Skip to content

GDPR & Compliance

Built for Compliance

Go Fan Cam is designed with privacy and data protection at its core. Here is how we help you stay compliant.

Regulations We Support

Go Fan Cam is built to help you comply with the following data protection frameworks:

  • GDPR — General Data Protection Regulation (UK and EU). The primary framework for processing personal data of European residents.
  • CCPA — California Consumer Privacy Act. Protects the privacy rights of California residents.
  • Australian Privacy Act — Governs the handling of personal information by Australian organisations.

Fan Consent Flow

Before a fan can submit a photo, they are presented with your customisable consent screen. This clearly explains what data is collected, how it will be used, and who controls it. Fans must actively accept the terms before proceeding. No pre-ticked boxes. No implied consent. The consent record is timestamped and stored.

Data Processing Agreement (DPA)

A Data Processing Agreement is included with every Go Fan Cam subscription. The DPA sets out how Go Fan Cam (as Data Processor) handles personal data on behalf of your organisation (as Data Controller). It covers processing purposes, security measures, sub-processors, and breach notification obligations.

Data Controller vs Data Processor

Your organisation is the Data Controller. You determine what data is collected, why it is collected, and how it is used. Go Fan Cam acts as the Data Processor, handling data strictly in accordance with your instructions and our DPA. This is a standard controller-processor relationship under GDPR.

Data Retention

Go Fan Cam applies the following default retention periods:

  • Approved photos: Retained for 90 days, then automatically deleted.
  • Rejected photos: Retained for 30 days, then automatically deleted.
  • Consent records: Retained for 12 months for audit and legal compliance purposes.

Admins can manually delete individual photos or entire sessions at any time from the dashboard.

Admin Deletion Controls

Administrators have full control over data deletion. You can delete individual photos, bulk-delete by session, or remove all data for a specific link. Deletion is permanent and irreversible. This ensures you can respond to data subject access requests (DSARs) and erasure requests promptly.

Youth Sport & Safeguarding

If you operate in youth sport or environments involving minors, additional safeguarding considerations apply. Go Fan Cam's approval workflow means no photo reaches the big screen without explicit admin approval. You control what is shown and when. We recommend establishing clear internal policies for photo approval in youth settings and ensuring your consent text references parental or guardian consent where applicable.

Summary

Go Fan Cam provides the tools, workflows, and agreements to help your organisation process fan data compliantly. If you have specific compliance questions or need a copy of our DPA, contact our support team.