Target Shotgun Association of Ireland

General Data Protection Regulation Policy

About

This policy explains when and why the Target Shotgun Association of Ireland collect personal information about our members and how we use it, keep it secure and member’s rights in relation to the data. This includes probationary members, visitor and guests. We will collect, use and store personal data, as described in this Policy when people engage in activities with the Association. Normally this will be though some level of membership.

We reserve the right to amend this Policy from time to time without prior notice. You are advised to check out the Target Shotgun Association of Ireland’s website for any amendments (www.shotgun.ie). We will only share your personal data with any third parties as per the information set out in this Policy.

We will only share your personal data with any third parties as outlined below. The data will be retained in line with the GDPR and other applicable European and Irish law.

Responsible person

For the purposes of Article 28 GDPR, the Secretary will be the “controller” of all personal data held about members and others. The Secretary is responsible for making sure the Association complies with the GDPR which applies from 25 May 2018. We will review personal data every year to establish whether we are still entitled to process it or not.

Member’s rights

You have the following rights under the GDPR:

• To access your personal data

• To be provided with information about how your personal data is processed

• To have your personal data corrected

• To have your personal data erased in certain circumstances

• To object to or restrict how your personal data is processed in certain circumstances

For more details, please address any questions, comments and requests regarding our data processing practices to the Secretary (secretary@shotgun.ie).

Legal bases for collection of information

The Target Shotgun Association of Ireland had three basic reasons for collecting your data:

1. Consent: As part of your membership, you are asked to consent to communications from the Association. When entering competitions or events, you will be asked to consent to the use of your image for the use in publicity materials. You may withdraw this consent at any time, but once published, your image will remain in the public domain.

2. Contract: By agreeing to be a member, you are agreeing to contract with the Target Shotgun Association of Ireland.

3. Obliged by law: This applies to any legislation or lawful authority who may ask for such information.

4. Legitimate interests: Any legitimate reason for processing personal data.

Under Article 6 of GDPR, the lawful grounds for processing members data is fulfilment of contract, as the data subject is paying the Association a fee in return for membership. In order to provide this membership, certain information, will be required and collected. During membership application or renewal, bank details may be required in order to process payments.

Information we collect

The personal data you provide to us or we collect from you includes:

• Name, address, date of birth, gender

• Contact details which include but not limited to phone numbers and email addresses

• Financial information, including bank details in order to process payments although we do not retain complete payment information

• Criminal convictions, health information and medical history

• Firearms Certificates and information provided

• Participation in competitions and scores

• Attendance at events

• Photographs and/or videos, CCTV and other media in relation to sporting competitions and events.

Collection of Information

The personal information you provide to use, we collect from online submissions and paper documents in the following circumstances, among others:

• When you apply for membership

• When you renew your membership

• When you purchase an item from the Target Shotgun Association of Ireland

• When you register to receive information from us

• When you interact with us

• When you enter competitions

• When you attend a training course

• When you attend any event held by the Target Shotgun Association of Ireland

• When you make enquires or raise concerns

• When you enter into contracts with the Target Shotgun Association of Ireland

CCTV

CCTV may be used to record activities on the ranges that the Target Shotgun Association of Ireland may use, in the interests of safety and crime prevention. The images/data may be stored for approximately 20 days and then they are overwritten. For these reasons the information processed may include visual images, personal appearance and behaviours. This information may be about Association members, offenders and suspected offenders, members of the public and those inside, entering or in the immediate vicinity of the area under surveillance.

Where necessary or required this information is shared with the data subjects themselves, employees and agents, service providers, police forces, security organisations and persons making an enquiry.

Any complaints which rely on CCTV about theft/bullying/abuse etc. must therefore be made within 10 days of the incident otherwise the images will have been overwritten.

The Target Shotgun Association of Ireland is not the controller of this data.

Request to see your personal information

If your wish to know what personal data the Association holds, please email the Secretary (secretary@shotgun.ie) and s/he will respond within 14 days of the request, depending on availability.

Accuracy and retention of data

Each individual member is responsible for keeping the Secretary informed of changes to their data (e.g. address/telephone number etc. and this is updated at least once a year at renewal and you are at that time authorising the Association to hold such data on file.

Under Article 5’s principle of Storage Limitation, data will only be held for a period that is appropriate for its intended purpose. The data are kept on file at the Secretary’s home and/or in a secure area on the Association’s website to enable electronic renewals. The data will be normally kept for up to 6 years (the data on the website will be removed after the end of the renewal period). It may be kept for a longer period for reasons of legal and civil action or other ongoing case management. Name, address and length of membership data will be kept for up to 30 years for management of historical insurance claims. Names and scores may be kept indefinitely for reason of historical significance – e.g. on trophies, plaques and other awards.

Enquiries and other communications with the Association

When enquiring about the Association we may hold your details for a period of time to deal with the enquiry. Any emails and other communications with the Association will only be retained for a period of time appropriate to the content or request. Association emails will be purged on a regular basis (approximately 6 monthly). People added to an Association waiting list for membership will be informed and asked for permission to store that data at that point.

Children

Parents or guardians signing the probationary or full membership form are giving their permission for the data to be used as described elsewhere in this policy. Parental consent shall be sought for any person under the age of 18.

Garda Vetting

Under the National Vetting Bureau (Children and Vulnerable Persons) Act 2012, any person carrying out relevant work that involves children or vulnerable adults is required to be Garda vetted. The personal data collected is stipulated from a template sent out by the National Vetting Bureau (NVB). Once completed, the document is sent for processing.

Marketing

Pursuant to Article 21 GDPR, consent will be sought from each member to receive emails which may include benefits of membership from the Association. This consent may be withdrawn under Article 21 GDPR as the data subject has the right to object at any time to the use of their personal data for such marketing.