GDPR (General Data Protection Regulation)

The General Data Protection Regulation (GDPR) came into force on 25 May 2018.

  • It gives EU citizens more control over how their personal data is used
  • It makes it clearer for organisations (including both businesses and clubs) to understand their data protection requirements
  • It is enshrined in UK law so there won’t be any change after Brexit
  • It brings significant fines for those who ignore or break the rules

How it affects clubs and societies

Every club or society should have reviewed their data protection policies before GDPR came into force. If you feel that you need to review them further, we recommend that you look at the Information Commissioner’s Office (ICO) website. This is a good source of information, has checklists that will help you to decide what changes you need to make and a “12 steps to GDPR” document to follow (11-page/539KB PDF).

We are keen to support our Members but as every club and society will store and process data differently the RSGB is unable to offer guidance in response to individual requests. The Society also cannot offer specific legal advice as each club is responsible in law for its own compliance.

The RSGB and your data

We take your privacy seriously. You can find out more about how we use and store your data by reading our Privacy Policy.