Aberdour Golf Club
Privacy Notice – Members
On 25 May 2018 new legislation on Data Protection comes into force. The new legislation replaces the existing Data Protection Act of 1995. The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world.
What Personal Data do the Club hold; Why & Who has Access to it?
We have personal data on all members which is information provided to us on an application form when a member joins the Club and includes:
- Telephone Number/s
- E-Mail Address/s
- Date of Birth
- Date Joined Club
And for members electing to pay member subscriptions by direct debit
- Name & Address of Bank – held on a direct debit mandate form only
- Bank Account Holder’s name – held on a direct debit mandate form only
- Sort Code
- Account Number
This information is held on a database called Club V1, which is a cloud-based system, accessed via the internet by The Managing Secretary, the Accounts Assistant and approved Club Officials using passwords. The database is provided by Club Systems International.
The main user of the data is the Managing Secretary. The information is essential to manage your membership and for us to communicate with you. Reports are taken from the database from time to time and are used by the committee for analysis. Contact information is also provided to the Caterer and The Club Professional for communication purposes. For members who enter the club match play competitions phone numbers may be passed on to other members for the purpose of organising match ties.
Member cards which are issued to all members with a unique identification number are used in the card readers at the Front Door and the Locker Room Doors. The readers record entry and exit from the Clubhouse on a database which is provided by Progeny Access Control Systems.
All transactions at the Bar using the member card are held on the Club V1 database.
The main user of the information is The Managing Secretary. Bar transaction information is also given to the Caterer and the Committee/Council for analysis purposes.
Direct Debit Scheme
For members who pay fees by direct debit we hold bank account and sort code numbers as well as a record of monthly payments on Club V1. A monthly spreadsheet is created from the information on Club V1 and is uploaded to The Clydesdale Bank, through their on-line banking portal, who then process payment. The information which uploaded to the Clydesdale Bank is member name, reference no, sort code, account number and monthly payment amount.
The information is password protected within the Club V1 Database and can only be accessed by the Managing Secretary. The information may be seen by The Finance Convenor, the Club’s Accounts Assistant and the Auditors.
For members who are paying fees through Premium Credit all banking information is held by Premium Credit not by The Club.
Handicap & Competition Information
Also held on the Club V1 database are competition and handicap records. All competition scores are recorded and this data is uploaded, when a competition closes, to a website called How Did I Do, which is a Club Systems International hosted website and allows members to access their own golf data.
Handicap data is also held on The Central Database of Handicaps (CDH) which is a Scottish Golf platform. For members with handicaps, data is automatically provided to the CDH by the Club’s handicapping software every time it synchronises to the CDH which is typically after the closure of a competition.
The main users of this information are the Match Secretary and the Match Committee. It is used to allocate and manage handicaps and run club competitions. The information may be passed onto Scottish Golf, How Did I Do, and to other golf clubs in the case of a member transferring membership or playing in a competition elsewhere.
All bank details (standing order forms) are held in a file in a locked cupboard in the Office. They are not electronically stored.
We have a number of CCTV cameras around the Clubhouse which are used for security and protection purposes and they record the movement of people and vehicles in certain areas. The images are screened live to a monitor behind the bar and can only be played back by The Managing Secretary in the Office. CCTV images may be viewed and used by the Police in the event of a reportable incident.
Tee Booking & On-Line Payments
The Tee Booking System, which is an internet based system, holds personal data populated from Club V1. Members have access to this data through their account and can edit it themselves. Records of tee bookings are held on this database (both competition and casual tee booking). These can either be tees you have booked yourself or tees someone else has booked on your behalf. The database is provided by a Company called BRS Golf.
The main users of this system are The Professional and his staff for managing the tee and taking green fee payments, The Managing Secretary and the Accounts Assistant, The Match Secretary and the Match Committee for competition bookings and The Caterer who needs to know what catering is required against visitor bookings. Reports on course utilisation and patterns of play are also made available to the Council. BRS Golf has access to the system and may access the data in the event of technical support problems.
On-line payments for tee booking including Open Competitions are made through our website www.aberdourgolfclub.co.uk using Sage Pay linked to BRS and we do not have any access to payment details such as card number, expiry date or security number. This data is held by Sage Pay and not us.
Our IT support company Managed IT Experts may also access all the systems to resolve technical issues with our hardware.
Is the Data Held Securely?
Information is held on different systems electronically and in paper form. Access on any system is always restricted to those who require that specific information to undertake a specific function and is password protected. All paper records are held securely with in the Office, in locked files with access restricted to authorised persons only.
How long will Personal Data be held by The Club?
We will hold personal data for all current members and we will continue to hold that personal data when a member leaves the Club for as long as we need to carry out relevant and accurate trend analysis but for no longer than 5 years unless retention is necessary for legal purposes.
What are your Data Protection Rights?
The new data protection regulations set down your rights with regards to the Club holding your personal data. Specifically your rights to
- Be informed regarding what data is being held and why
- To have access to the data being held to verify accuracy
- To be able to rectify any errors in that data
- To request erasure of the data being held
The regulations also include other rights for individuals in terms of direct marketing, data portability and automated decision making. Other than providing you with information in respect of club events and services, including Catering and the Professional Shop, these uses of data are not undertaken by the Club in respect of your personal data.
Who do you contact for more Information?
The Club has not appointed a Data Protection Officer to maintain an ongoing review of Club Policies and Practices in this area although The Club Council will formally review data protection practices regularly and at least annually.
You can find more information about these new regulations from The Information Commissioners Office at www.ico.org.uk.