GDPR – A joint statement from Table Tennis England & Table Tennis 365

There has been a lot of information circulated regarding GDPR and we thought that it is important you understand the relationships and the implications of these.

The first and most important thing is don’t panic. It is important that you are shown to be working proactively towards GDPR compliance and that you have a plan to deliver it. It is those (by the 25th May) who have completed no work or ignored it that could have a problem.

Roles within GDPR

Table Tennis England – Data Controller of the Membership data.

Leagues & Clubs – Data Controller of individual organisation data.

Table Tennis 365 – Data Processor for both above.

Therefore, each Data Controller (Table Tennis England and Leagues) should have a Data Processing Agreement (DPA) with the Data Processor (TT365).

We have created a template Data Processing Agreement which should be used between Leagues and TT365.

This can be found on the TT365 admin area, under Help > Terms.

The relationship between Table Tennis England and Leagues is one of Controllers in Common.

Therefore, there needs to be an agreed statement between Table Tennis England and Leagues which needs to be acknowledged by both parties.

1) This will be delivered via TT365 and will be mandatory to be acknowledged/completed.

1.1) In this Agreement:

“Data Protection Laws” means the Data Protection Act 1998 (for so long as it is in force) and the GDPR (once in force), any amendment, consolidation or re-enactment thereof, any legislation of equivalent or supplementing purpose or effect enacted in the United Kingdom, or, where relevant, the European Union;

“GDPR” means the General Data Protection Regulation (EU) 2016/679, as implemented, derogated from and/or varied by the laws of England and/or where relevant the European Union;

2) Data Protection

2.1) Each party acknowledges that:

2.1.1) it acts as a data controller in respect of any personal data transferred between the parties; and

2.1.2) it is responsible for its own compliance with Data Protection Laws, in particular establishing its own legal basis for processing.

2.2) Each party shall comply with Data Protections Laws and shall not cause the other to breach Data Protection Laws.

This will be administered via TT365

Table Tennis England

Table Tennis England has a designated section on its website regarding data protection which provides both details on how and why it processes members data and provides templates and links to useful resources.


TT365 have a GDPR statement on their website here:

A useful FAQ section can be found in the admin area under Help > FAQ

Finally a great source of information about GDPR is the TT365 admin forum, find this in the admin area, under Help > Forum > General Discussions > Data Protection Rules 2018