Lancashire League Handbook 2024

GENERAL CONDUCT REGULATIONS FOR RECREATIONAL CRICKET 2024 14. DISCLOSURE OF RELEVANT CRIMINAL OFFENCES (REGULATION 10) 14.1 In instances where a participant discloses a Relevant Criminal Offence, in accordance with Regulation 10, the Relevant Cricket Organisation receiving that disclosed information must abide by its duty of confidentiality and all applicable data protection laws. 14.2 Any Relevant Criminal Offence should be disclosed to the Club Safeguarding Officer in the first instance and, if that Club Safeguarding Officer has any concerns in relation to the handling of the matters disclosed, they should escalate it only to the County Safeguarding Officer. Such matters should only be disclosed beyond those two people and discussed at committee level in complex cases and only following discussion and agreement with the County Safeguarding Officer. The ECB’s Safe Hands Training Course provides further information on this. 14.3 Full information about the relevant ECB contacts for referring any safeguarding concerns can be found here: https://www.ecb.co.uk/ about/policies-and-regulations/safeguarding/share-a-concern. 15. DATA PROTECTION 15.1 The UK GDPR and the Data Protection Act 2018 are the primary data protection legislation in the United Kingdom. It is a legal requirement for all Relevant Cricket Organisations and Panels to comply with data protection law when processing personal data. If Relevant Cricket Organisations do not comply with their obligations under data protection law, the Information Commissioner can impose various sanctions on the Relevant Cricket Organisation including preventing the use of the personal data and/or imposing a significant financial penalty on the Relevant Cricket Organisation. Relevant Cricket Organisations may wish to obtain independent legal advice to ensure they meet their obligations. 15.2 The UK GDPR provides that, where personal data is obtained, the person or organisation receiving the personal data must provide transparency information (usually referred to as a ‘privacy notice’) to each individual whose personal data is received. If the data is not received directly from the individual (as may be the case following receipt of a Disciplinary Report or Written Complaint), the person or organisation receiving the personal data must provide the privacy notice within a reasonable period following receipt of the data and, in any event, within one month. What amounts to “reasonable” will depend on the circumstances, but as a general principle, the Relevant Disciplinary Body should take all steps to communicate with the data subject (about whom personal data is received in a Disciplinary Report or Written Complaint) as soon as is reasonably practicable, providing the privacy notice with the communication, to ensure compliance.