Newsletter

Privacy Statement

Introduction
Allendale Golf Club is committed to protecting the privacy of our members.   We treat information you provide to us, and your privacy, with care.

This Privacy Policy Statement and related documents explain how we collect, store and use the personal information you provide.
If you have any questions/comments about privacy, you should contact us by clicking this link.   We will only use the information that we collect about you lawfully in accordance with the Data Protection Act 1998, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and, from 25 May 2018, the General Data Protection Regulation (GDPR).

GDPR – General Data Protection Regulation
This section covers a number of GDPR specific items for clarity to our customers. It references a number of items in the following document: ‘REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016’ – this document can by clicking here (an 88 page PDF document).

Definitions
Please see Article 4 of the above document for a full list of definitions used in GDPR. For clarity the following definitions are noted here from Article 4 of the above regulation:

  • ‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’);
  • ‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
  • ‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Rights
GDPR provides the following rights for individuals and their personal information:

  1.   The right to be informed
  2.   The right of access
  3.   The right to rectification
  4.   The right to erasure
  5.   The right to restrict processing
  6.   The right to data portability
  7.   The right to object
  8.   Rights in relation to automated decision making and profiling

Our Responsibilities – a Summary
This section summarises our responsibilities as defined by REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016:

  • Under Article 28 paragraph 2 we will not engage another processor without your consent.  Note that some of our activities do use other processors to provide services i.e. the England Golf CONGU interface for creation, maintenance and update of your handicap.  This does not apply to social members.
  • Under Article 28 paragraph 3 processing is governed by our Data Protection Guide which can be read by clicking here.
  • Under Article 29 where Allendale Golf Club is operating as a ‘processor’ and we will only process data under instructions of the Data Controller.
  • Under Article 30 paragraph 5 of the above regulation it is stated that: as Allendale Golf Club has less than 250 staff and as processing of data for support purposes is an occasional activity requested by data controllers we shall not apply paragraphs 1 & 2 of Article 30 with regard to records of processing activities.
  • Under Article 31, On request, cooperate with the UK’s supervisory authority i.e. the Information Commissioner’s Office (https://ico.org.uk).
  • Under article 32 we will implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.
  • Under Article 33 notify the data ‘controller’ of any personal data breaches.

Basis of data collection & processing
Under GDPR, Allendale Golf Club is a ‘Controller’ and collects data on the lawful basis of club membership.

Under GDPR, Allendale Golf Club is a ‘Processor’ and processes data on behalf of the ‘Controller’ under the the lawful basis of membership i.e. i.e. to register membership of the club and maintain a golfing handicap where necessary.

Profiling and automated decision making
With respect to GDPR and specifically profiling and automated decision making the following statement is made for clarity:
Your personal information is NOT used for automatic decision making or profiling.

Privacy in relation to member information

What we do with your information
We collect information about you to process:

  • Membership registration, update and renewal
  • Administration of golf handicaps (excluding social members)
  • Registration and notification of competition results (excluding social members)
  • Distribution of newsletter and general information regarding club activities and events via email.

Information we collect and how
The type of information we will collect about you includes:

  • your name
  • your address
  • phone number
  • mobile number
  • membership payments received including receipt date
  • membership status and type
  • joining date
  • handicap and associated history (excluding social members)
  • competition results (excluding history)
  • England Golf National CDH Id (golfers only)
  • membership number (same as CDH at AGC – golfers only)

Online payments – we do not support online payments.  Credit card payments are accepted at the bar but we not hold, store or process the associated card information.

We use WordPress statistics technology (Jetpack) to track the location and volume of visitors to our website (allendale-golf.com).  This can include using a ‘cookie’ which would be stored on your browser. You can usually modify your browser to prevent this happening. We may also record your IP Address. This information does not tell us who you are and where you live. This data is purely used to establish site visitor volumes and geographic location – no more specific than regions within a country code.

We do NOT offer advertising from third parties on our websites and therefore do NOT pass aggregate information on

We will never knowingly collect sensitive information about you without your explicit consent.

Communications
Provision of your email address when joining has been taken as implicit permission to email you regarding any matters pertaining to membership of the club.  This is done on the basis of “legitimate interests” which is expressly permitted by GDPR.  We will not necessarily distinguish between golfing and social members.  On request, at any time, we will remove your email address from your contact details.

Subscription to the website is controlled by a separate mechanism and requires positive action by the subscriber.  Subscribe/unsubscribe is controlled by the individual.

Who has access to the information you provide?
Members of the committee responsible for administering membership and handicaps will have access to the HandicapMaster database used to control all aspects of club membership, handicapping and competitions. This will be typically the chairman, treasurer, handicap secretary and those members of the club with access to the database for competitions administration.

We will not pass the personal information we hold about you to any third party.  The only external applications which interface with the Allendale Golf Club’s instance of the HandicapMaster system are the Master Scoreboard and England Golf Central Database of Handicaps (CDH) system.  In both instances, the information transferred is restricted to competition results, handicap information, National ID and a minimal identification dataset sufficient to confirm individual identity against the numeric CDH.  These are both trusted suppliers  who have agreed to treat your information as respectfully as we do and in accordance with the requirements of the Data Protection Act 1998 and the GDPR Regulations from 25 May 2018.

Keeping your information safe and for how long?
The personal information which we hold will be held securely in accordance with our internal security policy and the law.

Data that is sent via the internet or in email, is not 100% secure. As the internet is a global environment, sending data to us may take place outside the European Economic Area.

We will take every reasonable precaution to keep your information safe but it cannot be guaranteed. So please be aware that any information you do transmit to us is at your own risk.

Once we have received your information we will use our best effort to ensure its safety within our network, which is within the European Economic Area.

We will retain the data while you are a member. We will also retain the data for a time period to meet legal requirements, such as for company accounting purposes (6 years), UK Government Accounting Regulations. There may be other such legal requirements for example taxation reasons. The time period for such retention will be based on current legislation and regulatory requirements.

Understanding your rights
The information we hold will be accurate and up to date.

To request details of your data you should contact us – see details on our website home page. There you will find provided full contact details.

If you find any inaccuracies, we will delete or correct it promptly.
You also have the right to object to further processing of your personal information for direct marketing.

For wider advice and guidance about data protection you may contact the data protection regulator the UK’s supervisory authority, this is the Information Commissioner’s Office (https://ico.org.uk).

Complaints

In the first instance, you should contact us the nature of your complaint – see contact details on our website home page.
You also have the right to contact the UK’s supervisory authority, this is the Information Commissioner’s Office.

Notification of changes to this statement
allendale Golf Club reserves the right to change this statement over time to reflect changes in privacy and data protection regulations and to post the updated version to this website. We may also contact you by e-mail where you have agreed to be contacted, to notify you of updates to this policy.