The Data Protection Act and SROC
The Data Protection Act 1998 (“DPA”) imposes rules and safeguards on those who hold and process personal data. Details of usage must be notified to the UK Information Commissioner’s Office (“ICO”), with some exemptions.
SROC is exempt from notification according to the criteria in section 6.1 of the Notification handbook of the ICO (exemption as a complying not-for-profit organisation), but SROC seeks to abide by the Principles of the CPA. A statement of policy may be published from time to time in SROC's newsletter and/or on the SROC website
SROC processes data only where (DPA S2 1) the data subject has given consent to the processing; and/or (DPA S2 6(1)) the processing is necessary for the purposes of legitimate interests pursued by SROC. SROC does not process sensitive personal data.
SROC obtains data for the purposes of running an orienteering club efficiently for the benefit of the members, for organising orienteering competitions, liasing with other clubs in the region and the North West Orienteering Association (“NWOA”), and for other orienteering-related events and activities.
SROC may obtain data from an individual or a family member, other clubs, the British Orienteering Federation, orienteering service providers and/or other organisations. The data includes:
Members of SROC: For the purpose of running an orienteering club, SROC and its officials may hold some or all of the following data about some or all of its members: name, photograph, postal and email address, phone number, year of birth, competition age class, club membership level, e-card number, offices held, skills and qualifications, courses attended and details of officiating at competitions. This data may be used in managing the club including without limitation: communications with members, mailing magazines and other literature, team selection, coaching, training and appointment of officials.
Landowners: For the purpose of organising orienteering events, SROC may hold contact data for landowners and other organisations, plus their employees and agents
Orienteering competitors: For the purpose of organising orienteering events and creating the results, SROC may hold and publish on its own website and the websites of orienteering service providers the following data about individuals who compete at orienteering events organised by SROC: name, photograph, year of birth, competition age class, club membership, e-card number, start-time, competition results (including without limitation: finish times, scores, route(s) taken, penalties and/or split times).
The Secretary of SROC maintains the data on members of SROC.
Personal data is not kept when no longer useful for the purposes of SROC. Competition information and published results are maintained indefinitely as documents of public record.
SROC upholds the rights under the Data Protection Act 1998 of all individuals whose data it holds
SROC takes normal precautions against unauthorised access to or processing of personal data and against accidental loss or destruction of data.
SROC does not make data available for any commercial purposes, nor does SROC share information with third parties, other than as mentioned in this document. Names and addresses of SROC members may be made available to NWOA to enable mailings of regional orienteering material.
Updated January 2010
UK Data Protection Act 1998: http://www.opsi.gov.uk/Acts/Acts1998/ukpga_19980029_en_1
UK ICO Notification handbook: http://www.ico.gov.uk/upload/documents/notifications_handbook_html/index.html
Last Updated : 16.01.10