Data Protection Policy Statement
Boar City CrossFit is strongly committed to the security and protection of members’ personal information and we do our utmost at all times to ensure privacy. We take the security and privacy of our customers very seriously. We strive to conform with the UK and European Data Protection laws. We do not share any information with third parties, nor do we collect or retain any information other than that necessary for us to provide our services to you.
We use members’ personal information only as necessary for us to provide our services to you. We do not share any information with unrelated third parties nor do we collect or retain any information other than is required for the provision of our products or services. Information collected during the online registration process is stored securely. Information collected will be securely destroyed if it is no longer required by Boar City CrossFit. Members may request details of personal information, which we hold under the Data Protection Act/forthcoming General Data Protection Regulation. A small fee will be payable. Copies of the information can be obtained by writing to us at Jamie@boarcitycrossfit.com. If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect. We request all members check their details for accuracy annually and make any necessary changes. This includes redoing our waiver if any information has been changed on GoTeamUp. We will email reminders for this. Please note in order to receive emails from us, you need to ‘opt in’ and complete an email verification to show your consent in order for us to comply with legal requirements. We require this to allow us to communicate with members effectively.
Where we engage third party contractors (e.g. coaches, presenters) to perform services for us, those third party contractors may be required to handle your personal information. Under these circumstances, those third party contractors must safeguard this information and must only use it for the purposes for which it was supplied, although we are not responsible for ensuring this. Other than the above, we will not disclose your personal information without your consent unless disclosure is either necessary to prevent a threat to life or health, authorised or required by law, reasonably necessary to enforce the law or necessary to investigate a suspected unlawful activity.
Boar City CrossFit makes use of third party software to manage bookings and membership, provided by GoTeamUp. GoTeamUp has their own privacy and data security policy with regard to client information. You can access this information on their website.
Personal information collected by Boar City CrossFit and our website is stored in secure operating environments that are not available to the public. We will protect your personal information no matter where we process or store your data.
Changes to our Policy:From time to time, it may be necessary for us to review and revise this Policy. We reserve the right to change our Policy at any time and should this occur, the amendment will be posted on our website and will be effective immediately.
We annually request members update their information. Any old members that have left and there is no chance of them returning are deactivated on the GoTeamUp‘s system. This third party, external system is only accessible by staff using specific details and is not freely available.
We perform compliance checks with GoCardless annually to ensure we are PCI DSS compliant for our use of GoTeamUp POS and IZettlefor card payments. As part of this we annually ensure staff, where relevant, complete the GoCardless training modules for Managers in the PCI Manager portal, and have tailored their template Security Policy for our business. In line with the requirements of this review:
New network devices (that access POS) are configured by changing all default passwords and installing anti-virus software (usually McAfee) and activating firewall. McAfee tests daily for anomalies.
WiFi password changed from default
Only necessary software installed
Security patches checked weekly automatically
Any suspicious behaviour on system monitored and reported as necessary
PANFinder being trialled for added security
CLUB DATA PROTECTION OFFICER: James Tinsley