Total Performance
Soccer Academy

This General Data Protection Regulation (GDPR) Policy outlines the principles and procedures that TPS Academy follows to ensure compliance with the GDPR, safeguarding the rights and privacy of individuals in the processing of personal data.

​

Scope

​

This policy applies to all employees, contractors, and third parties who process personal data on behalf of TPS Academy, regardless of their location.

​

Principles of Data Protection

​

TPS Academy adheres to the following principles of data protection:

​

a. Lawfulness, Fairness, and Transparency: Personal data shall be processed lawfully, fairly, and transparently.

b. Purpose Limitation: Personal data shall be collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.

c. Data Minimization: Personal data collected shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

d. Accuracy: Personal data shall be accurate and, where necessary, kept up to date.

e. Storage Limitation: Personal data shall be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

f. Integrity and Confidentiality: Personal data shall be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

​

Data Subject Rights

​

TPS Academy respects the rights of data subjects under the GDPR, including the right to:

​

a. Access: Data subjects have the right to obtain confirmation as to whether or not personal data concerning them are being processed and, where that is the case, access to the personal data.

b. Rectification: Data subjects have the right to request the rectification of inaccurate personal data.

c. Erasure: Data subjects have the right to request the erasure of personal data under certain circumstances.

d. Restriction of Processing: Data subjects have the right to request the restriction of processing of personal data under certain circumstances.

e. Data Portability: Data subjects have the right to receive the personal data concerning them in a structured, commonly used, and machine-readable format.

f. Object to Processing: Data subjects have the right to object to processing of personal data under certain circumstances.

​

Data Security Measures

​

TPS Academy implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

​

a. Encryption of personal data.

b. Regular testing and evaluation of the effectiveness of technical and organizational measures for ensuring the security of the processing.

c. Measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services.

d. Procedures for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

​

Data Breach Management

​

In the event of a data breach, TPS Academy will promptly assess the risk to individuals' rights and freedoms and, if necessary, report the breach to the relevant supervisory authority and affected individuals in accordance with GDPR requirements.

​

Training and Awareness

​

TPS Academy provides regular training and awareness programs to all employees and contractors to ensure they understand their obligations under the GDPR and are equipped to handle personal data securely.

​

Roles and Responsibilities

​

The Data Protection Officer (DPO), appointed by TPS Academy is responsible for overseeing compliance with this policy and with the GDPR. All employees and contractors are responsible for complying with this policy and protecting personal data in their possession.

​

1. Policy Review

   This policy shall be reviewed and updated regularly to ensure ongoing compliance with the GDPR and any relevant changes in legislation or business operations.

2. Approval

   This GDPR Policy has been approved and authorized by [Andy Smith/CEO] on [04/03/2024].

   Andy Smith

   Head Coach/CEO

   Total Performance Soccer Academy

   04/03/2024

3. Contact Information

   For questions or concerns regarding this GDPR Policy or the processing of personal data by TPS Academy, please contact the Data Protection Officer at +44 7862 365840.