DCF Privacy Policy


Like all organisations who collect and use personal data, the Derbyshire Cricket Foundation (DCF) is subject to the requirements set out in the General Data Protection Regulation (‘GDPR’). We take our responsibility to look after personal data very seriously and we ensure that respecting privacy is central to all that we do. This Privacy Policy explains what information we collect about you, how we use it, and the steps we take to ensure that it is kept secure.

Personal data is any information relating to an identified or identifiable living person. The definition of this may be found in the Data Protection Act 2018. The DCF complies with the Data Protection principles outlined in the GDPR when we collect and use personal data. These principles are:

  •  Personal data must be processed in a manner which is lawful, fair and transparent. This means that when we collect and use personal information we must have a lawful basis for doing so, we must consider the rights and interests of the person the data is about, and provide clear information about our use of the data
  • Personal data must be collected for specified, explicit and legitimate purposes and not used in any ways which are incompatible with those purposes. When we collect personal data we must be very clear about why we need it and what we will do with it. If we collect personal data for one purpose we may not use it for an unconnected purpose.
  • Personal data we collect must be adequate, relevant and limited to what is necessary for the purposes for which it is used. This means we must make sure that we only collect and use personal data that is strictly necessary for our stated purpose or purposes.
  • Personal data must be accurate, and where necessary, kept up to date. We are required to take all reasonable steps to ensure that the personal data held is correct and kept up to date. This means that from time to time, we will review the personal data we hold and we may contact you to make sure the personal data we have about you is current and does not contain any errors.
  • Personal data must be kept in a format which allows identification for no longer than is necessary for the purposes for which it is used. In some cases, it may only necessary for us to be able to directly identify an individual for a short period of time. When we no longer need to be able to identify an individual we will anonymise the personal data. Where personal data is anonymised and the data subject in no longer identifiable that data will cease to be personal data.
  • Personal data must be used in a manner that ensures appropriate security of the data. This means that our policies, procedures, systems and working practices must ensure that personal data is protected from unlawful access and is kept secure at all times.

We have relevant policies and procedures in place to ensure adherence to these principles, including a Data Protection Policy, and a Records Retention Schedule, which stipulates how long we will hold personal data for across all our business processes.


In order to provide you with the services you require, the DCF will collect personal information about you from our website, telephone conversations, emails and written and verbal communications. These will include, for example, your name, address, email address, phone number and details that are relevant to the service(s) in which you are interested. Occasionally we may ask for date of birth, for example, where the service you require has age related restrictions. We may supplement the information that you provide with other information that we obtain from our dealings with you or which we receive from other organisations, such as the England and Wales Cricket Board Limited (ECB), cricket clubs, or other cricketing organisations.

If you provide information to us about any person other than yourself, you must ensure that they understand how their information will be used and that you are authorised to disclose it to us, and have consent to its use on their behalf, before doing so.


In order to understand how our website and services are used, we may collect IP addresses, and in common with may website operators, we may use standard technology called “cookies” on our website. Cookies are small pieces of information that are stored by your browser on your computer’s hard-drive and they are used to record how users navigate our website. These enable us to develop our website and enable users to properly navigate the site. You may also get cookies from our sponsors and advertisers if you click on their links or adverts. You should check their privacy and security policies to understand how they use these.

Further information about cookies, and how to switch them off, is available at the Information Commissioners website: https://ico.org.uk/


We will primarily use personal information for the following purposes:

  • for registration and general administration (including verification, vetting, and security checking).
  • to provide the goods and services you request from us.
  • for record keeping purposes.
  • to provide appropriate certification following completion of programmes/training.
  • to carry out market research so we can improve services we offer.
  • to provide you with information which may be relevant to you based on services we have previously provided to you.
  • to track and analyse activity on our website.

To administer DCF programmes we use an administrative system operated by the ECB, and all personal data processed through this system is managed in line with the ECB Privacy Policy. Anybody registering for DCF programmes through this system, and providing personal data as part of this process, will need to provide consent to the ECB and DCF collecting and using this information in accordance with the terms set out in the ECB privacy policy.

In other instances where the DCF collect and use personal data, there will always be a lawful basis for us to do so. GDPR provides six lawful bases for processing personal data:

  • Consent: when you have explicitly told us that we may collect and use your personal data – for example by allowing us to add you to one of our mailing lists for club/league contacts.
  • Contract: when we need to collect and use personal data to enter into or perform a contract – for example applications for funding.
  • Legal obligation – when we need to collect and use personal data to carry out our legal duties – for example to respond to a request for information under the Freedom of Information Act.
  • Vital interests: when we need to collect and use personal data to protect your vital interests or the vital interests of another person – for example by contacting the relevant authorities if we believe an individual is likely to come to immediate harm.
  • Public task: when we need to collect and use personal data to carry out one of our official tasks, or a task that is in the public interest – for example when we carry out surveys about participation in cricket to assist with creating official statistics.
  • Legitimate interests: when we need to collect and use personal data to pursue the legitimate interests of the DCF, unless doing so would interfere with your rights and freedoms.

Our lawful basis for collecting and using personal data varies depending on why we have collected it and what we will do with it. Whenever the DCF collects personal data directly from you, we will seek to explain the basis for this as clearly as we can.


If any of our programmes or processes require us to receive personal data about you from a third party, we will use reasonable efforts to identify our lawful basis where it is possible and practical for us to do so.

In order to provide our products and services, we may, occasionally, appoint other organisations to carry out some of the processing activities on our behalf. These may include, for example, technology hosts, printing companies and mailing houses. In these circumstances, we will ensure that personal information is properly protected and that it is only used in accordance with this Privacy Policy.

We take the security of personal information seriously. We employ security technology, including firewalls, and Secure Socket Layers to safeguard information and have procedures in place to ensure that our paper and computer systems and databases are protected against unauthorised disclosure, use, loss and damage.

Your Rights

The GDPR gives individuals a number of rights in relation to any personal data an organisation holds about them, and the DCF is committed to enabling people to exercise these rights.


Under GDPR all individuals are entitled to be told what personal data an organisation holds about them. You can request a copy of the personal information that the DCF holds about you by contacting us at: info@dcfcricket.com


If you believe that the DCF is holding inaccurate information about you, you are entitled to ask us to update or rectify that data. In addition, if you believe that the DCF no longer has a lawful basis to use your personal data, you can ask us to delete it. You can ask to have your personal data rectified or erased by contacting us at: info@dcfcricket.com


If our lawful basis for collecting and using your personal data was consent, then you are entitled to withdraw that consent at any time. You do not need to give a reason for withdrawing your consent and we are required to comply promptly. You can inform us that you wish to withdraw consent by contacting us at: info@dcfcricket.com


We keep our approach to privacy under review, and this means we may update our Privacy Policy from time to time. Updates to the Privacy Policy are published on our website.

Derbyshire Cricket Foundation.

June 2018

Got a Question?

Do you have a question to ask one of our team?

Then click the link to find out who is best to answer your queries!

Our Sponsors