The administration app for clubs, groups, teams and clubs.
Get started now
What does a club have to pay attention to when it comes to data protection? Which content is important? What happens in case of disregard? We have prepared these and other questions for you, including a download sample & checklist on data protection for clubs in Austria, Germany and Switzerland.
The General Data Protection Regulation (GDPR for short) is an EU-wide law that came into force on May 18, 2018 with the aim of to protect personal data with regard to further processing. This is not a ban on the use of personal data, but a standardization at European level how data associated with a person is handled.
This regulation is important for the reason that countless amounts of data are collected, stored and processed by every single person online as well as offline.
We know that you can't spend days studying the legal aspects of data protection (even though it's very important) — that's why we've tried to make this information compact for you.
Even though the topic of data protection is EU-wide, we have designed this article in such a way that it is particularly suitable for clubs from Austria. For clubs from Germany, please switch to the following post — Data protection in Germany.
We do not assume any liability for accuracy and completeness, but we think that with this post you already have a very reliable source that will help you with your privacy policy. If you would like more detailed information from one of our expert partners, you will find it in the club handbook. A 98-page free ePaper written by experts for clubs.
Together with a legal expert (lawyer), we have created a download area with 35 documents as Word samples. In addition to board templates, many relevant legal templates relating to the most important club agendas can be purchased for a small fee in our legal section.
As a club, you have two good reasons why you should (must) address the issue of data protection. Firstly, you hold a large amount of personal data about your members, which falls precisely under this regulation. Secondly, it is certainly in your interest to protect your members' data and to manage and store it correctly.
Clubs are not subject to any special regulation, but the GDPR also applies to them in full broadside. There is also no difference whether a club is charitable or profit-oriented. Members' data is sensitive data and a data breach is not only seen as a loss of trust, but can often also be very expensive.
In summary, it can therefore be said that it is hardly possible for you not to have data from your own members who are not covered by the GDPR. All that remains is correct compliance with the regulation and the correct handling of personal data as a valid option.
Get your first 6 months free with the code VP50DACH.
Save not only time, but also money!
*Valid when you purchase the first package with a duration of 12 months.
Data protection concerns just about every company, club and organization. That is why this topic is so extensive. We have summarized a few of the most important points for you:
The collection and storage of data must not be random, but is subject to the principle of minimization. This means that member data must serve a purpose, e.g. be part of the professional organization of the club. They may also be stored during and for this purpose.
This term includes all data that can be uniquely assigned to an identifiable person. These may include name, address, date of birth, special characteristics, cultural, religious, sexual orientation, scientific or social identity,...
It is important to elect a person for the task of data protection officer in advance who sees himself as a supervisory and responsible person during the ongoing process of correct processing of data. It is also important to write down who this is: e.g. as an additional title for a board member.
Responsible people, such as board members, must keep confidential any data that has been provided to them on the basis of their position in the club, unless there is a legal reason for transferring the data. The member must have consented to the transfer of data in advance.
Every member of the association has the right to view and request all their data (and why they are needed/processed) at any time. This also means that as an association, you must therefore store all members' data cleanly and keep them inaccessible to the public.
Every member of the club has the right to view and request all of their data (and why it is needed/processed) at any time. This also means that, as a club, all member data must be stored securely and kept inaccessible to the public.
A request for correction or deletion can be made informally (oral is sufficient). You are entitled to correction if the data is demonstrably incorrect (e.g. incorrect date of birth). You have the right to delete if the intended purpose of the data is no longer necessary, if the data subject objects to the use of the data or if the data has been processed unlawfully.
The person responsible (e.g. board of directors) must comply with the request immediately, but no later than one month after receipt. An extension of a further two months is possible, but reasons must also be given. The applicant must be notified immediately that the request has been received.
The term GDPR refers to the regulation which lays a legal basis for the processing of personal data. A data protection provision, on the other hand, is the record that determines the exact listing and use of the data of a specific organization or club.
Detailed information can be found at: https://www.wko.at/service/wirtschaftsrecht-gewerberecht/EU-Datenschutz-Grundverordnung.html
To be on the safe side when it comes to data protection, we have worked with a solicitor to prepare a sample checklist covering all the important points for you. You can download this and other inexpensive documents from our legal section for clubs.
lookout
Fines for improper use of sensitive data can be up to 20 million euros or 4% of the total annual worldwide turnover. Although this will usually be lower for small organizations and clubs, you should also be aware of the heavy penalties as a club.
However, it can generally be assumed that the data protection authority will issue a warning for first-time violations of the GDPR. This is especially true if a club acts to the best of its knowledge and belief and attaches great importance to protecting its members' data.
However, your much greater motivation should be to handle your members' data in an exemplary manner, because that is what makes a good, trustworthy club.
Be part of over 15,000 clubs
In order to be able to give you further help, we have worked with the same data protection expert who wrote an article in the handbook on data protection in clubs (including image rights), which you are welcome to read through free of charge. Behind this link you can get to Club handbook.
If you have any questions about clubs or our associated administration, we, the team behind Vereinsplaner, gladly available. You can easily contact us in our Help center. We are looking forward to your questions, wishes and suggestions.
We would like to mention once again that this information serves as a guide and will never replace thorough self-research or even legal advice. We therefore recommend that every club board thoroughly study the GDPR and, if anything is unclear, contact legal advice.
In any case, a data protection provision must be adapted to your needs and requirements in the club. Just as statutes differ in every club, data protection regulations must also be individually coordinated with the club. We have therefore deliberately given you the opportunity to change our pattern at your discretion in order to tailor it specifically to your club.
Concentrated knowledge in the club handbook
Together with nine experts from practice, we have written a 98-page ePaper on current topics relating to clubs. The ePaper contains 5 chapters and 15 topics on important areas relating to the organization, members, funding, sponsors, taxes and more. A lawyer also addresses the issue of data protection. You can download the handbook for free from the website.
This article serves as a simple source of information and Vereinsplaner assumes no liability for the completeness and accuracy of this information. Vereinsplaner and the company behind it do not provide legal advice and information provided in this blog does not replace professional information from a (legal) expert in this area.
If you have any questions about clubs or our associated administration, we, the team behind Vereinsplaner gladly available. You can easily contact us in our Help center. We are looking forward to your questions, wishes and suggestions.
