The information on this website is not legal advice. It is presented as useful information for teams, clubs, leagues, counties and organisations involved in sport, and does not replace professional advice tailored to your organisation by a solicitor / attorney working on your behalf.
Pitch Hero Limited accepts no responsibility or liability for the accuracy of the information presented. Please seek your own legal advice.
The General Data Protection Regulation intends to unify data protection for all individuals within the United Kingdom and European Union.
The aim of the GDPR is to protect all UK and EU citizens from privacy and data breaches in an increasingly data-driven world that is vastly different from the time in which the 1995 directive was established.
The GDPR applies to any organisation (not just businesses) who hold, use or share information relating to an individual. This includes organisations who monitor or track the behaviour of UK or EU individuals, store data on them or sell to individuals within the UK or EU. This means that most sports organisations who maintain a membership list or database need to comply but also that organisations who are based outside of the UK and EU who sell to or store data on UK or EU individuals also have to be compliant as well.
The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.
This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people.
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr
The above is not a definitive list of steps you should take. For further comprehensive information regarding the steps you should be taking to ensure compliance with GDPR, please see the ICO guidance: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
Pitchero is committed to the secure storage of all user data, whether that be personal information or data important to your organisation.
The Pitchero production system runs exclusively in Amazon Web Services data centres. AWS maintains the highest standards of security compliance and certification. AWS Cloud Security information
Some of our third party software providers may transfer and process Personal Data outside of the United Kingdom and European Economic Area (“EEA”), adequate levels of protection approved by the relevant supervisory authorities are in place for the security of your personal data. You can see a list of our third party software providers on our Sub-Processor List.
Form submissions of personally identifiable information are transmitted over secure "https" connections only. This prevents the interception of data between your browser and the Pitchero system.