GDPR Stands for General Data Protection Regulation 2016/679
GDPR Stands for General Data Protection Regulation 2016/679
We at the KDO want to make sure all the personal information we have collected about you is safe and secure at all times. KDO are Data Processors for the British Darts Organisation (BDO) who are the Data Controllers.
This Policy sets out our commitments to you in compliance with and beyond the General Data Protection Regulation (commonly known as the GDPR) and explains how we collect, store and use your personal information.
We have not appointed a Data Protection Officer to oversee our compliance with data protection laws as we are not required to do so, but our Data Protection Team [i.e. The KDO Executive Committee] has overall responsibility for data protection compliance in our organisation.
If you have any questions about this Policy or what we do with your personal information, contact the KDO General Secretary using the information provided on this document.
Collecting specific, relevant personal information is a necessary part of us being able to provide you assistance when dealing with the KDO, BDO and BICC or just managing our relationship with you.
When the BDO hold or use your personal information as a data controller (see below for a description of what this is) they will provide you with a privacy notice which sets out in detail what information they hold about you (such as your contact details, address, etc.), how your personal information may be used and the reasons for these uses, together with details of your rights. This information is collected and Privacy Noticed supplied by the KDO (as Data Processors) on behalf of the BDO.
Where the KDO collect personal information from you directly, we will provide the privacy notice at the time we collect the personal information from you. The privacy notice will be available through the superleague representatives at the time of signing on to a team as they are representing the committee in this duty.
The KDO will only provide the privacy notice to you once, generally at the start of the relationship with you.
However if the applicable privacy notice is updated substantially, then we may provide you with details of the updated version. You are encouraged to check back regularly for updates.
Your super league representative or team captain might collect contact information off you as per usual and they will control that information. They will not pass it on to third parties without your permission.
A data controller is a person who controls how personal information is processed and used. A data processor is a person who processes and uses personal information in accordance with the instructions of a third party, i.e. the data controller.
This distinction is important. You have certain rights in relation to your personal information, for example the right to be provided with the personal information held about you and details of its use and the right to have certain of your personal information either erased or anonymised, commonly referred to as the right to be forgotten (see below to see what rights you have). These rights can generally only be exercised against a data controller of your information.
In most cases we will be a data controller of your personal information. In any case where we are not a data controller this means that you cannot exercise these rights against us directly (i.e. where we only act as a data processor), but you can do so against the data controller (i.e. the person who controls how we process the personal information). In these cases we will endeavour to inform you who is the data controller of your personal information so that you can direct any such requests to them.
Also it is only a data controller that will provide you with a privacy notice about your personal information, so where we process your personal information as a data controller we will provide you with a privacy notice. Where we process your personal information as a data processor for a third party, that third party should provide you with a privacy notice which will set out details regarding the processing of your personal information, which should also include the processing to be carried out by us on their behalf.
We will use your personal information as described in the privacy notice provided to you, but, for example, we pass on some of your personal information to the BDO when completing entry forms for end of season team and individual competitions.
Details of how we disclose your personal information are set out in the relevant privacy notice provided to you, but generally it is where we need to do so in order to run our organisation on your behalf. In such circumstances, we will put in place arrangements to protect your personal information. Outside of that we do not disclose your personal information unless we are required to do so by law.
We will not transfer personal information about you outside the European Economic Area (EEA).
We do not sell, trade or rent your personal information to others.
Further details of how long we hold onto your personal information for are set out in the relevant privacy notice provided to you, but we will only hold your information for as long as is necessary or where you ask us to delete records we may delete it earlier.
Information will not be kept for longer than 18 months. This is based on being used during the current season and overlapping the start of the next.
Full details of your rights set out in the relevant privacy notice provided to you, but you are entitled by law to ask for a copy of your personal information at any time. You are also entitled to ask us to correct, delete or update your personal information, to send your personal information to you or another organisation and to object to automated decision making. Where you have given us your consent to use your personal information in a particular manner, you also have the right to withdraw this consent at any time.
To exercise any of your rights, or if you have any questions relating to your rights, please contact the KDO General Secretary by using the contact details below.
You should note that some of your rights may not apply as they have specific requirements and exemptions which apply to them and they may not also apply to personal information recorded and stored by us. However your right to withdraw consent or object to processing for direct marketing are absolute rights.
If you are unhappy with the way we are using your personal information you can complain to the UK Information Commissioner’s Office (ICO) or your local data protection regulator. More information about your legal rights can be found on the Information Commissioner’s website at https://ico.org.uk/for-the-public/. However, we are here to help and would encourage you to contact us to resolve your complaint first.
We employ a variety of organisational measures to keep your personal information safe and to prevent unauthorised access to, or use, or disclosure of it. Unfortunately, no information transmission over the Internet is guaranteed 100% secure nor is any storage of information always 100% secure, but we do take all appropriate steps to protect the security of your personal information. We take information and system security very seriously indeed and only share with the BDO who are certified to the ISO.
Any KDO or personally owned computer able to access the BDO Database or scanned application/entry forms is to be password protected.
Documents with personal data on must be locked away.
Any changes we may make to this Policy in the future will be notified to superleague representatives by e-mail.
In the event of any query or complaint in connection with the information we hold about you, please email the General Secretary c/o [email protected]
Last Updated 28/06/2018