Latest News News from the Foundation

GDPR and Club Doncaster Foundation

16 May 2018

What kind of data do you hold?

We hold data securely in relation to a wide number of transactions and interactions that we have with people associated with Club Doncaster. Some examples of these (this is not an exclusive list):

  • Customers attending the box office to purchase ticketing or membership products
  • Business customers who work with us
  • Prospective and current members of staff
  • Volunteers
  • Persons engaging in our Foundation and Community projects
  • Persons attending our college
  • Persons engaging and wanting to know about us through our social media and marketing communications.
  • Parents of our junior supporters sections, and match day experiences
  • Young Players and players representing our teams.

Why do you hold the data?

We will hold your data for the following reasons:

  • Because you ask us to (Consent)
  • Because we need this to carry out our part of the service, for example to send an invoice (Contract)
  • Because we have to pass on or a part of a legal interest (Legal Obligation)
  • Because it may save someone’s life (Vital Interest)

How do you collect data?

We will always ask for your consent to hold onto data and to pass this onto our partners, this will be through asking for your written consent in the first instance. If we are unable to gain this, for example when someone is collecting a ticket on your behalf we will do all that we can to ensure that we are confident the person answering on your behalf is able to do this and has given us the correct information.

How and where is the data stored?

We have a number of systems across Club Doncaster where your information may be stored, for each transaction we will be clear and explicit and explain where we will use this data. We hold your data to interact with you and keep you updated with your current transactions with us, news and events, and further relevant information.

Who owns and controls the data?

In line with our purchased data systems, we will own and control the data that you entrust with us. If we do not have primary responsibility for this data we will tell you, and give you the right to opt in or out of services we and they provide.

How long do you keep the data and what is your justification for this length of time?

We will keep your data for as long as you consent us to. Once we have ended our relationship with you, this will be reviewed on an annual basis, and deleted following a period of inactivity. In most cases this will be no more than 36 months, but please check with the Data Protection Officer for individual cases.

What are your processes for deleting data?

We will ensure that we honour your right to be forgotten, and work with our partner software services to remove your history from our databases, and knowledge. In the case of written information we will destroy and ensure that it is not legible.

Who is responsible for the data and processing?

Richard Poole is the Data Protection Officer for Club Doncaster.

GDPR and Club Doncaster Foundation