Official statement about GDPR
Data Processing Agreement
In the scope of the EU General Data Protection Regulation (GDPR), Table Tennis 365 are data processors.
Any organisation that is subject to the GDPR as a Controller, needs to have in place an appropriate Data Processing Agreement (DPA) with any third party that it shares data with where that third party is a Processor.
GDPR Article 28 (3) stipulates that there must be a contract between the Controller and Processor which clearly sets out the subject matter of the processing and its duration as well as the nature and purposes of processing, the types of personal data, any particular special categories of data and the obligations and rights of both parties.
Failure to have in place a suitable Data Processing Agreement is a breach of the law under GDPR.
We have worked with Table Tennis England to provide a standard DPA that we are happy to adhere to and that Table Tennis England feels provides you with suitable protection. Each organisation will need to adopt this agreement either prior to 25th May or immediately upon login thereafter. Your league should ensure this is done as the responsibility for engaging a DPA lies with the data controller.
This process has been made as easy as possible and will just require your league’s main administrator to login to our admin area, review the agreement and tick a box on-screen to bring it into force.
That is the legal bit taken care of, at least in relation to your usage of TT365 under GDPR.
25th May (GDPR Enforcement Date)
On the day of enforcement not that much will change, you won’t suddenly lose access to all your player information, TT365 will still function much the same as it does now but with a few changes. These changes will have been made because they were necessary for our software to comply with GDPR regulations and there will and can be zero discussion about whether or not you feel they are good or bad; they are just the new reality we all have to accept.
The key message is that on 25th May our software will be GDPR compliant. This means that when you use our software you will be adhering to the principles of GDPR and will be protected by the DPA which you should have put in place with us. However, ultimate responsibility for GDPR compliance rests with each organisation, our role is to provide you with tools and logs to help you with compliance.
We have been running a very active thread on our admin forum on the subject of GDPR since early January and we have kept the community updated every step of the way, answering all questions asked. We will continue to monitor and interact with our community on the subject of GDPR via this popular method, well into the summer when GDPR is in full force. We would strongly recommend that you check out the admin forum if you have not already done so.
We are creating a dedicated GDPR section in our admin FAQs. If you have a question that is not covered, please post it in our admin forum.
To access the forum or the FAQs login to the admin area. You will find links to both in our help section.