Template for Privacy Policy

This privacy policy template is designed for golf professionals and other service providers that are using Birdietime system with their customers. Please note that the template is of general nature and depending you your individual situation, you may need to amend the policy.

Updated May 23, 2018.

PRIVACY POLICY

Register Keeper

PGA Professional (business or personal ID)

Address Phone number, e-mail and other addresses

Contact person (if the pro is a business)

Name of the register

Client register of golf lessons’ and events’ participants.

The purpose and legal grounds to handle personal data

The personal data will be handled to execute the agreement between the Register Keeper and the registered person and, if applicable, to enable orders, registrations, contacts, transactions, marketing, reporting and other actions regarding the customership.

The purchase and transaction information as well as the location information in the register may also be used for profiling and marketing, and to target client communications to be interesting particularly to the registered person. The personal data will also be used to sending a newsletter.

If the registered person will not deliver the data needed for registration to a lesson or an event, the Register Keeper cannot accept the registration or commit to the agreement on participation between the Register Keeper and the participant.

Retention of personal data

The personal data will be stored as long as it is necessary to enable the registration and participation to the lessons or the events. The data will be removed after this retention period has passed.

Group of registered persons, data content and personal data groups

Group of registered persons, whose data may be processed, are the participants to the lessons or the events arranged by the Register Keeper, or the persons having given a marketing consent.

The data that may be processed in the register, are, among others, the fore- and surname of the participant, contact details and other necessary data regarding the lesson or the event. The participant data submitted by the registered person may include, among others, e-mail, phone number, address, date of birth, gender or dietary restrictions. The data on age and gender are necessary for example in choosing appropriate golf clubs.

Regular sources of data

The information given by the registered person and the information in the customer database and the billing service.

Regular transfer of data

The registered data may be distributed within the Register Keeper’s organisation and among the lesson or event stakeholders. The data will not be transferred outside the EU or the EEA, unless the Register Keeper’s domicile is outside the EU or the EEA.

Register protection principles

The data is kept protected by technical means. The physical access to the data has been prevented by access control and other safety measures. Access to data requires adequate admin rights and authentication in multiple stages. Only the Register Keeper or the technical staff particularly nominated by the Register Keeper have access to the data. Only the nominated persons have the right to process and maintain the register data. The users are bound by confidentiality. The registered data are backed up safely and they can be recovered if needed. The level of data protection is regularly audited by an external or internal auditor.

Registered person’s rights

Registered person has, among other rights, a right to:

To get access from the Register Keeper to the information regarding him- or herself and a right to ask the Register Keeper to correct the said data, remove it, restrict the processing of it or oppose the processing or the right to transfer the data from one system to another.

  • To check and correct, if necessary, the data on him- or herself in the register. The request needs to be made in writing. An email is considered to be in writing.The registered person is only entitled to request changes in the data that has been recorded erroneously in the register.
  • If the processing of personal data is based on the registered person’s consent, the registered person has a right to cancel the consent at any time. The cancellation will not affect the legality of the data processing that has been conducted before the cancellation.
  • To make a complaint of processing the personal data to the national supervisory authority in charge of data protection issues.