Peak Power Sports GDPR Policy
1. Introduction
Peak Power Sports Camp is committed to protecting the privacy and personal data of all individuals, including participants, parents/guardians, staff, and volunteers. This GDPR (General Data Protection Regulation) policy outlines how we collect, use, store, and protect personal data in accordance with applicable data protection laws.
2. Data Collection and Processing
- Peak Power Sports Camp collects personal data only for specified, explicit, and legitimate purposes related to the provision of sports camp services.
- Personal data may be collected during registration, booking, or participation in camp activities and may include names, contact information, emergency contact details, medical information, and consent forms.
3. Lawful Basis for Processing
- Personal data is processed by Peak Power Sports on the basis of one or more lawful grounds as defined by the GDPR, including consent, contractual necessity, legal obligation, vital interests, and legitimate interests.
4. Consent
- Where required by law, Peak Power Sports obtains explicit consent from individuals before processing their personal data.
- Consent may be obtained through consent forms, online registration, or other appropriate means, and individuals have the right to withdraw their consent at any time.
5. Data Security
- Peak Power Sports implements appropriate technical and organisational measures to ensure the security and confidentiality of personal data.
- Access to personal data is restricted to authorised personnel who have a legitimate need to access the information for the purposes of providing sports camp services.
6. Data Retention
- Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected or as required by law.
- Retention periods are established based on legal requirements, contractual obligations, and operational needs, and personal data is securely disposed of when no longer needed.
7. Data Subject Rights
- Individuals have certain rights regarding their personal data under the GDPR, including the right to access, rectify, erase, restrict processing, and data portability.
- Peak Power Sports respects these rights and will respond to requests from data subjects in accordance with applicable law.
8. Data Sharing and Transfers
- Peak Power Sports may share personal data with third parties, such as regulatory authorities, medical professionals, or service providers, only where necessary and in compliance with applicable data protection laws.
- Personal data transfers outside the European Economic Area (EEA) are conducted in accordance with GDPR requirements, including the use of appropriate safeguards such as standard contractual clauses or adequacy decisions.
9. Data Breach Notification
- In the event of a personal data breach, Peak Power Sports will comply with GDPR requirements for data breach notification, including notifying affected individuals and relevant supervisory authorities without undue delay.
10. Accountability and Compliance
- Peak Power Sports is committed to maintaining compliance with GDPR requirements and regularly reviews and updates its data protection policies and procedures to ensure ongoing compliance.
11. Training and Awareness
- Peak Power Sports provides training and awareness programs for staff and volunteers to ensure they understand their responsibilities under GDPR and are aware of best practices for data protection and privacy.
13. Conclusion
Peak Power Sports is committed to protecting the privacy and personal data of all individuals and adheres to GDPR principles and requirements in the collection, processing, and protection of personal data. This policy outlines our commitment to data protection and privacy and our ongoing efforts to ensure compliance with applicable data protection laws.
Procedure Review Date
March 2024
Version
V.1
Peak Power Sport – GDPR Policy