This privacy and data policy (Privacy Policy) applies to East of Scotland Tennis LTA.
If you have any questions or comments about this Privacy Policy, please contact us:
by e-mail: board@eastofscotlandtennis.uk
We are committed to protecting and respecting your privacy. This Privacy Policy explains the basis on which personal information we collect from you will be processed by us or on our behalf. We will comply with all applicable data protection laws, including the General Data Protection Regulation 2016/679 and the Data Protection Act 2018.
Please read this Privacy Policy carefully as it contains important information about the following:
1.1 what information we may collect about you;
1.2 how we will use information we collect about you;
1.3 whether we will disclose your details to anyone else; and
1.4 your choices and rights regarding the personal information you have provided to us.
Where the venue/coach holds and determines the purpose and means for the personal data (and we do not decide these), they are the “data controller” and we are the “data processor”. In these instances, the privacy policy of the venue/coach should be read alongside this privacy policy.
Please note that the Services may contain hyperlinks to services owned and operated by third parties (e.g. venue or coaches). These third party services may have their own privacy policies and we recommend that you review them. They will govern the use of personal information that you submit or which is collected by cookies and other tracking technologies whilst using these services. We do not accept any responsibility or liability for the privacy practices of such third party services and your use of these is at your own risk.
To provide our Services to you, we sometimes ask to collect and process the following information which may include your personal data. “Personal data” or “personal information” means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect the following information from you:
(“Third Party Log In Information”)
When you access the Services via a third party social media provider such as Facebook, Google, Microsoft or a sports governing body, we may collect and store personal and non-personal information which is available on that third party social media provider, such as your name, its URL, your User ID, email address and gender information. We will also receive technical data in order to ensure the Services connect to the correct third-party account.
We may collect personal information about users of the platform in a number of different ways.
2.1 Directly from you – for example, through the booking of a resource (court, table, pitch), booking of a course or session (coaching,runs), purchasing or renewing membership or booking an activity at an event.
2.2 From someone else acting on your behalf – for example, where a parent or guardian has purchased a membership or course for a child. On occasion a venue/coach may upload your personal information directly, i.e. when first setting up a venue on ClubSpark.
The main purpose of processing personal information during the provision of the Service is to:
Where we decide the purpose or means for the processing of the personal data that you provide when using the Services, we are the “data controller” for the purposes of Data Protection law. We have provided further detail on our lawful reason for processing your personal information below.
Performance of a contract. To perform the services, you have requested under the terms of our services agreed between us and other relevant agreements which you enter into from time to time.
Pursuit of legitimate interests. In some cases, we may use your personal information to pursue legitimate interests of our own including commercial interests and those with a wider public benefit. In essence, our principal legitimate interest is in pursuing our mission of enabling more people to be active through the use of technology. For example, we need to process personal data in pursuit of our legitimate interests to:
In all instances we will ensure your interests and fundamental rights do not override those interests.
Consent. Sportlabs may also process your personal data on the basis of consent you give, for example to send you certain direct marketing communications.
Compliance with our legal obligations. In some cases, Sportlabs needs to process your personal data in order to comply with its legal obligations. For example, we need to process personal data in order to comply with health and safety legislation, link to suppliers for Disclosure and Barring Services (criminal records) to obtain checks on coaches and volunteer roles (where lawful) for safeguarding purposes, report certain tax information about our financial arrangements with third parties to HM Revenue & Customs and assist with investigations by police and/or other competent authorities.
Our Services do not knowingly solicit information from or market to children under the age of 13 unless we have express parental/guardian consent. Our terms of use prohibit users aged under 13 years from accessing our Services except on behalf of a parent/guardian. In the event that we learn that we have collected personal information from a child under 13 years of age without this consent we will delete that information as quickly as possible.
“Special categories” of sensitive personal data, such as medical information, requires higher levels of protection and further justification for collecting, storing and using this type of personal information.
The provision of medical information is optional, and we only process this personal information where it is required by a venue /coach to improve your user experience of the course, session or programme provided.
Personal information collected and processed by Sportlabs may be shared with the following recipients, or categories of recipients, where necessary:
we may disclose it to any member of our group (which means our subsidiaries), our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Privacy Policy;
Information may be sent to your computer in the form of an Internet “cookie” to allow the Sportlabs servers to monitor your requirements. The cookie is stored on your computer. The Sportlabs server may request that your computer return a cookie to it. These return cookies do not contain any information supplied by you or any personally identifiable information about you.
Such measures are necessary to allow the Sportlabs to measure the usability of the systems, which will help in its continuing development to ensure that we understand the requirements of our users. Your browser software should however enable you to block cookies if you wish to. For more information about cookies, please visit www.allaboutcookies.org.
We will only retain your personal information for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting or reporting requirements.
Where we are the data controller, to determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements. In some circumstances, we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
You have the following rights over the way we process personal data relating to you. We aim to comply without undue delay. Where the venue/coach holds and determines the purpose and means for the personal data (and we do not decide these), they are the “data controller” and we are the “data processor”. In these instances, we may forward your request to the relevant controller.
To make a request, please let us know by contacting our Data Protection Officer with the details below.
Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information and to check that we are lawfully processing it.
Request correction of the personal information. This enables you to have any incomplete or inaccurate information we hold about you corrected. It is important that the personal information we hold about you is accurate and current. Please update your personal records for any changes on a timely basis.
Object to the processing data about you. You can request the restriction, termination of processing or deletion of your personal data if:
Obtain a machine readable copy of your personal data, which you can use with another service provider. Where it is technically feasible, you can ask us to send this information directly to another IT system provider if you prefer.
We will take all reasonable technical and organisational precautions to prevent the loss misuse or alteration of your personal information.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Please be aware that, although we endeavour to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
Our information is generally stored within the EEA on secure databases.
Where we transfer your information outside of the EEA, normally because our clients are based outside of the EEA (for example, because your personal data is stored on an IT system hosted outside of the EEA), we ensure that any such transfer meets our legal requirements. You can obtain more details of the protection given to your personal data when it is transferred outside the EEA by contacting us using the details below
We have appointed a Data Protection Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the Data Protection Officer:
by e-mail: board@eastofscotlandtennis.uk
by post: Floor 2, 41-47 Hartfield Road, Wimbledon, SW19 3RQ
If you are unhappy with the way we are processing your personal data, please let us know by contacting us.
If you do not agree with the way we have processed your data or responded to your concerns, an alternative is to submit a complaint to a Data Protection Supervisory Authority: www.ico.org.uk
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.
If you have any questions about data protection or this privacy notice, please contact us.