Privacy Policy

Privacy Policy

The Dunnerholme Golf Club Privacy Policy

  1. Your personal data – what is it?

“Personal data” is any information about a living individual which allows them to be identified from that data (for example a name, photographs, videos, email address or address). Identification can be by the personal data or in conjunction with any other personal data. The processing of personal data is governed by legislation relating to personal data which applies in the United Kingdom including the General Data Protection Regulation (the “GDPR” and other local legislation relating to personal data and rights such as the Human Rights Act.

2. Club information

This Privacy Policy is provided to you by The Dunnerholme Golf Club which is the data controller of your data.

3. The Club works with other data controllers.

Namely:

  • Local authorities,
  • Public authorities,
  • Central government and agencies such as HMRC.
  • Community groups.
  • Contractors
  • Other not for profit entities.

4. Collection of data.

The following officials of the Club collect the data:

  • The Club Secretaries also known as Club Officials
  • The Club Treasurer
  • The Club Games Secretaries
  • The Club Membership Secretaries

5. The data collected.

  • Names, titles and aliases, photographs
  • Contact details such as telephone numbers, addresses, email addresses.
  • Where they are relevant to the Club, or where you provide them to us, we may process demographic information such as gender, age, marital status, nationality, education/work history, academic/professional qualifications, hobbies, family composition and dependants.
  • The data we process may include sensitive personal data or other special categories of data such as racial or ethnic origin, mental and physical health, details of injuries, medication/treatment received, political beliefs, trade union affiliation.
  • Publicly accessible sources
  • Telephone both voice and text.
  • Website data-
  • Information from synching with other software or services
  • Interaction with social media
  • Information about payments
  • Access to social media profiles
  • Demographic information
  • Device information (nature of device and /or identifiers)
  • Log information (including IP address)
  • Location information
  • Device sensor information
  • Site visited before arriving
  • Browser type and or OS
  • Referral or recommendation programmes

6. Storage of personal data
All personal data is stored in the following ways:

  • On the Club’s computer in the Club Office – password protected
  • In the filing cabinet in the Club Office – locked – key held by Club Secretaries.
  • In the “Cloud” – password protected
  • In the safe in the Club Office – locked – key held by Club Secretaries
    Only the Club Officials i.e. Secretaries, Treasurer, Membership Secretary and Games Secretary have access to the personal data held in the above formats.
    Club Officials working from home use password protected software to access the Club’s records.

7. How sensitive personal data is used.
We may process sensitive personal data including as appropriate:

  • Information about your physical or mental health or condition in order to monitor sick leave and take decisions on your fitness to work.
  • Your racial or ethnic origin or religious or similar information in order to monitor compliance with equal opportunities legislation.
  • In order to comply with legal requirements and obligations to third parties.
    We may process special categories of personal data in the following circumstances:
  • In limited circumstances with your explicit written consent
  • Where we need to carry out our legal obligations
  • Where it is needed in the public interest
  • Where it is needed in the interests of the Club
    Less commonly, we may process this type of personal data where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.
    In limited circumstances, we may approach you for your written consent to allow us to process certain sensitive personal data. If we do so, we will provide you with full details of the personal data that we would like and the reasons we need it, so that you can carefully consider whether you wish to consent.

8. The Club will comply with data protection law. This says the personal data we hold about you must be:

  • Used lawfully, fairly and in a transparent way.
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  • Relevant to the purposes we have told you about and limited only to those purposes.
  • Accurate and kept up to date.
  • Kept only as long as necessary for the purpose we have told you about.
  • Kept and destroyed securely including that appropriate technical and security measures are in place to protect your personal data from loss. Misuse, unauthorised access and disclosure.
    9. Your personal data may be used for some or all of the following purposes:
  • To deliver public services including to understand your needs to provide the services that you request and to understand what we can do for you and inform the other relevant services.
  • To confirm your identity to provide some services.
  • To contact you by post, email, telephone or using social media (e.g. Facebook, Twitter, WhatsApp).
  • To help us build a picture about how we are performing.
  • To prevent and detect fraud and corruption in the use of Club funds and assets.
  • To enable us to meet all legal and statutory obligations and powers including any delegated functions.
  • To carry out comprehensive safeguarding procedures (including due diligence and complaints handling) in accordance with best safeguarding practice from time to time with the aim of ensuring that children and adults-at-risk are provided with safe environments and generally as necessary to protect individuals from harm or injury.
  • To promote the interests of the Club
  • To maintain our own accounts and records
  • To seek your views and comments
  • To notify you of changes to our facilities, services, events and staff
  • To send you communication which you have requested that may be of interest to you. These may include information about campaigns, appeals, other new projects or initiatives
  • To process relevant financial transactions including grants and payments for goods and services supplied by the Club.

10. The legal basis for processing your data
The Club as a Members’ Club has certain powers and duties. Most of your personal data is processed for compliance with a legal obligation which includes the discharge of the Club’s statutory functions and powers. We will always take into account your interests and rights. This Privacy Policy sets out your rights and the Club’s responsibilities.
Sometimes the use of your personal data requires your consent. We will first obtain your consent before that use.

11. Sharing your personal data
The Club will implement appropriate security measures to protect your personal data. This section of the Privacy Policy provides information about the third parties with whom the Club will share your personal data. These third parties also have an obligation to put in place appropriate security measures and will be responsible to you directly for the manner in which they process and protect your personal data. It is likely that we will need to share your data with some or all of the following (but only where necessary).

  • Our agents, suppliers and contractors. For example we may ask a commercial provider to publish or distribute news letters on our behalf, or to maintain our database software
  • On occasion, other local clubs or other authorities or not for profit bodies with which we are carrying out joint ventures e.g. in relation to facilities or events in the community.

12. Keeping your personal data.
We will keep some records permanently if we are legally required to do so. We may keep some other records for an extended period of time. For example, it is current best practice to keep financial records for a minimum period of eight years to support HMRC audits and provide tax information. The Club is permitted to retain data in order to defend or pursue claims. In some cases the law imposes a time limit for such claims (for example three years for personal injury claims or six years for contract claims). We will retain some personal data for this purpose as long as we believe it is necessary to be able to defend or pursue a claim. In general we will endeavour to keep data only for as long as we need it. This means that we will delete it when it is no longer needed.

13. Your rights and your personal data.
You have the following rights with respect to your personal data:
(When exercising any of the rights below, in order to process your request, we may need to verify your identity for your security. In such cases we will need you to respond with proof of your identity before you can exercise these rights.)

  • The right to access personal data we hold on you
  • The right to correct and update the personal data we hold on you.
  • The right to have your personal data erased
  • The right to object to processing of your personal data or to restrict it to certain purposes only.
  • The right to data portability
  • The right to withdraw your consent to the processing at any time for any processing of data to which consent was obtained
  • The right to lodge a complaint with the Information Commissioner’s Office.

You can contact the Information Commissioner’s Office on 0303 123 1113 or via email https:ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

14. Transfer of data abroad
Any personal data transferred to countries or territories outside the European Economic Area (EEA) will only be placed on systems complying with measurs giving equivalent protection of personal rights either through international agreements or contracts approved by the European Union.(Our website is also accessible from overseas so on occasion some personal data (for example in a news letter) may be accessed from overseas.

15. Further processing
If we wish to use your personal data for a new purpose not covered by this Privacy Policy then we will provide you with a Privacy Notice explaining this new use prior to commencing the process and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

16. Changes to this policy

We keep this Privacy Policy under regular review and will be approved by Members at the Annual Meeting held each year in March. A copy is available at all times within the Club House and on the Club’s website www.https://atantalus.com/dunnerholme/

17. This policy was last updated in June 2018.

18. Contact details

Please contact the Club Officials if you have any questions about this Privacy Policy or the personal data we hold about you or to exercise all relevant rights, queries or complaints at:
The Dunnerholme Golf Club Limited.
Duddon Road,
Askam-in-Furness,
Cumbria. LA16 7AW.

Tel: 01229 462 675

dunnerholme.co.uk

email: admin@dunnerholme.co.uk

Company Registered Number 12372361