BRS and GDPR

There may be some merit in being able to choose who you play with. That doesn't mean that you should be able to see who's been on the course all day or all week.

If this was the reason for having that data available, at a minimum, you'd need explicit consent from each member to have their data shared like this. You'd also need to consider what happens if the member withdraws their consent, as all of us are entitled to do at any time.

Phone books were long before GDPR, and you always had the option to be ex-directory. Football matches are a fairly different beast all together.

All different scenarios, with their own implications, which I don't really feel like teasing out for y'all, case by case.

And none of which have any impact on the original issue, of player's names/slots being visible to other players.

this reminds me of a lad I once knew who was obsessed with the number 42. He was convinced it was everywhere.

I tried to reason with him that every number is everywhere, and the more you fixate on one, the more you’ll notice it.

But he wasn’t for having his mind changed.

——

your take on GDPR legislation is similar. You’ve convinced yourself that any and every use of your name is illegal, and will zone in on specific and/or out of context words to prove your theory.

But you’re completely missing the bigger picture; the context. GDPR wasn’t designed to make our lives uncomfortable. It was designed to prevent corporations from making our lives uncomfortable.

It’s not practical for a members golf club to run member competitions without disclosing who played, what handicap they used, and how they scored. It’s not practical for member timesheets to be anonymous as the logistics of 4 people turning up on a tee, some early, some on the buzzer, and not knowing who they’re playing with, repeated 50 times in a day, is a nightmare of worry and confusion, for what is meant to be a en enjoyable pastime.

The ICO wouldn’t look at this case. They’d just laugh. You know why? Because they’re doing their actual job. They’re stopping organisations from using your data the wrong way.

Maybe you should go back for an auld refresher on the GDPR yourself

The names are there for the purpose of people being able to identify with whom they are booking, this is a perfectly good reason, once the date of the booking passes, so does access to the data. We would have agreed to this when signing up to the booking system.

So what happens when the member withdraws their consent to sharing of their booking data with other members, as we are all entitled to do. Are you going to block them from playing?

Every scenario is different. It depends on the purpose of processing, the way consent was given, how data is being shared.

If it was simple, you wouldn’t have reams of consultants and lawyers making a very good living out of advising on it.

So what happens when you withdraw your consent?

I'd say a 101 course on gdpr would do you the world of good

The real reason people want to be able to see who is on the tee sheet is to try to avoid know nothing bores you see

Did you read the bit in the guidance I posted about “no negative consequences” and if “without detriment”?

You can still book a tee time. To use the system is conditional on consenting.

Maybe I'm being dumb or tired here. What's the negative consequence or detriment from your interpretation?

No they aren't, that is the whole point

You should read the whole document

The names are necessary for the booking system to work properly

Hence they can be used

Gdpr is not there to assist unreasonable people like yourself

Did you just come here to troll? You clearly are one of these guys who has no clue about GDPR. Used to see a lot of it in the early days, fools saying that we couldn’t keep invoice records of customers when they were no longer customers and lots of other stupid stuff like that.

If you feel so strongly about it maybe you should take a case that you seem so convinced would be a slam dunk, but then I suspect you probably don’t even play golf.

Nope, you can design a system like this in a reasonable way, nothing to do with being nosey and there's nowt you can do about it

Read the full document

As long as there's a valid reason for the names you are **** out of luck

It's not

You seem to try and over complicate everything

That it isn't unecessarily disruptive of the service being provided is part of gdpr

Have you ever tried to do any of this?

Or are you just a googler

I already answered you