Data protection , e-mails and CC / BCC

randhl2

I try hard to remember to always comply with the data protection act, normally I BCC everyone if I wish to e-mail all club members at the same time.
If in error I CC them [which I did!] so they can therefore all see each other's e-mail addresses can this pose a "data protection" problem or issue? No-one has asked me about it, so I guess they are not worried anyhow, but that is not the point.
Many of the e-mail addresses are clearly belonging to "jo smith" or "tim jones", so people can deduce the e-mail address of their fellow players reasonably easily.
The obvious comment is make sure it's a BCC, but if it is sent as a CC how do I stand?
Advice and/or clarification much appreciated. Thank you.

Peter

One suggestion is to immediately send an apology (.bcc) and say that it won't happen again
That way you have at least notified them their email address has been disclosed

16248

If you can do it via Pianola all recipients are effectively bcc.
Alan

gordonrainsford

You should treat it as a data breach, which means you should record it, tell the members it has happened and invite them to tell you if it is likely to have caused them damage. If it has, you should report it to the ICO.

There is more detail about data breaches at https://www.ebu.co.uk/documents/official-documents/GDPR/10-data-breaches.pdf and a data breach log available for download at http://www.ebu.co.uk/documents/official-documents/GDPR/10-data-breach-form.xls.

randhl2

Many thanks for the replies. I am most grateful.