PRIVACY NOTICE FOR NORTHAMPTON GOLF CLUB
What are the identity and contact details of the Data Controller?
Northampton Golf Club is the Data Controller. Telephone: 01604 845155, Email: firstname.lastname@example.org
What personal data does Northampton Golf Club collect?
The data we routinely collect includes Member’s names, addresses, dates of birth, telephone numbers and email addresses. We collect this data directly from our Members when they join the Club via their Membership Application Form.
For some of our Members, we may have additional information such as health information required in accordance with the Club’s Buggy Policy.
We keep Member’s handicap information and a record of golf scores.
We keep Member’s financial details necessary to process subscription payments.
The data we collect from Green Fee Guests/Visitors are names, Clubs and contact details (telephone and/or email). With regard to Society Bookings and Open Competitions, we also collect addresses.
The data we collect from Staff includes names, addresses, dates of birth, telephone numbers, email addresses and emergency contact details. We also collect data pertaining to their financial and employment records.
What is this personal data used for?
We use Member’s data for the administration of Membership, the communication of information and the organisation of events.
We use Member’s financial data to fulfill contracts that the individual is party to.
Data collected from Visitors is used primarily for the communication of information. Visitors who have given us their clear consent will have their data used to receive promotional/special offer communications from us. Those providing consent will also be contacted by way of a reminder about competitions they have previously shown an interest in. In the case of Society Bookings and the hiring of buggies, the data forms part of a contract they are party to.
Personal data collected from Staff is used for administration and communication purposes. Financial and employment data is used to perform payroll duties and to enable us to comply with the necessary government regulations.
Who is your data shared with?
As Members, some of your personal data is shared with England Golf, of which you become a member upon joining Northampton Golf Club. This is in order for them to provide the full benefits of Membership. They require this data to monitor and run the central database of handicaps (CDH).
We publish Member’s contact details in the secure, password protected section of our website and also in our Club’s Diary. This is to allow members to contact each other to arrange games etc.
Staff personal data is shared with the appropriate government departments necessary for us to comply with their regulations.
In order to administer your enquiries, deliver products and services or to send your newsletters, we may need to pass your information to our service providers (Website, Membership and Handicap Software) and in all circumstances, we will remain the controller of your data and our service providers will be processors of your data.
Personal data is not passed on or shared with any other organisations or third parties other than those indicated above.
Where does this data come from?
Data from our Members comes from their application form when they join the Club. On occasion this data is provided directly should a Member wish to update their information (ie change of address) or require the use of a buggy in competitions.
Scoring data comes directly from the results of rounds you play here. Rounds at other Clubs are collated via England Golf and the CDH.
Visitor data is provided directly by themselves.
Staff data is provided directly by themselves.
How is the data stored?
This information is mainly stored in digital form on computers and in the form of written documents stored in the Club’s main office.
Who has access to your data?
Access is limited to the Club’s Management/Committee Members and Staff that require it to ensure the smooth and efficient running of our Golf Club. We regularly review who has access and ensure it is limited to only the appropriate individuals.
What is the lawful basis for collecting this data?
Northampton Golf Club collects personal data from its Members that is necessary for the purposes of its legitimate interests as a Membership organisation. We use your data in ways that you could reasonably expect us to as a subscription paying Member of a Golf Club.
The sharing of personal data in the Member’s section of the Website and in our Club’s Diary is different. In these cases, consent is our lawful basis for processing this data. If you do not clearly and specifically give this consent then we will not share your data.
Our lawful basis for collecting Visitor’s personal data is legitimate interests. The data provided to us is used in ways that it could be reasonably expected to.
If a Visitor should wish to receive further communication from us (special offers, competition reminders etc.) then they will clearly be asked to provide their consent.
Staff personal data is collected and processed on the lawful basis that it is necessary for the existence of a contract. Additionally, it is required for us to comply with legal obligations.
Across all categories, we only collect data that is strictly necessary and ensure it’s used in ways that have a minimal effect upon privacy
Who is responsible for ensuring compliance with the relevant laws and regulations?
Under the GDPR (General Data Protection Regulation) we do not have a statutory requirement to have a Data Protection Officer. The person who is responsible for ensuring Northampton Golf Club discharges its obligations under the GDPR and the point of contact for data protection matters is the Director of Golf.
How can you check what data we have about you?
If you want to see the basic Membership data we hold about you, you should contact the Director of Golf.
You can contact us with a ‘Subject Access Request’ if you want us to provide you with any other information we hold about you.
If you are interested in any particular aspects, specifying them will help us to provide you with what you need quickly and efficiently. We are required to provide this to you within one month.
There is not usually a charge for this, though we can charge a reasonable fee based on the administrative cost of providing the information if a request is manifestly unfounded or excessive, or for requests for further copies of the same information.
Does Northampton Golf Club collect any ‘special’ data?
The GDPR refers to sensitive personal data as ‘special categories of personal data’.
We do not actively collect any such data. The only data we record relates to the disabilities of Members who have explicitly requested it to be recorded for the purposes of buggy use. If you wish to change this data on your record you can do so at any time by contacting the Director of Golf.
Can you ask for data to be removed?
Yes, you can for any data that we have collected or processed with your consent being the lawful basis. This consent can be withdrawn at any time and we will remove your data as quickly as feasibly possible.
The majority of the data we hold is collected as we deem it to be necessary for the legitimate interests of running our Golf Club and without this data we could not run the Club efficiently nor maintain accurate records. This policy outlines everything pertaining to this data. It is then the individual’s choice as to whether they wish to join/remain a Member of the Club.
How long do we keep your data for, and why?
When a person leaves Northampton Golf Club they are resigned from our Membership system immediately and will cease to receive communication from us. Although categorised as being resigned we normally store their data in our system for a period of 6 years.
6 years being the period of time that you have to have ceased being a Member in order to take advantage of new Membership promotions. After this 6 year period, the data will be permanently deleted. This period of time also affords us the opportunity to pass handicap information on to another Golf Club should an ex-Member join somewhere else.
Visitor’s data is kept for the minimum time required. Normally this is no longer than 1 year from their date of visit. Once our accounting systems have been updated with the relevant financial information we then delete their personal data.
We store the names of Member’s Guests for 1 year to ensure the rules of the Club are being observed regarding the frequency of visits.
Northampton Golf Club has a CCTV system installed which produces clear images for law enforcement bodies to use in the need when investigating crime. Cameras are sited to provide clear images and these can be taken from the system when required.
Monitors are sited in a position that provide staff with the ability to observe whilst restricting as far as is practical the ability of the public to see them. Visible signs showing that CCTV is in operation are placed around the Premises. A limited number of authorised persons can access the recorded images from the CCTV system, which are securely stored. The recorded images are held for 28 days and with the exception of law enforcement bodies and images will not be provided to third parties.
Who do you complain to if you have any issues concerning your data?
Initially if you have any issues please speak to the Director of Golf and he will seek to resolve the problems. If this doesn’t provide a satisfactory outcome then you can complain to the Information Commissioners Office (ICO).
We believe this policy to be a true and accurate representation of our data collection and its subsequent uses. If you have any questions regarding its content or would like clarification on any aspects then please contact the Director of Golf.