National Database of Sport & Recreation Amenities
Privacy Notice
Overview
The National Database of Sport & Recreation Amenities, led by Sport Ireland, aims to increase physical activity levels across the population of Ireland. It provides a single portal for the public to find opportunities to be active, including clubs, facilities, public places and trails. To this end, the database collects and publishes contact details for clubs and facilities. While it is encouraged that generic/club email addresses and phone numbers are used, it may be the case that a personal phone number or email are provided as the means of contact. While the minimum of data will be collected and published, and in most or all cases the club or facility will welcome contact from the public, the processing of personal data is taken seriously. We aim to secure consent for all contact details and follow the GDPR guidelines throughout.
Who We Are
Sport Ireland (‘we’ or ‘us’ or ‘our’) gather and process your personal information in accordance with this privacy notice and in compliance with the General Data Protection Regulation and the Data Protection Act 2018.
This notice provides you with the necessary information regarding your rights and our obligations, and explains how, why and when we process your personal data.
Sport Ireland’s Head Office is at Sport Ireland Campus, Dublin 15 and is a statutory authority that plans, leads and coordinates the sustainable development of competitive and recreational sport in Ireland. Sport Ireland acts as the Data Controller when processing your data. If you have any questions or concerns, please contact the Sport Ireland Data Protection Officer (see contact details below).
Sport Ireland’s primary focus is protecting the health and well-being of our staff and ensuring that our office environment is a safe work environment due to the current public health measure this means the processing of additional personal data.
Information That We Collect
In accordance with relevant laws, namely the Data Protection Act 2018 and the GDPR which entered into force in EU Member States as of 25th May 2018, Sport Ireland processes your personal information to meet our legal and statutory obligations.
We will never collect any unnecessary personal data from you and do not process your information in any way other than as specified in this notice.
The types of data that we process include:
- Club name, location, sports offered and other general details
- Club contact phone number
- Club contact email address
- Club social media accounts
We collect information in the following way:
Sport Ireland collect club information directly from clubs through an online form or in some cases via a list supplied by the club's NGB (National Governing Body).
How We Use Your Personal Data (Legal basis for Processing)
We rely on your consent for the processing of your personal information as it relates to the publication on the National Database of Sport & Recreation Amenities. Where information is received from a National Governing Body we rely on legitimate interest to contact you with a view to seeking your consent.
Sport Ireland will process your data in a legally compliant manner and in line with Sport Ireland’s statutory responsibilities as a State Agency.
Sport Ireland takes your privacy very seriously and will never disclose, share or sell your data without your consent; unless required to do so by law. We only retain your data for as long as is necessary and for the purpose(s) specified in this notice.
Your Rights
You have the right to access any personal information that Sport Ireland processes about you and to request information about: -
- What personal data we hold about you
- The purposes of the processing
- The categories of personal data concerned
- The recipients to whom the personal data has/will be disclosed
- How long we intend to store your personal data for
- If we did not collect the data directly from you, information about the source
If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.
You also have the right to request erasure of your personal data or to restrict processing (where applicable) in accordance with the data protection laws; as well as to object to any direct marketing from us. Where applicable, you have the right to data portability of your information and the right to be informed about any automated decision-making we may use.
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure. To exercise your rights, contact the Data Protection Officer. (Details below)
International Transfers
Your personal information is processed and stored within the EU. However, if we are required to transfer your data to a destination outside of the European Economic Area (EEA), including to a jurisdiction where the level of protection afforded to personal data is not as high as that in the European Union we will so in compliance with the GDPR.
Sharing and Disclosing Your Personal Information/ Third Party Sharing
We do not share or disclose any of your personal information without your consent, other than for the purposes specified in this notice or where there is a legal requirement. Contact details on the National Database of Sport & Recreation Amenities will be made openly available, for the purposes of facilitating contact by members of the public, with a view to increasing physical activities. Thus, third parties will have access to contact details, which they may use for other purposes, intended to allow members of the public to find and contact a sports club or facility.
Safeguarding and Security Measures
Sport Ireland only collects the minimum amount of information with a cognisance of the necessity and proportionality of any processing activity.
Sport Ireland takes your privacy seriously and takes every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including measures including but not limited to:
- Access Controls
- Encryption
- Multi-Factor Authentication
- Data Protection Staff training – Induction, Refresher, Bespoke
- Appointment of a Data Protection Officer
- Robust Security Updates including patching and anti-virus software
- Business Continuity Planning – Including Backups
- The delivery of Cyber Security and Phishing training to staff
- Data Protection Impact Assessments
- Contractual obligations re Data Protection with Third Parties
- Local Risk Assessments
- Audits of the IT and Data Protection Environment
- Physical Security
- Passwords
- Staff guidance
- Due Diligence when selecting suppliers, contractors and in staff selection
How Long We Keep Your Data
All information provided as part of this project will be retained for the period that the platform remains live or if you withdraw your consent.
Cookies
A ‘cookie’ is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing. Cookies are widely used in order to make websites work, or to work more efficiently, and our site relies on cookies to optimise user experience and for features and services to function properly. For further information please refer to our Cookie Policy.
Data Subject Rights
You have several rights in relation to your personal data under applicable privacy and data protection law, which may be subject to certain limitations and restrictions. We will respond to any valid requests within one month, unless it is particularly complicated or you have made repeated requests in which case we will respond, at the latest, within three months. We will inform you of any such extension within one month of receipt of your request, together with the reasons for the delay. You will not be charged a fee to exercise any of your rights unless your request is clearly unfounded, repetitive or excessive, in which case we will charge a reasonable fee in the circumstances or refuse to act on the request.
If you wish to exercise any of these rights, please contact our Data Protection Officer. We may request proof of identification to verify your request.
Sport Ireland Data Protection Officer
Ellen Hayes
Sport Ireland
The Courtyard
Sport Ireland Campus
Blanchardstown
Dublin 15
Tel: 01 8608800
Complaints
If you are dissatisfied with a response that you receive with regard to data privacy, you have the right to make a complaint to the Data Protection Commissioner[1] who is the Supervisory Authority for data protection matters in Ireland:
Data Protection Commissioner
Canal House
Station Road
Portarlington
Co Laois
R32 AP23
Lo Call: 1890 252 231
Email: info@dataprotection.ie
Last updated: June 2022
[1] the public authority that handles Data Protection related complaints in Ireland