1. Introduction
Athletics Ireland needs to collect and use personal data (information) for a variety of purposes about its service users. The purposes of processing data include the organisation and administration of applications, competition entries, club registration, e-shop purchases, compliance with statutory obligations, etc. Data Protection legislation safeguards the privacy rights of individuals in relation to the processing of personal data. The Data Protection Act 1988 and the Data Protection (Amendment) Act 2003 confer rights on individuals as well as responsibilities on those persons processing personal data. Personal data, both automated and manual, are data relating to a living individual who is or can be identified, either from the data or from the data in conjunction with other information.

2. Purpose of this policy
This policy is a statement of Athletics Ireland’s commitment to protect the rights and privacy of individuals in accordance with the Data Protection legislation.

3. Principles of data protection legislation
Athletics Ireland undertakes to perform its responsibilities under the legislation in accordance with the eight stated data protection principles outlined in the Acts as follows:
1. Obtain and process information fairly.Athletics Ireland will obtain and process personal data fairly in accordance with the fulfilment of its functions and its legal obligations.
2. Keep it only for one or more specified, explicit and lawful purposes. Athletics Ireland will keep data for purposes that are specific, lawful and clearly stated and the data will only be processed in a manner compatible with these purposes.
3. Use and disclose it only in ways compatible with these purposes. Athletics Ireland will only use and disclose personal data in ways that are necessary for the purpose/s or compatible with the purpose/s for which it collects and keeps the data.
4. Keep it safe and secure. Athletics Ireland will take appropriate security measures against unauthorised access to, or alteration, disclosure or destruction of the data and against their accidental loss or destruction. LocumWork acknowledges that high standards of security are essential for processing all personal information.
5. Keep it accurate, complete and up-to-date. Athletics Ireland will have procedures that are adequate to ensure high levels of data accuracy and completeness and to ensure that personal data is kept up to date.
6. Ensure that it is adequate, relevant and not excessive. Personal data held by Athletics Ireland will be adequate, relevant and not excessive in relation to the purpose/s for which they are kept.
7. Retain it for no longer than is necessary for the purpose or purposes. Athletics Ireland will have a defined policy on retention periods for personal data and appropriate procedures in place to implement such a policy.
8. Give a copy of his/her personal data to an individual, on request. Athletics Ireland will have procedures in place to ensure that data subjects can exercise their rights under the data protection legislation.

4. Responsibility
Athletics Ireland has overall responsibility for ensuring compliance with data protection legislation where it is the controller of personal data. However all employees who collect and/or control the contents and use of personal data are individually responsible for compliance with the data protection legislation. Athletics Ireland will provide support, assistance, advice and training to all staff to ensure it is in a position to comply with the legislation. Athletics Ireland has appointed a Data Protection Officer who will assist its staff in complying with the data protection legislation.

5. Procedures and Guidelines
Athletics Ireland is committed to ensuring the protection of the privacy of personal data and in order to assist in Athletics Ireland ’s compliance with the data protection legislation will provide best practice guidelines and procedures in relation to all aspects of data protection.

6. Right of Access to Information
Service users, employees and other subjects of personal data held by Athletics Ireland have the right to access any personal data that is being kept about them on computer and also have access to paper-based data held in certain manual filing systems. This right is subject to certain exemptions which are set out in the Data Protection Acts. Any person who wishes to exercise this right should make the request in writing to the Data Protection Officer using the standard form which is located on our website.
Athletics Ireland reserves the right to charge the maximum fee payable for each subject access request. If personal details are inaccurate, they can be amended upon request. Athletics Ireland aims to comply with requests for access to personal information as quickly as possible, but will ensure that it is provided within 40 days of receipt of a completed form unless there is good reason for delay. In such cases, the reason for delay will be explained in writing to the individual making the request.

7. Review
This policy will be reviewed regularly in light of any legislative or other relevant indications.
Date of Review: 11/8/11