top of page

Privacy Policy

The Data Protection Act 2018 and UK General Data Protection Regulation (UK GDPR) require us (Canterbury Archers), as a data controller, to tell you in a transparent and easily accessible form how we will process your personal data.

This privacy notice sets out how we will use any personal information we hold about you, whom we will share it with and how we will protect your privacy. It also contains information about your rights. More information regarding data protection at the club can be found below:


Canterbury Archers Data Protection Policy

What is personal data?
Personal data can be any information that relates to or identifies a living person. This could include a name, date of birth, postal address, email address and telephone number.

The law regards some personal information as being in a special category. This is because special category data is more sensitive, and so needs more protection. For example, information about an individual’s:


  • race

  • ethnic origin

  • politics

  • religion

  • trade union membership

  • genetics

  • biometrics (where used for ID purposes)

  • health

  • sexual orientation​

What we are required to tell you

Where we hold personal information about you that we have collected from you, we are required to provide you with certain information. We have set out the information which we are required to provide you below.


The right to object

​This is the right to object to the processing of your information.


​Contact information for the data controller
Canterbury Archers

​The Archbishop's School

St Stephens Hill,






Contact information for the Data Protection Officer

Alex Wellard

Canterbury Archers

The Archbishop's School

St Stephens Hill,






What information do we hold

All members of our club need to give us information for membership purposes which we share with Archery GB for insurance and membership requirements. This information includes your name, date of birth, address, email address and phone number. A data consent form must be completed on application to the club.

We also hold email addresses and full names for website interactions. This includes anyone using the contact us forms on our website, creating a website members account, creating an account for the booking calendar or anyone who emails a club email address direct. When you sign up to the booking calendar or members area, you agree to your data being held on the Wix platform and being used for logging in and administration purposes.

When you enter a tournament at Canterbury Archers, the tournament organiser will collect information about you for the administration of the tournament. This will include, Name, email, address, phone number, AGB/BLBS membership number, disability and gender.


Users of your information
Canterbury Archers gathers information about you for the administration of membership and day-to-day running of the club. This information is also used by Archery GB (our governing body) and Kent Archery Association (our County association).

Users under 18

If you are under 18 and would like to join us or get in contact, please make sure you have consent from a parent or guardian before giving us your personal information.


Period for which data will be stored
We will only keep your personal information for as long as we consider that it is necessary to be retained. Once personal information is no longer needed or you cease your membership at Canterbury Archers, it will be deleted or destroyed confidentially.


Where we may store your information

The data that we collect from you will stored under the control of Canterbury Archers and it's officers in accordance with data protection legislation.

Canterbury Archers will take steps necessary to ensure your data is treated securely and in accordance with the GDPR.

We use Google services such as Gmail, Google Contacts and Google Drive to store your information. When data leaves a device it is encrypted using the TLS standard. It is then uploaded to Google drive servers. After reaching Google, it gets unencrypted then re-encrypted using 128-bit AES. The AES encryption keys that are used to encrypt data are then, themselves, encrypted with a rotating set of master keys. This adds another layer of standard security by requiring a second set of encryption keys to get to the data. Google has worked with the GDPR and are committed to complying with those laws. Google does not share personal sensitive information with other people and you yourself would need to share that information.

Information that is uploaded to Google services is stored on their servers across the world including America, Asia and Europe. UK GDPR requires personal data to be stored within the UK however GDPR sets out certain conditions for the transfer of personal data outside of the UK. Such conditions can be met via mechanisms such as standard contract clauses. Standard contractual clauses (SCCs) are written commitments between parties that can be used as a ground for data transfers from the EU to third countries by providing appropriate data protection safeguards. SCCs have been approved by the European Commission and can’t be modified by the parties using them. Such clauses have also been approved for transfers of data to countries outside the UK and Switzerland. Google rely on SCCs for data transfers where required. If you want to obtain a copy of the SCCs, you can contact them:

For more information please review Google’s GDPR statements:

Google have undertaken a Data Protection Impact Assessment (DPIA), the details of which can be found below:

Our website provider, stores information that is collected via the 'contact us' online forms and members accounts on their server. This is for administration purposes and the information is kept in accordance with our Data Protection Policy.

For more infomation on how Wix stores your data, please visit

Club administrators may also store information securely either at their home address or in a locked filing cabinet in the clubhouse. Any electronic documents must be password protected.


​Rights of individuals whose information we hold
Your rights as a data subject can be found on the Information Commissioner's Office website.


Your rights

You have the right to:

  • The right to be informed

  • Have any inaccuracies in your data corrected. 

  • Request that we delete your personal data.

  • Request a copy of the personal information we hold about you.

  • Object to the processing of your data on grounds relating to your personal situation.

  • The right to information portability

  • The right to object

  • The right to withdraw consent

  • The right to lodge a complaint



If you wish to complain about how we are processing your personal information please contact:

Processing your information for a purpose than for what it was originally collected

Where we intend to process your personal information for a purpose other than that for which the personal data was collected, we will provide you with information on that other purpose before doing so.


​​Changes to this policy
We may update this policy. We will notify you about significant changes in the way that we treat your personal information by placing a notice on our website.

Last updated 30/03/2024

bottom of page