Lions 105CE Data Protection
“DO” AND “DON’T”
Here is a basic list of things to bear in mind when looking after people’s personal information appropriately while processing it for legitimate reasons:
DON’T - do not panic! Most of the measures that are now legal requirements are probably already in place, but some more “formal” documented recognition of this is what’s required. “Common sense” is the approach needed.
DO – do show everyone else’s personal information the same respect you would expect them to exercise on your’s.
DON’T – You do not need someone’s explicit consent every time you want to do something with it. For example, if you have obtained someone’s personal information because they want to be a member of the Club, then you have their “consent” to do this as they have given you the data – no need to keep asking!
DO – However, if someone does not like the way you are processing their data (be it sharing it through a Directory or putting their photo on the Facebook page), then consider their wishes and don’t do it! Is it necessary for their details to be in a Directory shared with all clubs? – well, if they are an officer of the Club, then probably this is reasonable processing. However, if they don’t like having their photo taken, then is it essential they are in that photo of handing over some charitable funds – again if they are an officer of the Club, probably yes, if not then probably no.
DO – Make sure that your security on the data is as robust as is feasible! If your Club data is held on an electronic system, consider who else may be able to access the data. If you do everything on paper, then perhaps a lockable filing cabinet/box may be the answer.
DO – do consider the compliance measures that are being recommended to your Club by the District Administration – these measures are designed to prevent your Club receiving big fines from the Supervisory Authority – the Information Commissioner’s Office (ICO) which you would have to find from the Administrative Account.