This document provides details on how ClubRunner has made improvements to help organizations become GDPR ready. We’ll cover each area that changed or has enhanced functionality to comply with these changes. More information about GDPR itself can be found here.
Privacy Policy
Every ClubRunner account now has a privacy policy page built into their website. Organizations should take time to update their privacy policy as required. If the Club does not update their privacy policy, by default the ClubRunner privacy policy will display.
You can review ClubRunner’s privacy policy here.
For assistance with this new functionality, please review the How to manage your Privacy Policy article.
Cookies
ClubRunner uses cookies to help members stay logged in and make use of the website. We provide a dismissible cookie consent notice on the web page.
Data Entry by Guests
ClubRunner requires affirmative consent when data is entered by guests (visitors who are not logged in ) to the website. We’ll cover each of the areas and show how this consent is collected.
Event Registration
Event Planner – registering guests
In the Event Planner module registrants will need to provide consent for each guest record entered in addition to their own before registration can be completed.
MyEventRunner – registering as a non-member
In MyEventRunner non-members need to provide their consent for their own registration and their guests.
Volunteer Sign Up – for non-members
When guests are signing up to volunteer they must also provide their consent to complete their signup.
Contact Forms
Both the Built in Contact forms and contact form widgets require consent before allowing the email to be sent.
Built In Contact Forms
Contact Form Widgets
Bulletin Subscriptions
When signing up to be a subscriber to the Bulletin potential subscribers will be required to confirm consent before saving their information.
Data Entry by Members & Administration Staff
Consent is also required when your membership or staff store contact details in the various modules of ClubRunner.
Other Users
When adding new Other Users, members or staff will be required to confirm consent before saving the form.
Event Registration
Event Planner
Members
Members of the organization are not required to provide consent to register themselves. If a staff member registers other members within the organization they are also not required to provide consent.
Registering Guests
Consent is required for guests when members or staff are registering on their behalf.
MyEventRunner
Members
Members are not required to provide consent if the login form is available and used. Otherwise if the registrant is not a member MyEventRunner will prompt for consent.
Member without logging in:
Member while logged in:
Guests
If a member or staff member are registering guests on their behalf the consent boxes will be shown.
MyEventRunner Contacts
If the event contact for MyEventRunner is a non-member, this requires consent.
Contacts
When adding a single new contact or importing contacts you’ll need to acknowledge that you have their consent to proceed.
Single New Contact:
Importing Contacts:
Friends of the Club
When members or staff add new Friends they’ll be prompted to confirm that they have consent before it can be saved.
Sponsors
When staff adds a new Sponsor they’ll be prompted to confirm that they have consent before it can be saved.
Volunteer Sign Up
If a member or staff member registers a guest consent will be required to save the signup.
Bulletin Subscription
When a staff member in the organiztion adds a new bulletin subscriber they will be required to provide consent before saving.
Speakers
When a staff member is adding a new speaker they will be required to provide consent before saving.
Meeting Guests
When adding meeting guests in the attendance module, consent will be required before it can be saved.
Notice
Part of the GDPR changes is providing notice that consent was received to store the information. When contact data is stored for the first time about an individual they will receive an email letting them know that some information was stored based on their approved consent.
Below is an example of the email they will receive.
Removal Requests
Should your organization receive a request to remove contact details from a non-member, we’ve added a tool to help find and remove this data. This will ensure that the requestor’s data has been removed except in cases where the organization has a “lawful basis” to retain the information. An example of a “lawful basis” would be data related to financial transactions in modules like MyEventRunner or Event Planner.