Knights Basketball is a privacy conscious organisation and is strongly committed to your right to privacy. That is why we have drafted a Data Protection Policy, which follows guidelines set out in General Data Protection Regulations (May 2018).
Data Protection Policy
Knights Basketball is committed to complying with data protection law and to respecting the privacy rights of individuals. The policy applies to all of our staff, workers, directors, volunteers and consultants.
This Data Protection Policy sets out our approach to data protection law and the principles that we will apply to our processing of personal data. The aim of this Policy is to ensure that we process personal data in accordance with the law and with the utmost care and respect.
The Principles of the General Data Protection Regulations (Under Article 5):
- processed lawfully, fairly and in a transparent manner in relation to individuals;
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Knights Basketball’s full Data Protection Policy can be found below.
Processing of Data/Privacy Notices
We are committed to respecting your privacy. Our privacy notice explains how we may use personal information we collect before, during and after your membership with us. The notice explains how we comply with the law on data protection, what your rights are and for the purposes of data protection we will be the controller of any of your personal information.
The notice applies to you if you are either:
- an individual player/participant of Knights Basketball who has registered his/her interest in participating in the sport competitively and/or whose details we have collected from one of our affiliated clubs, schools, colleges, universities or other third-party referral;
- a coach, technical official or referee/table official who has registered for membership and/or to find out more about the training courses and accreditation services we offer; or
- a fan, participant or supporter of Knights Basketball who has contacted us to purchase any of our online merchandise and/or signed up to receive updates about upcoming events, offers and ways to get involved further with Knights Basketball.
We may update this privacy notice from time to time. When we change this notice in a material way, we will update the version date at the bottom of this page. For significant changes to this notice we will try to give you reasonable notice unless we are prevented from doing so. Where required by law we will seek your consent to changes in the way we use your personal information.
The names, images, pictures and logos identifying Knights Basketball, are the proprietary marks of Knights Basketball. Copying our logos and/or any other third party logos accessed via this website is not permitted without prior approval from the relevant copyright owner.
Requests for permission to use our logo should be directed to firstname.lastname@example.org. Tell us how and why you wish to use our logo. Please include your contact details, name, address, telephone number and email.
Hyperlinking to us at Knights Basketball
You do not have to ask permission to link directly to pages hosted on this site. We do not object to you linking directly to the information hosted on our site. However we do not permit use of our logo as a link without prior permission or our pages to be loaded into frames on your site. Requests for permission to use our logo should be directed to email@example.com
If Knights Basketball’s pages are to be used they must load into the user’s entire window.
Virus Protection Awareness
We make every effort to check and test material at all stages of production. It is always wise for you to run an anti-virus program on all material downloaded from the Internet. We cannot accept any responsibility for any loss, disruption or damage to your data or your computer system which may occur whilst using material derived from this website.
All staff members are responsible for ensuring that any personal data that they possess regarding any other individual is kept securely and is not disclosed to any unauthorised third party unless prior permission from the data subject has been sought after or it is highlighted and adopted in Knights Basketball’s privacy notice.
Any breach of this policy will be treated seriously and may also constitute a breach of the General Data Protection Regulations (May 2018). Any suspected breach of this policy or data breach will be dealt with by Knights Basketball’s Data Protection Officer, Compliance Manager or a nominated lead investigator. Knights Basketball may take action against any member who has breached Knights Basketball’s Data Protection policy in accordance with Knights Basketball’s Disciplinary Procedures.
If a suspected data breach is found, Knights Basketball’s Data Breach policy will be followed:
- Incident received/reported
- The Data Protection Officer (DPO) or appointed lead investigator will firstly determine if the breach is still occurring. If so, the appropriate steps will be taken immediately to minimise the effect of the breach.
- An investigation will be undertaken by the DPO or appointed lead investigator immediately and wherever possible within 24 hours of the breach being discovered/reported.
- The investigation will need to take into account the following:
- The type of data involved and its sensitivity
- Any protections that currently in place
- What’s happened to the data (has it been lost or stolen)
- Could the data be put to any illegal or inappropriate use
- Who the individuals are, number of individuals, potential affects on those data subjects
- Are there any wider consequences to the breach
- The DPO or appointed lead investigator will determine who needs to be notified of the breach.
- Any legal/contractual requirements?
- Whether notification would assist the individual affected – could they act on the information to mitigate risks?
- Whether notification would help prevent the unauthorised or unlawful use of personal data?
- Would notification help Knights Basketball meet its obligations under the seventh data protection principle;
- If a large number of people are affected, or there are very serious consequences, whether the Information Commissioner’s Office (ICO) should be notified. Not every incident warrants notification and over notification may cause disproportionate enquiries and work.
- Notification to the individuals whose personal data has been affected by the incident will include a description of how and when the breach occurred, and the data involved. Specific and clear advice will be given on what they can do to protect themselves and include what action has already been taken to mitigate the risks. Individuals will also be provided with a way in which they can contact Knights Basketball for further information or to ask questions on what has occurred.
- Once the initial incident is contained, the DPO or appointed lead investigator will carry out a full review of the causes of the breach; the effectiveness of the response(s) and whether any changes to systems, policies and procedures should be undertaken.
Above is a brief overview of Knights Basketball’s data breach policy. Knights Basketball has an internal data breach policy which will be followed where any breach is found. Our Data Breach flowchart can be found here.
To reduce the risk of any data breach occurring, Knights Basketball has taken the following steps to reduce any risk:
- Knights Basketball will ensure that its name and address will be on all paperwork as appropriate and will identify the use to which any information requested will be put.
- Data held will be used responsibly and within the limits described in the regulations.
- The type of data collected will be reviewed at least annually.
- Any error will be rectified as soon as possible after Knights Basketball becomes aware of it.
- Financial records are kept for seven years or as long as is dictated by the law.
- All computer-held personal or financial data is held on password protected computers with only the authorised users holding passwords
- Any data held in paper form will be kept in locked cabinets on site at Knights Basketball’s Head Office at the National Squash Centre in Manchester and only accessed by authorised personnel.
- Any paper records are destroyed when they are no longer required. This done through a confidential shredder based within the Head Office.
- Data held on the Knights Basketball server is backed up on a regular basis and copies taken off site.
- Knights Basketball’s s offices are locked out of office hours and only authorised staff may gain entry.
Individuals and organisations on which Knights Basketball holds information have the right to: The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
More information with regards to each individual right can be found on the ICO website – ICO Individual Rights
Online Registration System, Website Terms and Conditions
Users of the Knights Basketball online registration system do so in accordance with the Knights Basketball Privacy and Data Protection policy. Any information provided by will be held by Knights Basketball on its computer records in accordance with the General Data Protection Regulations.
Club Contact details will be placed on the Knights Basketball website, if you do not wish to have your club contact details on the Knights Basketball website please contact Knights Basketball Customer Service team at firstname.lastname@example.org and we will remove your club contact details from our website.
We will also from time to time send individual members electronic communication via email. If you do not want to receive these communications please place a tick in the data protection box found in your preferences tab on the Knights Basketball registration system, contact the Customer Service team at email@example.com informing them that you no longer wish to receive these communications or click the opt-out link at the bottom of the communication. Moving forward our membership system will change to an opt-in marketing preferences and this development will sit within phase 2 of our digital upgrade.
The Knights Basketball website and material relating to information, products and services (or to third party information, products and services) is provided ‘as is’, without any representation or endorsement made and without warranty of any kind whether express or implied, including but not limited to the implied warranties of satisfactory quality, fitness for a particular purpose, non-infringement, compatibility, security and accuracy. We do not warrant that the functions contained in the material contained in this site will be uninterrupted or error free, that defects will be corrected, or that this site or server that makes it available are free or viruses or represent the full functionality, accuracy, reliability of the materials.
In no event will we be liable for any loss or damage including, without limitation, indirect or consequential loss or damage, or any loss or damages whatsoever arising from use or loss of use of data or profits arising out of or in connection with the use of the Knights Basketball website.
If any of these Terms and Conditions should be determined to be illegal, invalid, or otherwise unenforceable by reason of the laws of any state or country in which these Terms and Conditions is are intended to be effective, then to the extent and within the jurisdiction which that Term or Condition is illegal, invalid or unenforceable, it shall be severed a and deleted from this clause and the remaining terms and conditions shall survive, remain in full force and effect and continue to be binding and enforceable. These Terms and Conditions s shall be governed by and construed in accordance with the laws of England and Wales. Any dispute arising under these Terms and Conditions shall be subject to the exclusive jurisdiction of the courts of England and Wales.
If these Terms and Conditions are not accepted in full, you do not have permission to access the contents of this website and therefore should cease using this website immediately.
Responsibilities of Staff and Management
The management and staff of Knights Basketball are responsible for the processing of data in accordance with the regulations and for upholding the principles outlined in this policy for the processing and maintenance of data regarding its members.
All personnel are expected to observe data protection good practice at all times and to ensure that the personal data they make available for processing is kept accurate, up to date and secure.
Transferring of Data
Knights Basketball currently doesn’t hold or transfer data outside of the European Economic Area (EEA).
If this changes it will be communicated as appropriate and/or any transfers made will be in full compliance with all aspects of the General Data Protection Regulations (May 2018).