You need to be logged into your account to sign up to our newsletter. Please login here.
The West Midlands Police Sports & Wellbeing Association, Tally Ho Sport & Wellbeing Association, Pershore Road, Edgbaston, Birmingham, B5 7RN (the “Club”) is a private members’ club offering leisure facilities.
The privacy of your personal data is very important to us. The collection and processing of personal data by the Club is governed by “Data Protection Legislation” including the Data Protection Act 2018, the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (the “Data Protection Regulations”) and the General Data Protection Regulation (EU) 2016/679, the UK GDPR as defined in the Data Protection Regulations (as applicable) and any other applicable laws relating to the protection of personal data and the privacy of individuals (all as amended, updated or re-enacted from time to time).
The Club complies with its obligations by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access, and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
YOUR PERSONAL DATA
Personal data is any information which identifies you as an individual. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession.
This may include but not limited to name, address, phone numbers, email addresses, date of birth, gender, employment status, demographic information, personal descriptions, photographs, CCTV images, Membership numbers, usernames, and passwords.
We will only collect personal data that we need to fulfil our legal obligations, deliver services to you, and enable us to tailor and enhance your experience of the Club.
WHO WE COLLECT PERSONAL DATA FROM
We collect personal data from:
We never sell personal data. We will only share it with organisations, when necessary, in order to fulfil our service to you and where the privacy and security of your data is assured.
HOW DO WE PROCESS YOUR PERSONAL DATA
We will only process your ‘personal data’ for legitimate purposes, as set out in the General Data Protection Regulation (from 25 May 2018) and the UK Data Protection Act.
All ‘personal data’ supplied to us will be processed for the purpose outlined in a specific privacy notice at the time of collection and in accordance with any consent and preferences you express.
If asked by the police, or any other regulatory or government authority investigating suspected illegal activities, we may be obliged to provide them with your personal data.
Below are the main uses of personal data, dependent on your relationship with us and how you interact with various services and technology.
When a new Member joins the Club, we collect the following but not limited to information:
This personal data is used to administer the new member joining process; maintain a record of your membership, process your membership subscription, enable you to use the Club, contact you regarding your membership renewal and the Annual General Meeting.
We undertake research and analysis on all the data we collect to tailor our services and communication with you.
Children under the age of 18 are considered Juniors and are linked to an adult parent/guardian who must be a member. We hold the name, address, and date of birth on our system. Juniors are not permitted access to our website/ benefits platform due to age restricted benefits.
We ask permission to collect the following but not limited to information from people who make enquiries about Membership:
We may also use automated communications with you dependent on your interests and consent.
Visitors to the Club
We collect the name, address, and contact details from Members’ guests who wish to come and enjoy our facilities.
Visitors to the Website
If you visit and interact with our website and Members’ area of the website, we may collect information about you using cookies. Cookies are small text files stored on your device when you visit certain websites. Cookies will not give us access to your device, cannot harm your computer and cannot provide us with any personal data about you, other than the data you choose to share with us by completing forms on our website.
Non-personally identifiable information may include: the type of browser and operating system you are using, your IP address, your device identifiers, your Internet or wireless service provider, and location-based information, specific web pages, length of time spent, pages accessed, and search terms used to find the website.
When you first visit our website, you will be asked whether you wish to accept our cookies. You can choose to accept or decline cookies and you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of the website.
You may find links to third party websites on our website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
Members may opt in to receive emails, letters, text messages or phone calls about member related benefits or activities that we think may interest.
Communications are only sent to those who have consented to receive such information and is governed under the General Data Protection Regulation.
If you wish to alter or opt out of communications from us, please update your marketing preferences on our website.
To comply with our contractual, legal, and management obligations and responsibilities as a responsible employer, we process personal data, including ‘sensitive’ personal data, from job applicants and employees. This includes:
The Act defines ‘sensitive personal data’ as information about racial or ethnic origin, political opinions, religious beliefs or other similar beliefs, trade union membership, physical or mental health, sexual life, and criminal allegations, proceedings, or convictions.
We will process data about an employee’s health where it is necessary, for example, to: • record absence from work due to sickness
This processing will not normally happen without the employee’s knowledge and, where necessary, consent.
Data about an employee’s criminal convictions will be held as necessary.
We may process data about, but not limited to, an employee’s racial and ethnic origin, their sexual orientation, or their religious beliefs only where they have volunteered such data and only for the purpose of monitoring and upholding our equal opportunities policies and related provisions.
Suppliers, contractors, and stakeholders
We will hold the following data about our suppliers, contractors, and stakeholders
The Club uses CCTV equipment to provide a safer, more secure environment for members and staff and to prevent bullying, vandalism, and theft. Essentially it is used for:
The Club does not use the CCTV system for covert monitoring.
Access to the CCTV recorded footage is limited to designated staff and other authorised personnel (including police) with a legitimate reason to view and/or otherwise use the captured footage, including the provision of evidence in support of prosecution of criminal or illegal behaviour. Authorisation to review any footage will be given to relevant parties on a case-by-case basis which will be determined at the discretion of the Chief Executive in accordance with applicable data protection legislation.
Live footage recording is automatically erased after four weeks.
Further details governing the use of CCTV may be found in our CCTV Policy.
SHARING YOUR PERSONAL DATA
Your personal data will be treated as strictly confidential. We do not share your personal data to any third parties for commercial purposes. We only share your data with third parties to administer membership and provide services.
When we do share data with third parties, we take measures to ensure they are compliant with GDPR and there are appropriate measures and controls in place to keep your data secure.
To carry out our contractual and management responsibilities, we may, from time to time, need to share an employee’s personal data with one or more third parties:
We never share ‘personal data’ to any other third party for commercial reasons and would only do so if we obtained your consent.
KEEPING YOUR DATA SAFE AND SECURE
We undertake the following measures to ensure the personal data we hold is kept safe and secure:
YOUR RIGHTS AND YOUR PERSONAL DATA
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
SUBJECT ACCESS REQUESTS
If you would like to view the personal data the Club holds about you, you will be asked to complete a Subject Access Request Form to provide us with:
If we hold your personal data, we will give you a copy of the information together with an explanation of why we hold and use it. Once we have all the information necessary to respond to your request, we’ll provide your information to you within one month. This timeframe may be extended by up to two months if your request is particularly complex.
WHAT TO DO IF YOU’RE NOT HAPPY
In the first instance, please talk to us directly so we can try to resolve your issues. You also have the right to contact the Information Commissions Office (ICO) if you have any questions about Data Protection. You can contact them using their help line 0303 123 113, by post at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF or at www.ico.org.uk
UPDATING THIS POLICY