Phone us
The introduction of GDPR prompted many football clubs to halt data usage to avoid hefty fines. AJC has been instrumental in guiding clubs away from this cautious approach, enabling them to leverage their data effectively.

In the competitive landscape of professional football, where clubs heavily rely on data for daily operations, the collection and processing of personal data, including player information and fan demographics, is paramount.

This case study illustrates how partnering with AJC empowers football clubs to adopt data-driven methods, transforming their performance in the digital age.

Background

In May 2018, the implementation of the General Data Protection Regulation (GDPR) marked a significant shift in data protection laws within the European Union, aiming to standardise data privacy laws across Europe and safeguard individuals’ rights to their personal data. Compliance with GDPR became mandatory for all entities handling personal data, posing a challenge for football clubs to ensure that all staff members involved in handling and processing data were fully trained in data protection principles. 

Football clubs play a vital role in collaborating with partners and the community to provide support and opportunities that enrich the lives of their fans and residents through community outreach programs, partnerships with local businesses, charitable initiatives, educational opportunities, and fan engagement efforts. As part of their Corporate Social Responsibility (CSR), it is crucial that football clubs demonstrate their commitment to making a positive impact beyond the football pitch.

Challenge 

The challenge for a leading Premiership Football Club (the Club) was twofold: ensuring compliance with GDPR and embedding a culture of privacy throughout the organisation. Recognising the extensive personal data it managed, including data from fans, employees, and players, the Club sought expertise to navigate the regulatory landscape. Partnering with A Jolly Consulting Ltd (AJC), renowned for its specialisation in data protection within the sports industry, the Club extended the scope of the partnership to include its Foundation, engaged in community and educational charity work.

AJC adopted a strategic approach, conducting a comprehensive assessment of current data protection practices, policies, and procedures. This involved identifying areas of non-compliance and potential risks to data privacy. Additionally, providing GDPR refresher training to various streams of the business, each dealing with different categories of data, posed unique challenges, particularly in a complex environment like a football club with diverse data processing activities, including player contracts, medical records, ticket sales, merchandise purchases, and marketing databases.

Solution

AJC developed a tailored action plan and guided its implementation, ensuring all facets of the Club met their GDPR responsibilities. To address these challenges and enhance data protection awareness and compliance across the organisation, AJC provided  training which involved engaging staff in real-life scenarios relevant to their roles which was an effective method used to reinforce GDPR training and emphasise the importance of data protection within the organisation. This highlighted how employee actions contribute to achieving compliance and privacy goals as well as demonstrating accountability, achieving the following outcomes:

  • Delivering a comprehensive training session covering GDPR fundamentals, including data protection principles, lawful basis for processing, data subject rights, and consequences of non-compliance.
  • Tailoring training content to different roles within the organisation to ensure staff members understand their specific responsibilities when handling personal and special categories of data.
  • Clearly communicating staff members’ data processing responsibilities through training materials, policies, and procedures.
  • Establishing support mechanisms, such as designated data protection officers or a dedicated compliance team, to assist the Club in meeting GDPR requirements.
  • Advising on integrating GDPR compliance into existing business processes and workflows to embed best practices within the organisation.
Commercial Benefits 

The collaboration with AJC resulted in GDPR compliance, establishing the Club as a trusted custodian of personal data. This compliance led to several commercial advantages:

Enhanced Fan Engagement: Transparent data practices improved trust, increasing fan interaction and participation in Club initiatives. 

Data-Driven Marketing: Compliant data handling enabled targeted and personalised marketing campaigns, driving ticket sales and merchandise revenue. 

Sponsorship Appeal: Adherence to data protection laws bolstered the Club’s reputation, attracting lucrative sponsorship deals. 

Operational Efficiencies: Streamlined data processes reduced overheads and mitigated the risk of financial penalties associated with data breaches. 

Innovation Opportunities: Leveraging anonymised data analytics improved player performance and fan experience, enhancing competitive edge and satisfaction

Outcome

The Club extended the scope of its partnership with AJC to include its Foundation, engaged in community and educational charity work. Continuing to work with AJC for ongoing data protection governance, the Club continues to capitalise on these commercial benefits, ensuring sustained growth and maintaining market leadership.

If you think we could help your football club, call us on 020 7101 4861.

In case you missed it...

romance fraud
Romance Fraud: Love at First Sight...

Romance fraud victims are not your stereotypical targets but rather individuals who experience a moment of vulnerability. Please be warned,...

Read More
North Korean Hackers and Cryptocurrency
North Korean Hackers and Cryptocurrency: A...

North Korean hacking groups have become increasingly sophisticated, targeting cryptocurrency exchanges to fund the North Korean regime. They use social...

Read More
Data Protection Best Practices
Building Trust and Loyalty Through Data...

Last week, on 28th January, Data Protection Day, established by the Council of Europe in 2006, marked an important opportunity...

Read More

Get in touch

    By submitting this form you are consenting that your data be handled in accordance with our Privacy Notice and we will be in touch regarding your enquiry.