May 2018
4:16pm, 22 May 2018
1,243 posts
|
J2R
Very helpful stuff there, all! Thanks.
|
May 2018
4:23pm, 22 May 2018
28,792 posts
|
HappyG(rrr)
The hardest one is "right to be forgotten". If someone whose details you have had in the past demands that you remove them from all places, are you able to easily do so?
If you want to or have to retain it, then you have to demonstrate a legal or regulatory requirement to that is greater than the persons desire to be removed.
It's nae easy! G
|
May 2018
4:33pm, 22 May 2018
134 posts
|
Spideog
How far does wanting to be forgotten extend? Do you get your name, gender and approximate age deleted from race results as well? There isn't any legal or regulatory requirement for holding race results, but as a record of what happened it would be a nonsense if anything was allowed to be altered.
I'm sure someone will be daft enough to try to get deleted from results and cause some club no end of hassle.
|
May 2018
4:33pm, 22 May 2018
13,393 posts
|
Yorkshire Pie
Larkin - why would they wait til Monday? One of our clients is making a request on Friday so the other side can lose three days over the weekend and bank holiday [employment dispute - it's a deliberate tactic to be difficult...]
|
May 2018
4:49pm, 22 May 2018
28,793 posts
|
HappyG(rrr)
It's not black and white. As others have said, the main thing they are trying to stop is a. target the big boys who hold lots of horrid, unnecessary data about us and often use it without our knowledge or consent and b. marketing (even for small companies).
But theoretically, as a club you could be asked to justify holding results for previous years. You probably put something in your race Ts and Cs which says you consent to the results being published. But is it then "reasonable" that this information persists to the next year and the next? Then for how many years etc.?
No one wants to get into a legal battle about it, because it would cost a club money just to defend itself.
But then on the other hand, you have legal obligations to hold some user data for other reasons e.g. that your training badges are up to date, that anyone working with kids has been properly screened etc. So you have to balance "obligation to hold data" vs. " right to have your data removed" and all combinations of this to either retain or destroy data. It's actively being on top of all of that, which is hard work.
Scary biscuits. Though, as with much EU legislation, it's for the right reasons. G
|
May 2018
5:29pm, 22 May 2018
1,244 posts
|
J2R
Is there any need to send out an email to members requiring them to opt in to anything, given that the only email they get are to do with the functioning of the club?
|
May 2018
6:22pm, 22 May 2018
1,321 posts
|
TomahawkMike
Whilst completely anti paperwork for small businesses I can see reasons for some for this. Its just a massive shame that the guidance seems to be aimed at big businesses and I would have liked to see more templates provided (for policies etc) for a variety of small organisations. Its tying us in knots at the moment. Then again i have been rung twice in the last 2 days being asked why I was a DNA (did not attend) for a hospital appointment I haven't had. Half the information on the letter that the hospital is sending to my gp about this relates to another named person who apparently was a DNA but his record is mixed up with mine somehow (it's my name and address but the narrative refers to a different man entirely)..and given that I am also waiting for a hospital appointment its starting to worry me thay I may be taken off the list. Aaagh. I might be one of this awkward people sending in a SAR on Friday. ..
|
May 2018
6:26pm, 22 May 2018
1,322 posts
|
TomahawkMike
J2R.. to answer your question... perhaps.. my gas plumber has just done exactly that to his clients so that he can legitimately write to remind them when the boiler service is due. Madness. He doesn't do any marketing but his interpretation of GDPR is telling home to do that..
|
May 2018
6:26pm, 22 May 2018
1,323 posts
|
TomahawkMike
(Him not home)
|
May 2018
7:09pm, 22 May 2018
106 posts
|
Raemond
If anything, giving people a false sense of control over what sort of email you might send them is contrary to the spirit of the rules.
If you need to send people information about events, or when subs are due, or whatever, then it would be wrong to ask them to 'consent' to this. If you're pushing something else, say a member is in a trade and offering a special rate to other members so you want to send an email around advertising it, that could be beyond what members reasonably expect. (I have no idea if that's something your club ever does or would do, just the first example I could think of).
In reality, I'd say if you hadn't asked people when they signed up as members of they'd be OK with that sort of thing, then rather than spamming them now with yet y another request that will get lost in the multitudes, wait until something comes up and tag on a 'by the way, if you're happy to receive this sort of email in the future reply with some sort of positive indication' and then from that point on, only send non essential emails to people who've replied with said positive indication.
In the unlikely event that anyone complains you may get told not to do it again, but that's about it.
If you did include a box to tick (and didn't pre-tick it for them) that mentions that kind of email, and have a record of the fact that they ticked it, then you're all good (though should still include an easy way for people to let you know if they change their mind in each such email that you send)
|