home page

land training

entry forms
club records
speed ladder
club documentation
club championships

club shop

press release
training times
swimmers guide
swimmer of the month

- home page - - email info@naasc.co.uk - -


Data Protection Act

 Data Protection Act

Data is stored somewhere about every aspect of our daily lives.  If you use a loyalty card in a shop then the details of your shopping habits are recorded and possibly your home address information i.e. if you have a GAME card you will have provided some personal information.

The school that you go to holds information about you; your bank knows how much money you have; your doctor knows about your health.A lot of this data is sensitive and we don't want everyone to find out about it. We need to protect this information ... and, for this purpose, there is a law that is in place to protect all this data.

The Data Protection Act 1998 (DPA)

The Data Protection Act sets out the key principles for the storage and use of information relating to individual people (e.g. a person’s full name, address, date of birth, National Insurance number, medical conditions or reports referring to the individual etc).


Notification under the Data Protection Act 1998

Under the Act every organisation that processes personal information (personal

data) must notify the Information Commissioner’s Office - unless they qualify under one of the notification exemptions.


As a not-for-profit organisation, North Ayrshire Amateur Swimming Club is exempt from notifying the Information Commissioner; this however does not release us from complying with the DPA principles.


Principles of the DPA

The Act comprises of eight main Data Protection Principles:



Personal data shall be processed fairly and lawfully, and can only happen if:

  • you have given permission to process the data
  • it has to be done to carry out a contract that you have set up
  • the person holding the data has, legally, got to process that data
  • it protects your best interests
  • it helps the justice or governmental procedures




Personal data can only be collected for certain specific purposes ... and can't be used for other purposes
e.g. your bank can't sell your name and address to marketing companies (unless you agree)




Personal data should be adequate and relevant to the purpose for which it should be used
e.g. your dentist really only needs to hold details about your teeth and some other medical facts ... if they want to know your bank details - don't tell them (unless you want to)




Personal data should be kept up to date
e.g. your school keeps details of your exam grades ... if you re-sit an exam and get different grades then they need to be changed




Personal data shall not be kept for longer than it is required to carry out the process for which it was collected
e.g. schools need to keep lots of personal details about you while you are there - once you leave these have to be destroyed




Personal data shall be processed with respect to your personal rights under the Data Protection Act




Care must be taken by anyone holding your personal data that it isn't lost or destroyed ... or it isn't accessible to anyone who you haven't authorised
e.g. you buy some shoes from a shop using a credit card ... that shop must protect your bank details




Anyone holding your personal data should not transfer it out of the European Economic Area unless the country to which it is being transferred is able to ensure that they can offer the same protection as the Data Protection Act




How does NAASC collect data?
There are several means by which we collect personally identifiable data, for example via forms such as the application and membership form.  NAASC only collects personal information that is required about you for operating purposes as a club member.

Is information passed to third parties?
NAASC will only disclose information to third parties where it is required to so and would reasonably be expected i.e. as part of the registration process for Scottish swimming or where a swimmer will be attending a meet.

NAASC does not collect or compile personally identifying information for third party dissemination or sale to external parties for marketing purposes or host mailings on behalf of third parties.


All personally identifiable information provided to NAASC is processed in accordance with the principles of the Data Protection Act 1998.

If you have any queries regarding data protection please forward these to the Club Secretary in the first instance.



- top of page