Oh this sounds good. Can't wait to see what Sim says on this.
I'd reply back quoting GDPR and saying you're asking for the information Commissioners Guidelines and in what context are you (they) asking for all this.?
https://www.muckle-llp.com/enews/gdpr-m ... ots-clubs/
By what authority are the police requesting mass information on club members.
What is the purpose of their request?
Have they had this info before and mislaid it?
Is there suspicion of a crime being committed, in which case you cannot tell the member his data has been requested?
Do you have the members permission to disclose this information to third parties?
What does the Club GDPR policy say about this?? I assume you have one, right????? I would think you'd need to tell every member that you're doing this.
This from a manual I helped put together...
"4.8 Law Enforcement Requests & Disclosures
In certain circumstances, it is permitted that Personal Data be shared without the knowledge or Consent of a Data Subject. This is the case where the disclosure of the Personal Data is necessary for any of the following purposes:
• The prevention or detection of crime.
• The apprehension or prosecution of offenders.
• The assessment or collection of a tax or duty.
• By the order of a court or by any rule of law.
Best bet: Advise the police you're contacting the Information Commissioner for advice under the GDPR rules.. ..........unless there's a LEGAL obligation for you to disclose mass information about the club to the police which (I assume) they already have?
Just my tuppence worth. The various Associations should have had this hammered out with the ICO /Police before now.
PS: The ICO website is full of "Ifs, unclears, buts and maybe's" and the get out that the Act is "evolving".