As you may be aware, there is a new data protection law - the General Data Protection Regulation (GDPR) - coming into force on 25th May this year. The GDPR will replace the Data Protection Act 1998 in its entirety and will, from 25th May 2018, regulate the processing of personal data in the UK.

The Essex County FA recognises that we collect, hold and process personal data - this article is therefore intended to give you further information about the GDPR, what it is, the main concepts and how the changes might impact on your league or club. We have set out a series of Frequently Asked Questions (FAQs) below which provide further information and summarise the work which the Essex County FA and The FA are undertaking in this area.

In summary, where a league or club relies on an FA system, for example the FA Whole Game System or Full-Time, The FA will ensure FA systems meet requirements on information security and will also update the associated online terms and privacy notices in accordance with the GDPR. In addition, The FA will make sure contracts are in place with any relevant software providers and with other footballing stakeholders as needed under the regulation.

Where your league/club uses non-FA systems, or processes personal data in hard copy format, these will not be reviewed by the Essex County FA or The FA, and compliance activities will need to be undertaken in respect of such systems and/or processing. See FAQ9 for information on the support available for any compliance activities you may need to carry out.

Muckle LLP and Sport England have also provided some excellent guidance on GDPR for members of the grassroots sporting community. Muckle’s Online Training Modules can be found here while a Sport England GDPR Toolkit is available here. If you'd like to sign-up for our new E-Mail Newsletter, please click the icon below...