IPO/AIPO Policy on GDPR – Data Protection Policy
Last updated: 25th May 2018
The Irish Powerlifting Organisation, (incorporating The Amateur Powerlifting Organisation) described as IPO/AIPO for the remainder of this document, is conscious of our obligation to be compliant with the General Data Protection Regulation (GDPR) as introduced in to law on 25th May 2018. In this regard, we have developed this GDPR Policy. All members must
Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data (e.g name, date of birth, address etc).
Who are we?
For the purposes of this policy, the IPO/AIPO is the data controller. A data controller is the legal person or entity who controls and is responsible for the keeping and use of personal information on either on computer or in paper copy.
How your information will be used by The IPO/AIPO?
The IPO/AIPO complies with its obligations under the Regulations by;
- keeping personal data up to date (based on the information provided annually by its members)
- storing and destroying it securely
- by not collecting or retaining excessive amounts of data
- by protecting personal data from loss, misuse, unauthorised access and disclosure
- by ensuring that appropriate technical measures are in place to protect personal data
The IPO/AIPO processes personal data as outlined in Table 1 below. Data is retained for a maximum period of three years following the experience of your last membership application.
Table 1
Name |
Address |
Date of Birth / Age |
Telephone Number |
Email Address |
Club Details |
Photographs / Video Recordings |
Body Weights |
How do we process your personal data?
The IPO/AIPO logs the information provided by you on your application form on to a Microsoft Excel Database which is stored on password protected computers by the IPO/AIPO President and Treasurer. We use your personal data for the following purposes:
- To manage membership
- To organise competitions (including publication of results)
- To promote IPO/AIPO on its own website and on Social Media
Sharing your personal data
The IPO/AIPO does not share your personal data externally however, your data (e.g. Name, age, bodyweight) will be displayed publicly (on excel spreadsheet) during Powerlifting Competitions organised by IPO/AIPO. Any recording or photographs of these images by members of the public are outside of the control of The IPO/AIPO and you will be required to sign a disclaimer to this effect before entering the competition.
What are your rights?
Unless subject to an exemption under the Regulations, you have the following rights with respect to your personal data:
- Subject access
- To have inaccuracies corrected
- To have information erased
- To object to direct marketing
- To restrict the processing of their information, including automated decision-making
- Data portability
Transfer of Data Abroad
The IPO/AIPO does not transfer data outside the State of Ireland but data can be displayed on The IPO/AIPO website and Social Media Sites.
Automated Decision Making
The IPO/AIPO does not operate an automated decision-making platform.
Medical Data
The IPO/AIPO does not hold medical data in relation to their members. All members lift at their own responsibility.
Data Protection Officer
The IPO/AIPO President is the Data Protection Officer. The Data Protection Officer bears overall responsibility for ensuring compliance with data protection legislation.
Access Requests
You are entitled to request data held about you on computer or in hard copy. The IPO/AIPO will provide copies of this data within one month. There is no charge for requesting this data.
You should make a request in writing (quoting the relevant Data Protection Act) to the Data Protection Officer, stating the exact data required. You are only entitled to access data about yourself and will not be provided with data relating to other members or third parties.
Right to Object
You have the right to object to data processing that is causing you distress. Where such objection is justified, The IPO/AIPO will cease processing the data unless it has a legitimate interest that prevents this. The IPO/AIPO will make every effort to alleviate the distress caused to you.
An objection should be made in writing to the data protection officer, outlining the data in question and the harm being caused.
Review
This policy will be reviewed from time to time to take into account changes in the law and the experience of the policy in practice.
Types of Records
Records may exist in a variety of physical forms including;
- Paper documents (written or printed matter)
- Electronic records (i.e. word processing files, databases, spreadsheet files, emails, CCTV footage, electronic data on any media etc.)
- Books, drawings and photographs
- Anything on which information is recorded or stored by graphic, electronic or mechanical means
- copies of Competition Entry Forms
Consent for Minors
Written consent is required from a Parent or Guardian for all persons under the age of 18 years to be a member of The IPO/AIPO. The rules as outlined in this GDPR policy will also apply to minors on receipt of written parental or guardian consent.