We use essential cookies to make our site work. We'd also like to set analytics cookies that help us make improvements by measuring how you use the site. These will be set only if you accept.

For more detailed information about the cookies we use, see our cookies page.

Essential Cookies

Essential cookies enable core functionality such as security, network management, and accessibility. For example, the selections you make here about which cookies to accept are stored in a cookie.

You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics Cookies

ON OFF

We'd like to set Google Analytics cookies to help us improve our website by collecting and reporting information on how you use it. The cookies collect information in a way that does not directly identify you.

Third Party Cookies

ON OFF

Third party cookies are ones planted by other websites while using this site. This may occur (for example) where a Twitter or Facebook feed is embedded with a page. Selecting to turn these off will hide such content.

Data Protection, GDPR

GENERAL DATA PROTECTION REGULATION (GDPR)

All membership organisations have a legal and moral duty to protect the data of their members.

Many points of the GDPR already apply under current data protection laws. The GDPR will become enforceable from 25th May 2018. It replaces the Data Protection Act 1998 and covers the storage and use of ‘Personal Data’.

Personal data is defined as any piece of personal information that can be used to identify an individual, either directly or indirectly.

This includes information such as an individual’s:

• Name

• Telephone Number

• E‐mail address

• Date of birth

• Health information

• Location data

• Online identifier e.g. IP addresses or cookies

GDPR states that Personal Data can be held, without the need for consent, if it is adequate/relevant/non‐excessive. This means that as long as we as a club reasonably considers the storage of Personal Data to be relevant and non‐ excessive, we can continue to hold it. Under the GDPR, an organisation can lawfully process data only if at least one of the following conditions are met:

• The data subject has given their consent;

• If the processing is necessary for the performance of a contract;

• For compliance with a legal obligation;

• If the processing is necessary to protect the vital interests of the data subject;

• Public interest purposes;

• If there is a legitimate interest pursued by the data holder or a third party.

Bowls England therefore suggests that, for example, should a Club or County Association wish to ‘publish’ the telephone number of a member they should obtain ‘consent’ for this purpose – this must be ‘opt in’ rather ‘opt out’.