Back

Login

Don’t have an account?Register
Powered By
Pitchero

Policies


Privacy policy

AFC CORSHAM PRIVACY POLICY

General Statement of Intent
AFC Corsham takes the privacy of its members seriously. This policy explains how we collect, use, store, and dispose of personal data in accordance with UK GDPR, the Data Protection Act 2018, and guidance issued by the FA and the Information Commissioner's Office (ICO). We are committed to maintaining the highest standards of data protection, transparency, and integrity.

Collection of Personal Information
We collect personal data to deliver football safely and effectively. Data is typically gathered during:

Player/volunteer registration

Event participation

Disciplinary matters

Health & welfare reviews

Website and forum usage

Data may include full name, address, date of birth, contact details, medical conditions, emergency contacts, and consent preferences. For managers and volunteers, we also collect safeguarding and training credentials. Data is only collected with appropriate consent and used for specified purposes.

Lawful Basis for Processing
We collect and process personal data under the lawful bases of:

Consent (e.g. media use, optional communications)

Contractual necessity (e.g. league registration)

Legal obligation (e.g. safeguarding checks)

Legitimate interest (e.g. club operations, fixture management)

Storage and Security of Personal Information
Information is stored securely:

Electronic data is held on password-protected systems (e.g. FA Whole Game System, Pitchero, Club forms).

Paper records are held securely by the Club Secretary, Chair, or relevant managers.

Access is restricted to those with a defined club role and subject to confidentiality.

All managers handling data are required to complete relevant safeguarding training.

Use of Personal Information
Data is used to:

Register players with leagues and the FA

Manage training, fixtures, and communication

Ensure safeguarding and medical needs are met

Support club promotion and development (with appropriate consents)

We do not share your data with third parties for marketing purposes. We may share information with football authorities (FA, leagues, County FA), emergency services, or where legally required.

Data Accuracy and Member Responsibilities
Members and parents/guardians must ensure that data held is accurate and up to date. Changes should be reported promptly to the Club Secretary via secretary.afccorsham@gmail.com.

Access to Personal Information
You have the right to access your personal data. To do so, email your request to secretary.afccorsham@gmail.com. We will respond within 30 days.

Retention and Disposal of Data

Player data is retained for the current season and up to two further seasons to support safeguarding and governance.

Volunteer data is held for the duration of their role and deleted no later than 12 months after they leave, unless there is a safeguarding reason to retain it.

Data is securely destroyed (electronically wiped or physically shredded) once no longer required.

Cookies and Website Data
Our website may use cookies to improve functionality and user experience. These do not collect personal data unless explicitly provided. You can disable cookies via your browser settings.

Third-Party Links
Our website or communications may include links to external sites. AFC Corsham is not responsible for their privacy practices. Users should review the privacy policy of any linked site.

Photography and Media
Images and video may only be used if consent has been given during registration. Where external use is proposed (e.g. in the press or public campaigns), separate consent will be obtained.

Data Protection Officer (DPO)
For any data protection concerns or complaints, please contact our designated DPO:
Emma Bevan, Club Welfare Officer
Email: corsham.welfareofficerafc@gmail.com

Policy Review and Updates
This Privacy Policy is reviewed annually or when required due to changes in law or FA policy. The latest version is always available on our website.

Last updated: July 2025

Data policy

AFC CORSHAM DATA POLICY

1. Purpose
This Data Policy outlines how AFC Corsham collects, stores, processes, shares, and deletes personal data. The policy ensures compliance with data protection legislation and promotes responsible handling of all personal information associated with club operations.

2. Scope
This policy applies to all club officers, team managers, coaches, volunteers, and anyone else who handles personal data on behalf of AFC Corsham.

It covers:

Players (including youth and adult participants)

Parents/guardians

Volunteers, coaches, and club officials

Referees and event attendees

Website and forum users

3. Data Protection Principles
In accordance with the UK General Data Protection Regulation (UK GDPR), AFC Corsham ensures personal data is:

Processed lawfully, fairly and transparently

Collected for specific, explicit and legitimate purposes

Adequate, relevant and limited to what is necessary

Accurate and kept up to date

Stored securely and only for as long as necessary

Processed in a manner that ensures appropriate security

4. Lawful Bases for Processing
The club relies on the following lawful bases for processing personal data:

Consent: For optional uses (e.g. photography, communications)

Contractual: For club membership, match registration

Legal obligation: For safeguarding and health & safety

Legitimate interests: For internal club administration

5. Data Collected
Typical personal data collected includes:

Full name, date of birth, gender

Contact details (email, phone, address)

Emergency contacts

Medical information

FA registration data (FAN numbers, DBS checks, qualifications)

Consents (media use, data sharing)

Attendance, performance, and disciplinary records

6. Responsibilities

The Club Secretary is the primary data controller for operational data.

The Welfare Officer manages safeguarding and sensitive data.

Team Managers and Coaches act as data handlers for their teams.

All club officials must complete basic data protection awareness annually.

7. Data Security and Storage

Electronic data is stored securely using password-protected devices and FA systems (e.g. Whole Game System, Club Portal, Pitchero).

Paper records are stored in locked cabinets by the Secretary or Chair.

Access is restricted to individuals who require the data to fulfil their role.

Personal data must never be shared informally or stored on personal, unsecured devices.

8. Data Retention and Disposal

Player and membership data is retained for up to 2 years after membership ends.

Volunteer data is retained for 12 months post-departure, unless safeguarding legislation requires longer retention.

Obsolete data is securely destroyed (e.g. digital deletion, paper shredding).

9. Data Subject Rights
All individuals whose data is held by the club have the right to:

Request access to their personal data

Request correction of inaccurate data

Request erasure of data, where lawful

Object to processing under certain conditions

Withdraw consent (for consent-based data)

Requests should be submitted to secretary.afccorsham@gmail.com. The club will respond within 30 days.

10. Data Breaches
Any data breach or suspected breach must be reported immediately to the Club Welfare Officer. The club will assess the risk and report to the ICO where required, within 72 hours.

11. Training and Awareness
All managers, coaches and committee members are required to complete safeguarding and data handling training where applicable. Guidance and refreshers are provided annually.

12. Review and Policy Updates
This Data Policy will be reviewed annually or when required by legislative or operational changes. The latest version will always be available on the club website.

Last reviewed: July 2025