Are you ready to be GDPR compliant by 25th May?

All clubs and counties hold data about their members including names, addresses and other contact details.

On 25th May 2018 the General Data Protection Regulation (GDPR) will come into force, adding significantly to the existing Data Protection legislation and providing the possibility of severe sanctions against organisations that fail to comply.

Since all clubs and counties are separate legal entities from the EBU, you are responsible for complying with all applicable legislation including the GDPR.

In order to help you prepare for this we circulated to all clubs and counties on information document which will point you towards more help and document templates on our website, with the aim of making it easier for you to understand what you need to do. It is repeated below for those who may not have received, or misplaced, the original. You can also read it here.

Please note though that this does not constitute legal advice and you should seek specialist advice if you are unsure of your responsibilities in any respects.

A webpage of collated information, and templates which may be useful for your club, is available here.

We are adding to it as more documents are produced, but it currently includes:

EBU/EBED Policies

Information/documents for clubs/counties

Please note that the data protection regulations may differ slightly in the Channel Islands and the Isle Man. They will mostly be similar, but will be overseen by different bodies (i.e. not the ICO). Please seek advice as necessary from the relevant body.

General information

Do look at this information carefully now and consider what steps you need to take to ensure compliance by the 25th May. I will be happy to help in whatever way I can if you have further questions.

Gordon Rainsford
General Manager

Information about Data Protection for clubs and counties

The new General Data Protection Regulation (GDPR) comes into force on 25th May 2018 and in preparation for it we are issuing this information to counties and affiliated clubs. The GDPR applies to all clubs and counties as separate organisations, regardless of their size. You can find further information on the website of the Information Commissioner’s Office at

Should you have questions relating to this document, please contact Gordon Rainsford Note that this document does not constitute legal advice and if you are concerned about any of these matters you should seek advice from the ICO or other specialists. Clubs and counties in the Isle of Man and the Channel Islands will have different regulating bodies and should take care to ensure that any advice they take is applicable to their circumstances.

General information:

Specific information relating to the GDPR

This will usually be done via a Privacy Notice, which may be on your club’s website, but a printed copy should also be available in the club and be sent to those who request it. Your members should be directed to this Privacy Notice on every occasion when you collect data, so it should be referred to on your membership application forms. We will provide a template club membership form as well as a Privacy Notice for clubs and counties that you can modify to match your circumstances.

You need to take all reasonable measures to ensure that your members are aware of this, so you do need to contact them one way or another. While email is convenient, you should also contact those members for whom you do not have valid email addresses, if necessary by post.

All documents added prior to 29/1/18 (when clubs were first contacted by email about the GDPR) except where stated.