Skip to main content Skip to site footer

Privacy Policy (Clients)

Notts County Football Club

Privacy Policy (Clients)

This notice provides you with important information concerning personal data the Company may collect, retain and process relating to client of the Company. The personal data is limited to that which is relevant to the working relationship. The Company seeks to be transparent in respect to personal data and is committed to meeting its data protection obligations. This notice aims to assist in this matter.

This Privacy Notice should be read in conjunction with the Company’s Data Protection Policy.

Name and contact details of Data Controller

Notts County Football Club is the Data Controller. Amanda Fletcher, Commercial Director, is responsible for the Data Controller’s data protection compliance. She may be contacted at amanda.fletcher@nottscountyfc.co.uk or by calling 0115 952 9000.

Purpose of processing

The Company needs to collect, retain and process or use personal data: in order to enter into a work contract with you (for example, to ensure we can contact you in relation to the work we will carry out for you)

Legal basis of processing

The processing of personal data is necessary:

  • For the performance of the work contract to which you are party or in order to take steps at your request prior to entering into the contract;
  • For compliance with a legal obligation to which the Company is subject. (It should be noted the Company is required to comply with a number of employment and health and safety laws.); and
  • For the purposes of the legitimate interests pursued by the Company, such as properly managing and performance of the working relationship, to maintain relevant employment records, to maintain security and safety, to monitor use of company equipment/resources, and to assist with planning and/or organisation of work.

Who has access to personal data

Your personal data will only be disclosed where appropriate to authorised individuals within the workplace or authorised third party providers external to the Company.

Those who are authorised individuals within the Company include those with the need to access your account record where appropriate, and those with responsibility for IT where they need access for the performance of their role. However, in respect of those with access to your data, the data to which they have access will be limited only to that which is necessary for the proper performance of their function.

Where data is provided to third parties they are placed under an obligation of confidentiality and are given written instructions to only use the data for the purposes for which it is disclosed. 

It may be that your personal data will be transferred outside the European Economic Area (EEA) through the use of cloud storage or similar technology.  In such circumstances data will only be transferred to organisations which are covered by an adequacy decision by the EU Commission.

Time period for retaining data

The Company will retain relevant personal data during the course of any engagement and will retain such data for a period of 6 years from the end of the tax year following the end of any such engagement, in part due to the need to keep records for certain legal reasons.

Following this the data will be destroyed.

Your rights

As a data subject you have the following rights:

  • You can request from the Company access to and a copy of your data;
  • You can request the Company to correct or erase personal data;
  • You can request a restriction of processing of your personal data; and
  • You can object to processing of your personal data.

If you wish to exercise any of the above rights you should contact the Data Controller identified above.

In addition, you have the right to lodge a complaint about data protection with the Information Commissioner’s Office.

The provision of personal data is a contractual requirement, or a requirement necessary to enter into a contract. Also, the provision of certain personal data is or may be a statutory requirement. The consequences of not providing the personal data is that the working relationship may not be able to function and certain legal responsibilities may be impossible to meet.

If you fail to provide relevant personal data this may hinder the Company’s ability to manage the working relationship and prevent certain rights and obligations that form part of that relationship from operating.

No automated decision making is used in respect of any personal data.

Categories of personal data

The Company collects, uses and processes a range of personal information relating to you. The nature of the personal data may or will include information such as or relating to the following:

Your name, address, email address, contact details, phone number

Source

The data collected and processed relating to you is received from a number of sources. These include information provided by you (such as your contact details when beginning an engagement with the Company).

In addition, data about you may be obtained from other work place sources (such as managers, work colleagues, Company systems, workplace monitoring systems) during the course of your engagement and/or may be obtained in some cases from third parties where appropriate.