Stockport Golf Club
The collection and use of personal data is regulated by the Data Protection Act 1998 and the General Data Protection Regulation (EU2016/679) (the “GDPR”). Stockport Golf Club (“the Club”) collects, stores and manages certain categories of personal information about its members and is the ”controller” of such data for the purposes of the GDPR.
WHAT IS THIS DOCUMENT?
WHAT WE COLLECT
We may collect, store and process the following information in relation to individual members and prospective members of the Club:
- Name and surname
- Date of Birth
- Postal address
- Email address
- Telephone Number (Home, Work & Mobile)
- Previous Club or Clubs
- Handicap or other records of golfing ability
- Category of Membership
- Date of Election
- Club, county or national offices held
- Playing record
- Financial transactions between the Member and the Club
In some cases we may hold other personal data of a sensitive nature about individual members, for example information about their health. We will not retain information of this kind or process it in any way without the express consent of the member involved, which may be withdrawn at any time.
WHY WE COLLECT IT
We collect personal information of this kind from the members of the Club solely for the purposes of providing the sporting and social facilities, activities and support which members of the Club are entitled to receive by reason of their membership.
We consider that the provision of such data is a contractual requirement of membership of the Club and that processing such data is necessary for the proper performance of the mutual obligations subsisting between the Club and its members.
In the case of prospective members, we collect such information so as to enable us to determine whether he or she should be admitted to membership of the Club and, if so, in what category. We consider that information of this kind is necessaryin order for us to take steps at the request of the individual concerned prior to entering into any membership agreement with him or her.
HOW WE COLLECT IT
We will normally collect information of this kind from you directly. Where necessary or appropriate, we may also obtain information about your golfing activities or attainments from third party organisations such as England Golf. If you are a junior member under the age of sixteen, we will not collect such information without the consent of the person with parental authority over you or satisfactory evidence that any consent by you is authorised by the person with parental authority.
If you are a prospective member, we may seek further information about you from other members of the Club or from third parties such as your nominated referees or your former club or clubs.
With these exceptions, we do not collect or store personal data about you supplied or obtained from any other person or third party.
WHAT WE DO WITH THE INFORMATION
We use personal information of this kind for administrative purposes and in order properly and effectively to fulfil our obligations to you as members of the Club. If you are aprospective member, we may use it to help us to determine whether you should be admitted to membership of the Club and, if so, in what category.
As part of our service to members, we will from time to time try to keep you informed and up-to-date about Club affairs by post, e-mail, newsletter, telephone or social media. We may also seek to contact you for market research purposes in order to improve our products and services for the benefit of the Club and its members. If you do not wish to receive material of this kind, you may opt out at any time by informing the Honorary Secretary or his or her Assistant, and we will stop contacting you henceforth for any of these purposes.
WHO HAS ACCESS TO YOUR PERSONAL INFORMATION
The routine processing of members’ personal data is carried out internally by Club officials and staff or by members specifically authorised to make use of it for specified purposes such as organising competitions and matches.
We also pass on certain information to the club professional and steward in order to enable them to contact members directly in relation to golfing or catering activities and events.
Names, addresses and telephone numbers are published each year in the Club diary in order to enable members to contact each other directly on matters of common interest rather than through the Club office. Such information is confidential to the members and must not be used for any other purpose.
EXTERNAL DATA PROCESSING
The Club also retains the services of certain external agencies to process some personal information on its behalf for certain specific purposes, such as systems back-up, on-line booking, the provision of club card facilities, the national recording of handicaps, website maintenance and the publication of competition results. We will continue to make sure that any outside processors will hold members’ data securely and will not attempt to use it for any other purpose.
We will try to ensure that the personal data which we hold is at all times accurate and up-to-date. Please let us know if your details change so that we can continue to stay in touch.
PRIVACY & CONFIDENTIALITY
Your privacy is of the highest importance to us, and we will never release your personal details to any third party without your express consent unless we are legally obliged to do so or it is necessary to enable us to comply with our contractual obligations towards you or for the purposes of external data processing, as explained above. We do not transfer your personal information to International third parties.
All such information is held securely by the Club which endeavours to comply at all times with the requirements of the GDPR and any other applicable data protection legislation. We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect from you. We maintain adequate technical and organisational security measures to protect your personal information from loss, misuse, and unauthorised access, disclosure, alteration, or destruction.
Our website is protected with 128 Bit SSL encryption. This means that any information we collect from you via our website is protected and secure. When you are asked for any personal data on our website, you will see a lock icon in your browser, confirming that your data is secure.
In the unlikely event of our systems being breached and your data being improperly accessed, disclosed or otherwise compromised, then we will notify you as soon as reasonably practicable and, in any event, within 30 days, including full details of what parts of your personal data have been compromised.
ACCESS AND CORRECTION RIGHTS:
Each member has the right to request access to any personal data concerning him or her which is held by the Club, to obtain certain information in relation to it, to request the rectification of any inaccuracies and, in some circumstances, to seek its erasure or to restrict its use.For security reasons, we reserve the right to take steps to authenticate your identity before providing access to your personal information.
RETENTION OF DATA:
Personal data will be retained so long as you remain a member of the Club. If you cease to be a member, we will retain your records for a maximum period of seven years for financial, fiscal and accounting purposes and in case of any future dispute. Personal data concerning prospective members will be retained until the final determination of any application for membership. We may also retain personal data if it is necessary to do so pending the resolution of any complaint, dispute or claiminvolving you and the Club. We may also wish to retain some personal data in order to contact you for marketing purposes, in which case we will ask you for your explicit consent; and we may also wish to retain some such data for the historical record.
CONCERNS AND COMPLAINTS
If you have any concerns or complaints about the way in which we have handled your personal data, you should raise them in the first instance with the Honorary Secretary or his Assistant. If it does not prove possible to resolve your concerns in this way, you may raise them directly with the Office of the Information Commissioner.
CHANGES TO THE POLICY:
This policy is effective from 25/05/2018.
If you have any questions regarding this policy, or you wish to update your details or remove any of your personal data from our records, please contact:
John O Bolt – Honorary Secretary Email: email@example.com
Jayne Scowen – Assistant to Honorary Secretary Email: firstname.lastname@example.org