YMCA Dublin Privacy Statement

PRIVACY STATEMENT for YMCA Dublin Customers May 2018

Introduction; In order to provide our services we need to collect personal information from our customers.

YMCA Dublin is a “Data Controller” and as such has a legal responsibility to ensure that you are are aware of why it collects information and what it does with this information.

YMCA Dublin seeks to comply with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

What information do we collect?

  • Unless otherwise agreed with you, we will only collect personal data about you ie your name, address, telephone number, age, email address etc.
  • We may collect information on medical conditions and details of next of kin.
  • We always ask for your consent to collect and store this information on a registration form.

Why we need it?.

  • As a service provider we need to know basic personal data in order to let you know when events take place,  etc
  • In order to ensure your personal safety while attending a YMCA service or programme we may collect basic medical information eg information on allergies and medical conditions.
  • We collect information on next of kin so that we can make contact with them in emergency situations.
  • We will always seek your consent to store personal information on you.

What do we do with it?

  • All the personal data we hold about you will be processed by our staff  and no third parties will have access to your personal data unless there is a legal obligation for us to provide them with this or unless you have given us your express consent to share this information with them.
  • Please be aware that your personal information may be stored on a cloud based system whose servers are located within the EU or in secured cabinets
  • We take all reasonable steps to ensure that your personal data is processed securely.

How long do we keep it?

This will vary depending on the type of information that is collected. The organisation has a data retention policy which provides a basis for storing and deleting personal information.

For memberships such as access to gym, exercises classes, personal training and courses the information within the contract will be kept until the contract has expired and for 1 year thereafter. After this time period the contract will be destroyed.

Your consent. By providing us with your personal data, including sensitive personal data such as on your health, you consent to the collection and use of any information you provide in accordance with the above purposes and this privacy statement.

Changes. If your personal details change, please help us to keep your information up to date by updating your profile on Glofox or by notifying us at the above address.