On May 25 the General Data Protection Regulation (GDPR) comes into effect, replacing the 1998 Data Protection Act.  Currently, personal data i.e. information relating to living individuals however it is processed, collected, recorded, stored or disposed of must comply with the Data Protection Act. This is being updated next month under the new regulation and will have implications for all organisations that store information on individuals including chess clubs, leagues and congresses. The ECF has been considering the implications for some time and has just produced this helpful guide:

https://www.englishchess.org.uk/wp-content/uploads/2018/04/GDPR-County-and-Club-Guide.pdf

Club and league secretaries together with congress organisers are strongly advised to read the guide and act upon it sooner rather than later. While it may seem unlikely that authorities would pursue humble chess clubs that fail to abide by the law, fines for failing to do so could be considerable. The changes under GDPR relate specifically to information collected and stored by clubs and organisations and how it is handled. Therefore, officials need to explain to their members or entrants the following:

  • what data is collected
  • how it is stored
  • to whom it is passed and for what purpose
  • for how long the data is kept
  • what individuals can do to limit how their data is used

One of the key differences between current and new legislation is that it is insufficient for a club or organisation to assume that individuals are happy for their personal  information to be used in any way stated by the club or congress on websites, emails or printed leaflets or entry forms – consent needs to be established i.e. ‘opt in’ will become the default setting and not ‘opt out’.

At Broadstairs (and the Thanet Chess Congress) we are preparing for GDPR and an update will be provided in due course.  Congress organisers might be interested to see how the British Championships have approached the new regulations and this may provide a useful template for other congresses:

https://www.britishchesschampionships.co.uk/conditions-2018/2/

More information on GDPR is available from the Information Commissioner’s Office (ICO):

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

Post navigation