GDPR law & ProSoccerData
What does GDPR stand for?
The EU General Data Protection Regulation (GDPR) is a law on personal data privacy that started on May 25, 2018. It will be replacing EU Data protection law to strengthen the protection of personal data and the rights of the individual. ProSoccerData is committed to support our partners for the GDPR and is GDPR-ready since 25 May 2018.
Will this affect my club or association?
Yes, if you store or process data of a person in the EU, then the GDPR law applies, your geographical location does not matter.
How has ProSoccerData prepared for the GDPR?
Together with our legal partners, we have made an extensive analysis of the processes that are impacted by this regulation. Based on an audit report a GDPR roadmap was drawn including the implementation of several technical and operational measures:
- Development of new features to meet the data portability requirements of GDPR.
- Update of our Data Processing Agreement(DPA) that sets out the privacy terms for PSD and its clients to meet GDPR requirements. This document is available for clients to sign upon request.
- Coordination with all our vendors to make sure our GDPR commitments are vertically integrated.
- Implementation of several security measures (regular audits, 2-factor authentication on sensitive databases, strengthened internal ICT policy, use of physical lockers).
Does this mean that my club is fully GDPR compliant?
Most likely not. As a designated data processor, ProSoccerData is is obliged to assist its (future) customers in the GDPR process. We therefore ensure that all data stored in PSD is GDPR-ready. This means that the security of all personal data of the members, in the PSD platform but also out of the PSD platform are the responsibility of the client (data controller). Some additional steps you can take are:
- Inform about GDPR requirements and the possible impact on your organisation.
- Make an analysis of all activities involving the processing of personal member data.
- Think about how you can leverage the use of PSD to achieve GDPR compliance.
- Approach a juridical expert for more advice on this matter.
If you have any further questions regarding the GDPR law, please do not hesitate to contact us at email@example.com.