14. Data Protection

14. Data Protection TobyManning Mon, 22/02/2010 - 15:13

Policy approved 12 May 2018, amended 28 June 2020, 2 November 2022 and 2 February 2024.

  1. We acknowledge that we are subject to the General Data Protection Regulation.
  2. We understand that we are exempt from registering with the Information Commissioner’s Office.
  3. We keep details of names, addresses, telephone numbers, email addresses and Go strengths on a computer database. This data base is kept securely off-line by the Membership Secretary, and is not accessible remotely via the Internet. It is not divulged outside the Association (except as required by law, and with the exceptions below). It is available to BGA officials on a "need-to know" basis.
  4. We keep your email address (but no other details) on a computer database which is part of the britgo domain. This is used to dispatch your electronic Newsletter. This database is password protected, and is not linked from the main britgo domain (hence is not accessible to search engines). The password is divulged to a limited number of BGA Officials on a "need-to-know" basis. Identical arrangements pertain to the Youth Newsletter.
  5. We publish the results of tournaments, which include the names and clubs of the players, on the Internet and, by entering a tournament, players agree to this. Some tournaments publish a list of entrants in advance, and entrants are asked to agree to this (though entrants can usually opt out of this list).
  6. The following data is sent to third parties:
    • Your name and address are sent to the printers of the British Go Journal so that they can send it, and possibly other BGA publications, to you.
    • If you take part in a tournament, your name and results are sent to the European Go Federation for incorporation into the European Go Database. This database provides a publicly-viewable record of players’ tournament activity.
    • We use third parties (PayPal, regulated by the CSSF in Luxembourg, and GoCardless, regulated by the Financial Conduct Authority in the UK) to manage the collection of membership subscriptions and some other payments. The only data that is passed to these organisations is what is required by them, and is limited to the member’s name and address. The member will be asked to provide financial data (e.g. credit card details) to the third party, but the only information that is available to the BGA is the name of the Bank and the last 2 digits of the account number for those using GoCardless.
  7. Under the Companies Act 2006, section 116 we are obliged to provide your name and address (but no other information) to any member without charge, and to any non-member on payment of a fee. Anyone asking for this information must tell us the purpose of requiring this information, and if it is to be disclosed to any other person or organisation.
    We can reject the request if it is not for a “proper purpose” (s. 117) but this will involve the court, which may result in significant costs to either the BGA or the applicant depending on the result of the legal process.
    If the person making the request provides information that is “misleading, false or deceptive”, uses the information for any purpose other than that stated or provides the information to a third party who similarly misuses it then they are committing an offence (s119).
  8. Where we hold video meetings to which members are invited our software of choice is Zoom. We will not pass any member's personal data to Zoom. Creation of a Zoom account is not needed to join a meeting, but should a member create an account then that will be subject to the standard Zoom data protection arrangements. In the event that other software is used, then similar principles will apply.
  9. All Members are asked to agree that we may divulge their contact details to other Association members for strictly Go-related and non-commercial purposes, such as to enable members to play Go and to encourage the formation of new Go clubs.
  10. Except as may be required by law, personal data is deleted:-
    • When a member specifically requests it or
    • Within 18 months of a member failing to renew their annual subscription.
  11. We run email groups, and the list of email addresses is kept secure, is not divulged outside the Association (except as required by law) and is only available on a need-to-know basis. However, your email address will be visible to other members of the group if you make postings.

Here is a link to our Privacy Notice