Privacy Policy

Introduction

Thegolfrulessamaritan.golf (“TGRS”) is committed to safeguarding an individual’s personal and sensitive personal data and is bound to comply with the UK Data Protection Act 2018 (“DPA”) and EU General Data Protection Regulation (“GDPR”), along with similar and applicable laws in other countries around the world. This Privacy Policy forms part of TGRS’s obligation to be fair and transparent with all individuals whose personal and sensitive personal data it processes, whilst visiting the TGRS website, and to provide details around how it processes such data.

Who we are?

TGRS provides a membership website and forum platform to golf enthusiasts who wish to become more knowledgeable in the rules of golf. The platform includes education and training material and quizzes which can be accessed via a subscription.

For the purposes of data protection laws, TGRS is a Data Controller in relation to the personal data that TGRS collects and holds about you. This means that we are responsible for ensuring that your data is processed fairly and lawfully by us.

TGRS will comply with relevant data protection laws. Such laws require that the personal information we hold about you must be:

  • Used lawfully, fairly and in a transparent way;
  • Collected only for valid purposes that we have clearly explained to you;
  • Relevant to the purposes we have told you about and limited only to those purposes;
  • Accurate and kept up to date;
  • Kept only as long as necessary for the purposes we have told you about; and
  • Kept securely.

What personal data do we process?

We process the personal data of web visitors, each time they visit our website, and registered users to access gated content, notably:

  • Technical information about your computer such as domain name, browser type and version, operating system and platform, IP address, cookie information and time zone setting; and
  • Information about your visit including the full Uniform Resource Locators (URL) clickstream to, through and from the Site (including date and time), what web pages you visit on the Site, how long you spend on each page, page interaction information, location data, and weblogs.
  • We also process the following kinds of personal data if you provide it to us via our website:
    • Your name, email address, address and payment information )if you subscribe to the service title).
    • Answers and results for any quizzes that you participate in.
    • Any personal information that you include in a forum post you submit (including photos and other media).

Why do we process your personal data?

We use your personal data for the following purposes: –

  • To alert you of new content that is posted on the TGRS website, dependingon your previously selected preferences.
  • To process and respond to requests, enquiries and complaints received by you, in accordance with our legitimate interests to provide you with a responsive service.
  • To provide services, requested by you, which may be required to fulfill a membership / subscription obligation.
  • To maintain accurate personal data records and for audit purposes.
  • To prevent or detect fraud.
  • To comply with requests from law enforcement and regulatory authorities.
  • To analyse trends and profiles with the aim of improving or personalising our services and communications for the benefit of our member.
  • To carry out member satisfaction research with the aim of improving or personalising our services and communications for the benefit of our members.
  • To enable third parties, if required, to support us in operating our business.

If you cannot provide personal data

  • In some instances, we need to collect your data in order to provide you with our training and educational content. If you do not provide your data then we would be unable to provide you with this content.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if the visitor had visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Members of the website can download and extract any location data from images on the website.

Lawful basis

TGRS operates under a number of lawful bases as required under the data protection laws. These include:

  • Consent
  • Legitimate interests
  • Performance of a contract
  • Compliance with a legal obligation

We have provided below, examples of some data processing activities that we carry out, along with the respective lawful bases being relied upon.

Purpose of processingTypes of personal dataLawful basis relied upon
Sending marketing and information emailsName, email address, email notification preferencesLegitimate interests and Consent
Providing educational quizzesName, email address, question answers and quiz resultsConsent

Who do we share your data with?

We only disclose your personal data in ways set out in this Privacy Notice or subject to any contractual agreements that are in place with us. The following circumstances may apply:

  • Fraser Nicol as the sole proprietor of thegolfrulessamaritan.golf and selected individuals who help him manage the site.
  • We may share personal data with third parties who provide us with support services. Such providers assist us with administering or troubleshooting our website; assist us with our communications or provide us with electronic or physical storage services.
  • We may disclose your personal data with law enforcement agencies or our professional advisors if we are under a duty to do so.

We do not sell, rent or trade any of your personal data.

Data retention

We hold your personal data for as long as necessary in line with any legislative, regulatory or business need/best practice.

We have provided below, examples of the data retention periods applied for different types of personal data.

Type of Personal DataRetention periodJustification
Membership subscriptionsFor duration of subscription and 6 months after cancellationSupply of service
Results of quizzesFor duration of subscription and 6 months after cancellationSupply of service
Forum postsIndefinitelyMaintain Threads
Invoices for subscription payments7 yearsAccounting best practice
Data Subject Access Requests12 months from last actionBusiness need / best practice

As stated below, you have the right to request we erase your data, where we do not have any overriding legal, regulatory or contractual obligations.

How do we protect your data?

We aim to ensure that your personal data is secure. In order to prevent unauthorised access, loss, misuse or alteration, we have put in place appropriate physical, technical and organisational measures to safeguard and secure the personal data we collect. Our service providers are required to do the same. They will only process your personal data on our instructions and they are subject to a duty of confidentiality and oversight.

In addition, we limit access to your personal data on a least privilege, need to know basis. We also carry out ongoing security monitoring of the service to ensure that your personal data is protected.

Any personal data sent to us, either in writing or email, may be insecure in transit and we cannot guarantee its delivery.

International data transfers

Personal data that we collect is only stored in the UK and the USA.  Where data is stored outside the UK, we ensure that there are adequate security controls in place, such as contractual arrangements, to ensure it is processed appropriately.

Your legal rights

TGRS tries to be as open as it can be in terms of giving people access to their personal information and we have outlined your rights below.

You have the right to ask us:

  • whether we are processing your personal information and the purposes it is processed for (the right to be informed) – this is delivered through ‘fair processing information’ such as this Privacy Notice;
  • for a copy of the personal information that we hold about you (the right of access);
  • to update or correct your personal information (the right to rectification);
  • to delete your information (the right to erasure); and
  • to restrict processing of your personal information where appropriate (the right to restrict processing).

In certain circumstances you also have the right to:

  • object to the processing of your personal information (the right to object);
  • object to automated decision making and profiling (the right not to be subject to automated decision-making including profiling); and
  • request that information about you is provided to a third party in a commonly used, machine readable form (the right to data portability).

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable admin fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex. In such instances, we will notify you and keep you updated.

How to manage your notification consents

You may give and withdraw consent to the receipt of marketing and notification information and tell us your communication preferences at any time. If you wish to change your preferences regarding the receipt of marketing or other communications from us please update your notification options on the website or contact fraz@thegolfrulessamaritan.golf

Updates to this Policy

In order to remain compliant with any legal and regulatory obligations, or as part of our evolving business practices, we may update this Privacy Notice from time to time by publishing a new version. In certain instances, we may notify you.

Data Protection Registration

We are registered as a data controller with the UK Information Commissioner’s Office and our data protection registration number is: ZB913539.

How to contact us

You can contact us as follows:

Email:                                       fraz@thegolfrulessamaritan.golf or info@thegolfrulessamaritan.golf

Web:                                        www.thegolfrulessamaritan.golf

In Writing:                            

The Golf Rules Samaritan, 31 Phoenix Drive, Wateringbury, Kent, ME18 5DR, United Kingdom

Making a complaint

If you feel your rights have not been respected, or do not feel a situation was resolved satisfactorily, you have the right to raise a complaint to the UK Information Commissioner.

You can contact them as follows:

Web:                                        https://ico.org.uk/make-a-complaint/

Telephone:                               +44 (0)303 123 1113

Live Chat:                                https://ico.org.uk/global/contactus/live-chat

In Writing:

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom