes, to enable personnel records to be updated accordingly. It is the responsibility of the Association to act upon notification of changes to data, amending them where relevant.
- Not kept longer than necessary
We discourage the retention of data for longer than it is required. All personal data will be deleted or destroyed by us within 2 weeks of leaving the school.
- Processed in accordance with the individual’s rights
All individuals that Dance Wales UK hold data on have the right to:
- Be informed upon the request of all the information held about them within a month.
- Prevent the processing of their data for the purpose of direct marketing.
- Compensation if they can show that they have been caused damage by any contravention of the Act.
- The removal and correction of any inaccurate data about them.
Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of data.
All Association computers have a log in system and our Contact Database is password protected, which allow only authorised staff to access personal data. Passwords on all computers are changed frequently. All personal and financial data is kept in a locked filing cabinet and can only be accessed by the Head Coach. When staff members are using the laptop computers out of the office care should always be taken to ensure that personal data on screen is not visible to strangers.
- Not transferred to countries outside the European Economic Area, unless the country has adequate protection for the individual.
Data must not be transferred to countries outside the European Economic Area without the explicit consent of the individual. Dance Wales UK takes particular care to be aware of this when publishing information on the Internet, which can be accessed from anywhere in the globe. This is because transfer includes placing data on a web site that can be accessed from outside the European Economic Area.
- Processing Data
GDPR requires Dance Wales UK to document why we need to lawfully process people’s data. This includes the information we keep, what it is being used for and our reasons for needing it.
We have the following reasons for processing people’s data –
- Legal – we have the following legal obligations for processing data which include but are not limited to health and safety, insurance and child protection.
- Contractual – which allows Dance Wales UK to provide members with the services associated with our programme such as sending requests for payment, registers, and entrance to events.
- Legitimate interests – which is when the processing is necessary for Dance Wales UK legitimate interests such as but not limited to marketing.
- Consent – Is when the individual has given clear consent for you to process their personal data for a specific purpose. For example taking photographs for Dance Wales UK website.
Date collected by members, parents/guardians includes the following:-
- Name, address, date of birth, telephone numbers, next of kin details and email address.
- Medical information
- Pre-existing medical conditions.
- Any medication currently being taken.
- Various communications where members may be mentioned by name.
- Emails, text, phone calls, post.
- Records of Financial Transactions that have taken place.
The reasons for needing the above information is covered under Processing Data. The data will be collected directly from members, parents/guardians. The data collected will be shared with staff and volunteers at Dance Wales UK, Event Providers and Hotels at which the team will be staying at for competitions.
The designated data controller at Dance Wales UK is Kerry Dale.
Email Address: email@example.com