In order to comply with the requirements of the Data Protection Act 2018 and European General Data Protection Regulation (GDPR), this Privacy Policy outlines the legal basis on which we process your Personal Data and provides other information required by the GDPR.

About Your Personal Data

‘Personal Data’ is information that can be used to identify you, directly or indirectly, alone or together with other information. This includes things such as your full name, email address, phone number, address, date of birth, gender, club affiliation and certain cookie and network identifiers.

Ful-On Tri Triathlon Club (‘the Club’) collects, uses, and processes personal data as outlined in this Privacy Policy to: operate the Club, deliver training and race events, organise a coaching schedule, survey members in order to improve operations, and for advertising and marketing.

For the purposes of this Privacy Policy the term ‘Member’ can refer to an individual who has paid their annual fees in the current season, or have previously paid fees but not renewed, or have signed up to participate in a trial.

What personal data does the Club collect?

The information that we routinely collect includes names, gender, dates of birth, addresses, email addresses and telephone numbers.  This could be given to us by filling in a form when you register interest with the club or as a member, and could also be collected through our Facebook group, Twitter feed, or Instagram accounts, if you are connected with the club in this way, or by communication with an appropriate member of the Committee.

Why do we need your personal data?

We collect information which allows us to effectively provide the Club’s services to its Members as we are contractually obliged to do through payment of your membership fee.

Who is your data shared with?

The Club does not actively share your data with any third-party organisations; however, it is stored and processed with third party providers as detailed below.

Which ways does the Club process data?

We use the data we collect to effectively administer the club. We share data with coaches so that training sessions can be administered. We share data with some leagues and competition providers if we are securing entry on your behalf. We process membership forms and payments. We share information with you and others about club activities, social events and membership by way of email. We publish race results.

How is your data stored?

The club stores your data on spreadsheets and databases which are only accessible by authorised members of Ful-on Tri Triathlon Club Committee. Some of these databases are provided by third-parties as detailed below.

How is third-party data handled?

The club uses a small selection of third-party products to collect, process and store data, the location and types of data held on these platforms is detailed here.

  • The Club uses Restrict Content Pro to collect, store and process all personal information submitted by Members on joining the club, including name, date of birth, address, email address and mobile telephone number. Its privacy policy can be found here:
  • The Club uses WooCommerce, Stripe and Xero to make sales through the Club’s website, take payments and for accounting purposes. These products collect and process personal data including name and financial information.
    WooCommerce’s privacy policy can be found here:
    Stripe’s privacy policy can be found here:
    and Xero’s privacy policy can be found here:
  • The Club uses When I Work to organise Coaching schedules. The personal data of members of the Club who voluntarily act as coaches is processed on this platform, including name, email address and mobile telephone number. Its privacy policy can be found here:
  • The Club uses MailChimp to produce and send emails including a general interest newsletter to Club Members and marketing materials to members of the public who have signed up to receive them. Names and email addresses are stored and processed on this site. Its privacy policy can be found here:
  • The Club uses SaddleDrunk as its kit supplier and it collects personal data for its purposes entirely separately of the Club. Its privacy notice can be found here:

Who is responsible for ensuring compliance with the relevant laws and regulations?

For the purposes of compliance with GDPR, the Club is considered the Data Controller and Processor, except in the instances above where the Processor is a detailed third party, in which case the Club remains the Controller. The Committee is responsible for ensuring compliance, but due to their use of certain data, individual members of the committee take responsibility for the compliant processing and collection of certain items of data and its use in particular circumstances and on particular platforms.

  • The Membership Secretary(ies) are responsible for the storing and processing of the initially collected personal data required on joining the club and for renewal.
  • The Communications Secretary is responsible for the storing and processing of names and email addresses collected for their purposes.
  • The Coaching Co-ordinator is responsible for the storing and processing of names and contact details of coaches.
  • The Treasurer is responsible for the storing and processing of financial information provided to pay membership fees and for events and products purchased on the club’s website.
  • The Vice-Chairman is responsible for the storing and processing names and email addresses to administer the Club’s bike box hire scheme and VIP points.
  • The Secretary is responsible for the storing and processing names and contact details for proxy voting at Annual and Extraordinary General Meetings of the Club.
  • The Kit Secretary is responsible for the storing and processing of names and addresses in relation to certain kit orders but not all orders as a matter of course.
  • The Fixtures Secretary is responsible for the storing and processing of some names and individuals’ racing results in order to write a weekly summary.

Who has access to your data?

Specific members of the Club’s Committee have access to the data we hold on you which is pertinent to discharging their duties, as detailed above. Some of this personal data may be shared within the Committee as necessary for the execution of their role, but access to it is not available to all members of the Committee.

How you can check what data we have about you?

As a data subject you may have the right at any time to request access to, rectification or erasure of your Personal Data; to restrict or object to certain kinds of processing of your Personal Data, including direct marketing; to the portability of your Personal Data. If you want to see the data we hold about you, you should contact the holder of the Committee position your enquiry relates to (whose email address can be found in the ‘Contact’ section of the club’s website), or to the Communications Secretary if you are unsure.

You are not obliged to share your personal data with the Club.  If you choose not to share your personal data with us, we may not be able to register your membership.

You have the right to complain to the UK’s data protection supervisory authority, the Information Commissioner’s Office about the processing of your Personal Data.

How long do we keep your data, and why?

We keep this information for as long as you remain a Member of the club. If your membership has lapsed, we will retain your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Where we no longer need to process your personal data for the purposes set out in this privacy policy, we will delete or anonymise your personal data on our systems.

Contact details gathered and processed on the MailChimp third-party platform (as detailed above) for external marketing, such as the Club’s Legs of Steel event, will be retained for marketing purposes, unless you request the erasure of your personal data or unsubscribe from further communications.