GDPR Compliance and Processes

 Individual Privacy Rights 

The Club, County, Province and Central Council of the GAA process personal data to administer and conduct GAA related activities. This includes membership and player registrations, team sheets, disciplinary processes, communications and notifications of GAA events, club fundraising activities, coaching activities and compliance related requirements (i.e. vetting and insurance). We will never share your information with third parties for any purpose without your consent. 

The General Data Protection Regulation (‘GDPR’) is applicable from 25th May 2018 and is designed to give individuals more control over their personal data. 

The key principles under the GDPR are: 

Lawfulness, fairness and transparency; 

Purpose Limitation; 

Data minimisation; 

Accuracy; 

Storage Limitation; 

Integrity and confidentiality; 

Accountability 

In furtherance with the above principles, the following rights are enshrined within the General Data Protection Regulation (GDPR) and are available to every individual in relation to their own personal data. 


1) The Right to be Informed 


You have the right to receive information relating to the processing of your personal data and this should be provided to you at the point your personal data is collected. 


2) The Right to Access 


You have the right to receive a) Confirmation of whether or not personal data concerning you is being processed; b) Where personal data concerning you is being processed, a copy of your personal information; c) Where personal data concerning you is being processed, other additional information as follows: the purpose(s) of the processing; the categories of personal data; any recipient(s) of the personal data to whom the personal data has or will be disclosed; the retention period or, if that is not possible, the criteria used to determine the retention period; the existence of your rights.


3) The Right to Rectification 

If your personal data is inaccurate, you have the right to have the data rectified, by the controller, without undue delay. If your personal data is incomplete, you have the right to have data completed, including by means of providing supplementary information. 

4) The Right to Erasure 

This is also known as the ‘right to be forgotten’. You have the right to have your data erased, without undue delay, by the data controller under certain circumstances. 

5) The Right to Data Portability 

In some circumstances, you may be entitled to obtain your personal data from a data controller in a format that makes it easier to reuse your information in another context, and to transmit this data to another data controller of your choosing without hindrance. This is referred to as the right to data portability. 

 

6) The Right to Object to Processing 

You have the right to object to certain types of processing of your personal data. You have a stronger right to object to processing of your personal data where the processing relates to direct marketing. 

7) The Right of Restriction 

You have a limited right of restriction of processing of your personal data by a data controller. Where processing of your data is restricted, it can be stored by the data controller, but most other processing actions, such as deletion, will require your permission. 

8) Rights in relation to Automated Decision Making 

You have the right to not to be subject to a decision based solely on automated processing. Processing is "automated" where it is carried out without human intervention and where it produces legal effects or significantly affects you. 



If you wish to exercise any of the above rights, you can contact your Club via   email to Secretary.stperegrines.dublin@gaa.ie.

or the GAA Data Protection Officer on 01 8658600 or dataprotection@gaa.ie. 

Further information regarding your rights can be obtained through the Office of the Data Protection Commissioner, Canal House, Station Road, Portarlington, Co. Laois, or on the website www.dataprotection.ie 


How do I make a complaint or report a breach? 

Should you wish to make a complaint or report a breach under in relation to your Personal Data, you can do so by emailing the Office of the Data Protection Commissioner using the following email address: info@dataprotection.ie 

General Information Information relating to Data Protection and GDPR is available on the Data Protection Commissioner’s website http://www.dataprotection.ie. Additional information and how data protection specifically impacts on the GAA and supporting templates, forms and process documentation is available on the GAA website http://www.gaa.ie/ dataprotection.

 Queries and Support Queries regarding Data Protection can be sent to dataprotection@gaa.ie. 

Training
An online module to train club administrators, registrars, club executive committee and members is available at learning.gaa.ie/courses/dataprotection

 
All GAA members and Club Officials are encouraged to review the content to familiarise themselves with the requirements of GDPR.

GDPR Specific Downloads:

GAA-Units-Website-Individual-Privacy-Rights.pdf

SubjectAccessRequestProcess_Neutral.pdf

DataBreachProcess_Neutral.pdf



AIG

Upcoming Events