GDPR – Old

Data Protection Policy


Every member of Cosacss Swimming Club is required to complete a club membership form.  The details you provide to us are used solely for the purposes of your club membership and will not be used for commercial or marketing purposes. Your details are securely held by the committee in both hardcopy and electronic form which places a responsibility upon the club committee in relation to the General Data Protection Regulations (GDPR) which is effective from 25 May 2018.

GDPR replaces the Data Protection Act 1998 (DPA), however, many of the main concepts and principles are much the same as those in the (DPA).

GDPR Principles

GDPR puts in place 8 principles to make sure that the information you provide to us is handled properly, these are:

  1. Fair and lawful processing of personal data.
  2. Processed for specified, lawful and compatible purposes.
  3. Adequate, relevant and not excessive.
  4. Accurate and up to date.
  5. Not kept for longer than necessary.
  6. Processed in accordance with the rights of the individual.
  7. Processed with appropriate security.
  8. Not transferred outside the European Economic Area without adequate protection.

Club membership records are regularly reviewed by the committee to ensure compliance with these principles (e.g. when a swimmer ceases to be a member of the club, their membership details are destroyed).

Medical Details

The safety of club members is of prime concern to us. Given the nature of swimming, it is essential that club staff/committee are aware of any health issues that could impact a member’s safety, particularly when poolside.

The club membership form therefore requires each member to provide us with detail relating to any health issues that in your judgement you feel the club should be made aware of. In addition, we ask that you provide detail of any medication that might be required in relation to the health issue.

Any such medical information you provide to us is also held by us in both hardcopy and electronic form. Under the data protection act we require your explicit consent to hold such information and your signature on the membership form is our means of discharging our responsibility.

The current act also states that parental consent is required for the collection of data for children aged below 12 years of age. The Amateur Swimming Association feel that 12 years of age is too low and have decided that it would be better to obtain parental consent for the collection of data for anyone below 18 years of age.

Changes to membership details (including medical details)

Under the Data Protection Act we have an obligation to ensure the membership details that we hold are accurate – we can only do this if you let us know of relevant changes. Please liaise directly with the swim coach or squad representative.

ASA and the Data Protection Act

The ASA are registered with Data Protection on behalf of all affiliated clubs to hold personal data relating to your membership. This discharges the need for Cosacss Swimming Club to register independently. Further information on the data protection notice used by the ASA can be found here.