General Data Protection Regulations (“GDPR”) Information for parents and guardians

At the point of registration, Ceredigion Schools’ Football Association (“CSFA”) will collect information for all players that wish to register with the Association for the forthcoming season. This information will be collected via player Association registration forms, stored and used in order to process applications with the Welsh Schools Football Association (“WSFA”) and/or any other football association competition which CSFA may enter. This information will only be accessible to the Association Secretary, the Treasurer and the Team Manager for the player’s age group. Information will be stored for one year. We will process the personal data on the basis of consent. How we will use information about you and your child We will use the personal information we collect to register your child to play football, and to comply with our own Rules and Regulations. Your child’s information may be used by the WSFA for the proper administration of competitions overseen by WSFA, in line with their own privacy notice which is available here : Consequences of failure to provide personal information If you fail to provide the information as requested on the appropriate Player Registration Form we will not be able to process your application and in those circumstance your child will not be registered to play football under the governance of the WSFA. Data Sharing We will only share your child’s personal information for the purposes of processing their application to be registered to play football and to comply with the CSFA Rules and Regulations. We do not allow third-party service providers to use your child’s personal data for their own purposes. We only permit them to process your child’s personal data for specified purposes and in accordance with our instructions. We share your child’s personal information for the purposes of processing their application to be registered to play football and to comply with the CSFA Rules and Regulations, and with the following third party organisations for the following specified purposes [list the organisations and the purposes] Data Protection Principles We will comply with data protection law and principles, which means that your child’s data will be: • Used lawfully, fairly and in a transparent way. • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes. • Relevant to the purposes we have told you about and limited to those purposes. • Accurate and kept up to date. • Kept only as long as necessary for the purposes we have told you about. • Kept securely.