The General Data Protection Regulation (GDPR) came into force on 25 May 2018 and represented a reshaping of the data protection landscape.

In simple terms, GDPR helps protect the personal data of those involved in rugby by requiring better governance and transparency. Organisations holding personal data, including constituent bodies, referee societies and clubs, will need to give more information to people about what they do with those people’s data, why, and for how long.

The RFU is pleased to provide guidance and resources via a toolkit, to help constituent bodies, referee societies and clubs work towards GDPR compliance. The toolkit provides an overview of the Regulation, what it means for rugby, and some practical steps you can take to ensure compliance. It also contains some template policies and procedures you can put in place. All the relevant information and guides can be downloaded by clicking the links below:

For additional help, please contact our Data Protection Officer, details below.

Contact: Nicola Wallace-Walton

Telephone: 07771 985656

Email: [email protected]

DW - Privacy policy 2022

Dorset Wilts RFU - Data Protection Policy 2023-24

Clubs - Data Protection Policy - Sample - Copy

GDPR To Do Checklist - Oct 2023

RFU GDPR Toolkit, please Click here

Appendix 1-Draft Privacy Policy Neutral, please Click here

Appendix 2-Data Breach Management Flowchart Neutral, please Click here

Appendix 3-Subject Access Request Flowchart Neutral, please Click here

Appendix 4-Personal Data Inventory Neutral, please Click here