saltire

Policies

Last updated 1 May 2018

General

  1. We are a national organisation.
  2. We are an active member and supporter of ICCF.
  3. We are a non-commercial organisation with a break-even (or better) financial aim.
  4. We are compliant with GDPR (general data protection regulations) introduced in May 2018.

Membership

  1. Our membership is open to any chess player, subject to the categorisations below.
  2. We recognise the following nationality categories:
    • Scots (fulfil ICCF regulations and can represent Scotland in ICCF team events).
    • Scots Connection (descent from parent/grandparent and/or residence for 2+ years).
    • Non-Scots (all other types).
  3. We operate the following membership categories, all of whom have voting rights at the AGM:

    Category Fees Benefits
    Patron 100+ donation Commemorative (by agreement); free magazine (email or printed) in the first year; free tournament entries (all events in any year).
    Life 10 x Annual Free magazine (email or printed) in the first year; free email introductory tournaments in any year.
    Annual Set at AGM Free email magazine and email introductory tournaments.

  4. We solicit membership as follows:
    • Scots - actively, via all available media in Scotland.
    • Scots Connection - passively, via the website and magazine internationally.
    • Non-Scots - passively in accordance with ICCF agreements.
    • Transfers - occasionally we receive requests from non-Scots who move to Scotland to work or retire, or have some other reason for wanting to switch national allegiance. The player must first seek consent from his/her existing federation plus the SCCA; if both organisations are happy then the ICCF Executive is requested to ratify the change. If that is agreed, then the player is deemed to have automatically fulfilled any nationality criteria operated by SCCA. [The converse is also true; an SCCA member may seek to transfer to another federation if there is good reason to do so.]
  5. Playing eligibility is as follows:
    • Only Scots and Scots Connections (2a and 2b above, and refer 4d) of any member type are eligible to play in the SCCA Championship Final.
    • All nationalities and all member types can play in all other SCCA events.
    • All nationalities whose principal affiliation is to the SCCA, and all member types can be entered and play in ICCF individual events.
    • Only Scots nationals (2a above, and refer 4d) of any member type can play (if selected) for Scotland in ICCF team events.

Tournaments

  1. Our general philosophy is to allow players to agree the playing mode in all events (including the Championship Final) by mutual consent. See also SCCA Events.
  2. We run the Championship Final on a fixed 2-year cycle, starting in January each year.
  3. We run all domestic tournaments other than the Championship on the following basis:
    • Generally one-year events, starting in January each year, but with Challengers matches able to be started at any time.
    • Playing rules, together with a current grading list, shall be published on the website at all times.
    • Time controls published by the controllers for each event should allow easy switching of methods during play.
  4. We promote domestic tournaments by allowing non-members selected entry rights, viz:
    • Leagues (and other team events) - 1 entry/year for non-members.
    • Introductory events - 1 free section for non-members.
  5. We run invitation/special events on whatever basis is deemed appropriate.

Magazine

  1. All annual members are email subscribers via part of their membership fee, but require to pay an annual fee to receive a paper version of the magazine.
  2. All patron and life members require to pay an annual fee to receive the magazine after the first year.
  3. Complimentary magazines are only available by email.

Finance

  1. We run all major activities on a break-even (or better) basis, and report them separately in the annual accounts. These activities include:
    • SCCA domestic tournaments.
    • SCCA international and special tournaments.
    • ICCF team and individual tournaments.
    • Website.
    • Magazine.
    • 100 Club.
  2. We fund other activities on a discretionary basis, subject to:
    • Any projected surplus from annual income less expenditure and/or...
    • Any balance sheet surplus, subject to the maintenance of a minimum reserve.
  3. Discretionary activities will include:
    • Promotional activities.
    • Development/training events for members.
    • Contributions to expenses for delegates attending ICCF congresses.

Publicity

  1. Within Scotland, all activities, including membership canvassing, are permissible using all available media.
  2. Internationally, we may actively promote our website and magazine using all available media, but other activities including membership should not be directly publicised.
  3. Invitations to international tournaments should be issued according to ICCF guidelines.

GDPR

General Principles

SCCA complies with the data protection principles of:

  1. Lawful, fair and transparent processing.
  2. Collection only for specific legitimate purposes.
  3. Data is adequate, relevant and limited to what is necessary.
  4. Data is accurate and kept up to date [to the extent our members permit].
  5. Data is stored only as long as is necessary.
  6. Security, integrity and confidentiality are ensured.

SCCA complies with the scope of GDPR:

  1. All EU organisations.
  2. All non-EU organisations which transact with EU organisations and individuals.
  3. All organisations classed as service providers/data processors (e.g. ICCF performs this role for SCCA).

Personal Data held by SCCA

Basic data (per GDPR) held by us:

  1. Contact details (name, postal address, telephone, email, etc.)
  2. Chess-playing details (events, results, grades, norms, titles, etc.)
  3. Other details (e.g. bank information for 100 Club, payments, expenses, etc.)

Basic data (per GDPR) not held by us:

  1. IP address, location data (computer), and online behaviour (cookies) are not used.

Specialised data (per GDPR) held by us:

  1. None.

Specialised data (per GDPR) not held by us:

  1. Race, religion, political opinions, trade union membership, sexual orientation, health information, biometric data, and genetic data are not used.

Accountability and Governance

Functions (per GDPR) which SCCA performs:

  1. A governance structure with roles and responsibilities (via committee members who look after membership, treasurer, grading, webmaster and magazine editor functions).
  2. A detailed record of all data processing operations (via committee members who update databases, spreadsheets, documents, webpages, magazines and published reports).
  3. Documented data protection policies and procedures (this page).
  4. Appropriate measures to secure personal data (via committee members who secure databases, spreadsheets and documents; and external service providers/data processors, e.g. website hosting who provide access security).
  5. Staff training and awareness (SCCA has no employees; committee members receive induction for their roles).

Functions (per GDPR) which SCCA does not perform:

  1. Data protection impact assessments (DPIAs) for high-risk processing operations (not required).
  2. Appointment of a data protection officer (only necessary for high-risk processing and specialised data).

Rights of SCCA Members

Individual Consent

  1. Consent must be freely given for individual data to be held.
  2. Consent may be withdrawn at any time.
  3. Consent will be explicitly documented via membership forms (from autumn 2018) or individual communication prior to then.

Privacy Rights

  1. Individuals can access their personal data through subject access requests via the webmaster.
  2. Individuals can ask for inaccurate personal data to be corrected.
  3. Individuals can ask to have personal data erased (NB historical documents e.g. magazines may not be practical).
  4. Individuals have the right to object to data being held.
  5. Individuals have the right to move personal data from one service provider to another (data portability).
  6. SCCA does not provide individual data to third parties (other than its service providers/data processors) for any reason.

Data Security and Breach Reporting

  1. SCCA will report data breaches to the data protection authority within 72 hours of discovery.
  2. SCCA will tell impacted individuals if any data loss constitutes a high risk to their rights and freedoms, e.g. identity theft, personal safety.