Privacy Notice

Clwb Beicio Mynydd Dyffryn Conwy Mountain Bike Club (CBMDC) Privacy Statement

(How we use club member information)

We will ask for:

  • a completed annual consent and disclaimer form.
  • Parental contact numbers on a ride where children ride without a parent/carer

The information collected on the annual form is stored securely, with access limited to committee members and approved ride leaders.  It is used solely to give ride leaders access to relevant information to lead appropriate rides safely. This will include the following personal information:

  • Name
  • Email Address
  • Photo and social media consent

The completed forms will be sent to us via electronic means and are stored securely.  During the activity, the following information is shared electronically with the coach / leader to ensure it can be referenced during the activity and in the case of a medical emergency:

  • Name and consent to emergency medical treatment
  • Parent / Adult carer name and contact number for children riding without a parent/carer present

Once the activity is completed the coach / leader will delete this information from their electronic device.

Why we collect and use this information.

We use your data to:

  • To ensure ride leaders are able to select and lead appropriate rides safely
  • to ensure appropriate medical treatment is provided or sought
  • to comply with the law regarding data sharing
  • where explicit consent is given we may use images and or video footage on our web site or social media networks

The lawful basis on which we use this information.

We process member data in line with legislation.  Article 6 of the GDPR sets out the legal basis for processing personal data.  We rely on the following reasons:

  • Consent – the member has given us clear consent to process their personal data for a specific purpose.
  • For the purpose of our legitimate interests.

Collecting member information

Whilst the majority of information you provito us is necessary for us to ensure ride leaders can lead appropriate rides safely, some of it is provided to us on a voluntary basis.  In order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain member information to us, or if you have a choice in this.

Storing member data

We store your data on secure computers and in paper records which are secured physically.  To meet these obligations, we hold member data for a period of 1 year before securely destroying it.

Who we share member information with

We will share contact and pertinent medical information with ride leaders and committee members who are working with you on your activity.  Other than to meet legal or regulatory obligations we do not share your information with any external bodies or organisations.

Requesting access to your personal data

Under data protection legislation, members have the right to request access to information about them that we hold.  To make a request for your personal information, or be given access to your data,please contact us directly.

You also have the right to:

  • object to processing of personal data that is likely to cause, or is causing, damage or distress
  • prevent processing for the purpose of direct marketing
  • object to decisions being taken by automated means
  • in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • claim compensation for damages caused by a breach of the Data Protection regulations

If you have a concern about the way we are collecting or using your personal data, we request that you raise your concern with us in the first instance. 

Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns.

Updated January 2024