Huddersfield Rifle Club

GDPR Data Breach Procedure

 

The following is the procedure that must be followed relating to a potential breach under GDPR legislation.

 

  • Notify the Data Protection Officer of the suspected data breach – This email address is being protected from spambots. You need JavaScript enabled to view it.
  • The Data Protection Officer will instruct a team to investigate the potential breach to establish if it is real – Team made up of three randomly selected Committee Members.
  • The impact to individuals and organisations will be assessed
  • The Data Protection Officer will notify the Information Commissioners Office (ICO) within 72 hours with details of:
    • The nature of the personal data breach
    • The categories and approximate number of individuals concerned
    • The categories and approximate number of personal data records concerned
    • The name and contact details of the Data Protection Officer
    • A description of the likely consequences of the personal data breach
    • A description of the measures taken, or proposed to be taken, to deal with the personal data breach and, where appropriate, of the measures taken to mitigate any possible adverse effects

This is only necessary if the breach could result in:

  • Damage to reputation
  • Financial loss
  • Loss of confidentiality
  • Economic disadvantage
  • Social disadvantage
  • Discrimination

https://ico.org.uk/global/contact-us/email/

https://ico.org.uk/global/contact-us/live-chat/

ICO helpline on 0303 123 1113 and select option to be diverted to staff who can offer support

  • Notify any individuals concerned if there may be a risk to the rights and freedoms of those individuals
  • Resolve breach
  • Provide update on root cause analysis to the ICO, committee members and those members impacted by the breach. Where appropriate an update will also be sent to all club members.

All Rights Reserved 2025 - Huddersfield Rifle Club