Welcome to www.muirfield.org.uk, the Website.
The Honourable Company of Edinburgh Golfers (we/our/us) understand that privacy is very important to you, the user, and we are committed to protecting and respecting your privacy.
This policy, together with our Rules of Website Use and any other documents referred to in it, sets out the type of personal data we may collect and hold about you, how we use it, where and how long we store it, the conditions under which we may disclose it to others, your rights in relation to your personal data and who to contact if you have any concerns.
Personal data means any information relating to an identified or identifiable natural person. In practice, this means personal information we hold about our members and users of our Website.
Under applicable data protection and privacy laws, we are the “controller” of the personal data we collect, use and/or store about you when you access or visit the Website.
1 Who we are
We are The Honourable Company of Edinburgh Golfers, an unincorporated association (located at Duncur Road, Muirfield, Gullane, East Lothian, Scotland), acting through The Honourable Company of Edinburgh Golfers (Management) Limited, (registered in Scotland with company number SC317067 and having its registered offices at Fourth Floor, Saltire Court, 20 Castle Terrace, Edinburgh EH1 2EN) acting in its capacity as the “Committee” for the Club (as described in the Club’s rules of association). We operate and manage this Website.
You can contact us about how we handle your personal data under the “contact details” in clause 12 of this policy.
2 Categories of personal information we may collect from you
When you contact us by telephone or visit our Website, we may collect and process certain kinds of information about you, for example to provide a service or carry out a transaction such as to make a booking online, by email or by phone. The personal information we may collect or process about you when you access our Website may include the following types of personal data:
- a) Identity data such as your name, title, company, email address, telephone number and physical address and/or any other information you provide us on registration as a member or visitor, or when you make a booking with us;
- b) Website registration data such as user names and passwords you use to access this Website;
- c) Communications data including information about the status of Member subscriptions and records of any general online query or correspondence you have with us;
- d) Event registration information including information you provide when completing e-registration forms; and
- e) Technical data such as your Internet Protocol (IP) address, your browser type, capabilities and language, and details of your visits to our Website including, for example, the length of time you spend browsing certain pages of our Website.
All information that we collect about you will be kept confidential with the following exceptions:
- information stored in the Members’ Area will be available for other members to use in accordance with the Acceptable Use Policy. You can withdraw your consent to this use of your information at any time by contacting us;
- in order to enforce or apply any of the terms of our Rules of Website Use;
- if disclosure is required or permitted by law; or
- where such disclosure is necessary for our legitimate interests, for example if we sell or buy any business or assets, in which case we may disclose your personal data to the purchaser.
3 Why we collect and how we use your personal information
Under data protection law we can only use your personal information if we have a lawful reason for doing so, for example where the processing is necessary to perform a contract or services provided to you, to comply with our legal obligations, to fulfil a legitimate business interest pursued by us, or where you have consented to such processing.
We collect and process your personal data to enable us to communicate with and deliver services to you, and in order to help us to better understand the needs and interests of our members and visitors to the Website. In addition, we will process your personal information to provide club services to members including:
- to provide you with information relating to the club or associated events;
- to identify you in an online list of members in the Members’ Area available to other members of the club;
- to tailor the functionality/presentation of the Website and to make improvements to the Website;
- to monitor use, including number of visits to our Website and locational data; and
- to administer and protect our business and Website, including to identify and block disruptive use.
In no circumstances will your personal information be used by us or shared with others for direct or indirect marketing purposes.
4 Where we store your personal information, how we protect it and how long we store it
We will store the data that we collect about you on our secure servers located exclusively within the United Kingdom. Access to such servers is restricted to a limited number of authorised users.
We take steps to ensure your personal information is treated confidentially and held securely by applying appropriate technical and organisational security measures to ensure an appropriate level of security, having regard to the risks that are presented by such processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to your personal data transmitted, stored, or otherwise processed. However, while we cannot guarantee secure transmission of your information to our Website due to the nature of the internet, once we are in receipt of it we use strict procedures and security features to try to prevent unauthorised access. Where your information is stored electronically, we take steps to ensure it is accessed only by those who need it to administer this Website or to fulfil the purposes.
The length of time we store your personal data varies depending on the purpose for the processing. For example, due to the historic and public interest in our organisation and our members, details of our former members are stored and archived indefinitely with the National Library of Scotland. In contrast, we do not retain any personal data we collect in connection with online bookings for more than 12 months after the booking (unless we are legally required to do so, such as in connection with an incident or claim). We also delete member’s contact details from our Website in the following circumstances: (i) when a member has not accessed or engaged in any activity on the Website for more than three (3) years; and (ii) when an individual ceases to be a member of the Club (whether through death, cancellation of membership or otherwise). In such instances we only retain the member’s name and membership start and finish dates.
We review our retention periods for personal information on a regular basis, and are legally required to hold some types of data to fulfil our legal obligations. In all instances, we hold your personal data on our systems only for as long as necessary for the relevant activity or purpose for which it is processed.
5 Disclosure of your personal data to others
We may share your personal data with selected third parties in accordance with applicable law including:
1) Third Party Service Providers and/or Processors working on our behalf: Our third party service providers, agents, subcontractors and other associated organisations may require access to your information to provide services on our behalf, such as hosting our Website, processing transactions or performing analysis to improve the quality of our business, Website, services and/or products. When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we ensure appropriate safeguards are in place that requires them to keep your information secure and confidential, in accordance with data protection laws, and not to use it for their own purposes. Please be reassured that we will not release your information to third parties beyond our approved suppliers, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
2) Law Enforcement/Regulatory Bodies: We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
3) Other Parties: We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
We will notify you if we intend to share your personal information with any other third party.
6 Members Area
8 Links to other websites
9 Your rights
Under data protection laws, you have the following rights, which you can exercise free of charge.
The accuracy of your information is important to us. You have the right to require us to correct any mistakes in your personal information we hold. If any of the information we hold about you is inaccurate or out of date, please let us know.
You have the right to ask for a copy of the information We hold about you.
You have the right to require us to delete your personal information, in certain situations.
You have the right to receive a copy of all personal information we hold about you in a structured, commonly used data and machine readable format and/or transmit that data to a third party. We will provide this upon request.
Where applicable, you have the right to object at any time to our processing of your personal information for direct marketing (including profiling). You can change your marketing preferences at any time. If you do not want to receive direct marketing communications from us please follow the unsubscribe link on our communications or contact us.
You have the right to not be subject to decisions made automatically based on your personal information (including profiling). We do not make any automated decisions based on information we hold about you.
You have the right to request we restrict the processing of your personal information for certain purposes only (e.g. if you contest the accuracy of the data).
For further information on each of those rights, including the circumstances in which they apply, please contact us.
If you think we have not handled your personal information correctly, you have the right to lodge a complaint with the Information Commissioner’s Office who act as the Supervisory Authority for enforcement of relevant data protection legislation in the UK. More information about how to make a complaint can be found at: https://ico.org.uk/concerns/
You have the right to expect us to carry out any request with respect to any your rights under data protection laws within 30 days where the request is not manifestly unfounded or excessive.
11 Governing Law and Jurisdiction
Any member wishing to have their personal data restricted or removed from the website, please contact Lindsay King at firstname.lastname@example.org
Thank you for visiting our Website.