GDPR & Data Protection Policy
Naomhóga Chorcaí – Cork's Currach Rowing Club (or, the Club) has updated its privacy statement to include the new General Data Protection Regulations (GDPR) which took effect on 25th May 2018.
The GDPR is designed to give Naomhóga Chorcaí club members more control over their personal data. It also ensures that Naomhóga Chorcaí takes the appropriate amount of care with people’s personal data.
What is personal data?
Personal data is any information that can identify an individual person. This includes a name, an ID number, location data (for example, location data collected by a mobile phone), a postal address, online browsing history, images or anything relating to the physical, physiological, genetic, mental, economic, cultural or social identity of a person.
What are the main GDPR principles for Naomhoga Chorcai?
Naomhóga Chorcaí must have consent to hold your Personal Data
Personal data must be processed in a transparent manner
Naomhóga Chorcaí must have a specific purpose to collect the data
Naomhóga Chorcaí must ensure the data is only kept for as long as needed to fulfil thepurpose that it was gathered for.
Where data is held on computers, Naomhóga Chorcaí must ensure that those computers andnetworks are safe and secure.
Where data is in paper format, Naomhóga Chorcaí are obliged to ensure that it is as safe andsecure.
Who is Collecting the Data?
Naomhóga Chorcaí is collecting the data.
Why is the data is being collected?
Naomhóga Chorcaí holds and uses its members personal and sensitive data solely for the purposes of their involvement in Naomhóga Chorcaí club activities. By submitting and signing a membership form, members are clearly and explicitly consenting to receiving information about the Club by phone, social media, apps, email, SMS or other electronic communication. Members data will not be shared with any third party under normal circumstances (and only then with their explicit consent), and the principles of the Data Protection Act 1988 and 2003 and GDPR 2018 will be adhered to.
If a member joins the Club committee they may be required to share their mobile phone number or other contact details with current members for practical reasons - organising events etc. Personal Data on members shall be held for a period of 12 months after membership lapses, in case they need to be contacted or reminded that their membership has lapsed, and subsequently destroyed and deleted. The data collected is held on hard copy membership forms which are stored securely by the Treasurer, and on password protected electronic files accessible only to Naomhóga Chorcaí Committee Officers (Captain, Chair, Secretary and Treasurer). A new password is generated by each annual Committee Officers to ensure security and deny previous Officers access. The Club does not hold personal data of past members on file, beyond what is outlined above.
If you wish, upon leaving the Club, to have personal information about you deleted/securely destroyed, or wish as a Club Member, at any time to access to what personal information is kept on you by the Naomhóga Chorcaí you may email the Committee at: firstname.lastname@example.org or write to: Naomhoga Chorcai Committee c/o Crosses House, Crosses Green, Cork.
Who else might receive your personal data?
Naomhóga Chorcaí holds and uses its members personal and sensitive data solely for the purposes of their involvement in Naomhóga Chorcaí club activities. therefore, it does not share its members personal data outside the Club, unless in exceptional circumstances and with the member's explicit consent. If a member gives permission for their data to be shared, Naomhóga Chorcaí shall request that members written consent prior to the data being transferred.
Will personal data be transferred outside the EU?
Naomhóga Chorcaí will not share personal data outside of the EU unless it is with the expressed and written agreement of that member.
Under the GDPR individuals have the significantly strengthened rights to:
obtain details about how their data is processed by an organisation, club or business;
obtain copies of personal data that an organisation, club or business holds on them;
have incorrect or incomplete data corrected;
have their data erased by an organisation, club or business, where, for example, the organisation, club or business has no legitimate reason for retaining the data;
obtain their data from an organisation, club or business and to have that data transmitted to another organisation (Data Portability);
object to the processing of their data by an organisation, club or business in certain circumstances;
not to be subject to (with some exceptions) automated decision making, including profiling.
Where to get data protection advice?
Irish Data Protection Commissioner Website:
If you wish for a copy of the personal data that we hold about you, please email the Committee at: email@example.com or write to: Naomhoga Chorcai Committee c/o Crosses House, Crosses Green, Cork and the Committee will send you a copy of the information that is held about you.