Craigie Hill Golf Club - New Privacy Policy

Updated 25th May 2018

1.0        Your Privacy

Craigie Hill Golf Club (1982) Ltd – “the Club” are committed to protecting and respecting your privacy.

This document (the “Privacy Policy”) explains our policy regarding any information you might supply to us when you visit our website or that you provide to the Club via another route.  Our goal is to protect your information.

This Website contains links to other websites, which are provided for your convenience.  We are only responsible for the privacy practices and security of this Website.  We recommend that you check the privacy and security policies and procedures of each and every other website that you visit.

Our website uses cookies. By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.

The ‘Data Controller’ for the purposes of the EU General Data Protection Regulation 2018 (GDPR) of any personal information that you provide to us through the Website will be Craigie Hill Golf Club.

Where you provide personal information via another route to the Club, the Data Controller of such information will be the company to whom you provide it.

2.0        What personal data does the Club hold for you and why?

In managing the Club, the Board holds personal data for you, and acts as the "data controller" (a legal term defined under the EU legislation) in respect of that personal data.  The Board considers that it has a legitimate interest in holding your personal data to ensure that the correct subscriptions are received under the payment process agreed with you, to facilitate Club communications with you, and to enable members to contact each other directly to participate in Club competitions.  This data includes your name, address, phone number, email address, ("contact information"), your gender, date of birth, date of joining the Club, and your banking details (where applicable).

Additional information may be held in specific circumstances.  For example, applications made under Child Protection Disclosure from volunteers helping with junior members or events are held for legal reasons; or in the unfortunate event of an accident on the course, medical information may be requested.  This may result in the Board holding sensitive personal information about you, and in these circumstances we will seek your consent to gather and retain this information, at the time it is required.

The club may also utilise site visitation tracking (e.g. Google Analytics) to improve services provided.

2.1        Policy For Children

We realise and understand that many children will visit the Website, or interact with the Club via another route, but encourage all persons under 13 to consult with their parents or legal guardian before submitting any content or information to the Club.  Parents or legal guardians should, in particular, supervise children when online and recommend that parental control tools be put in place.  Although anyone known to be under the age of 13 may participate in competitions and promotions (where appropriate), notification of a win or prize will be sent directly to the parent or legal guardian identified in the initial registration process.  Any publication of a competition winner’s personal details for visitors known to be under 18 will require parental or legal guardian consent during registration.


3.0        Who has access to your personal data?

Your personal data records are held and maintained for our Club by the Admin Team. In most circumstances, only authorised Club staff, Club officials, or the Club's legal and professional advisers, have access to this information.  The exception to the above is in respect of approved 3rd party recipients who are suppliers of various services to the Club.

  • Open Solutions International (our Management Database & POS suppliers)
  • Handicap Master Ltd (via Master Scoreboard – our Handicap System supplier)
  • BedfordBeck Ltd (our Tee Booking System and Website supplier)
  • Mailchimp (our email marketing supplier)

These 3rd Party Recipients have authorised access into the system, to help manage these sub-contracted Club services and are defined as “processors” under GDPR.

The Club will not pass your personal information onto any other 3rd party, without your consent. 

4.0        Is the data held securely?

Information is held on a number of different systems, and access on any system is always restricted to those who require that specific information to undertake a specific function.  Any paper records, eg. Club membership application forms, are held in a locked cupboard, and key access restricted to authorised officials.

Membership personal data is not currently held, or accessed, from any locations outside the European Economic Area.  Any change to this position will require Board consent, and prior to agreeing to this, we will ensure that any data transferred is subject to suitable protections in compliance with the EU regulations.

The Club Board has undertaken a review of our Club systems and processes, as they relate to members personal data and we have put in place procedures to ensure that the data is used for Club membership purposes only and have created review procedures in terms of assessing information security. 

5.0        How long will your personal data be held by the Club?

If you resign from the Club, your personal data records will normally be retained for up to 18 months, (until the approval of the Club Accounts which cover the accounting period inclusive of your final subscription payment). The records may be retained beyond this timescale in the event of legal actions (or potential legal actions) against the Club, or if a court order is received requiring the Club to retain a members data, or in the event that the member has outstanding subscriptions when leaving.

6.0        What are your data protection rights?

The new data protection regulations also set down your rights, in terms of the Club holding your personal data, specifically your rights to:-

  1. be informed regarding what data is being held, and why
  2. to have access to the data being held to verify accuracy
  3. to be able to rectify any errors in the data
  4. to request the erasure of the data being held
  5. to withdraw consent at any time, where consent has been previously provided
  6. to object to the processing of your personal data
  7. to request that the processing of your personal data be restricted

The regulations also include other rights for individuals in terms of direct marketing, data portability, and automated decision making.

Information in respect of Club services will be provided to you by email, unless you arrange another acceptable form of communication method with the Club.  Promotional emails for Club Events and any other 3rd party marketing will only be issued if you have consented for such communications in respect of each type of marketing.

In the event that your consent has been given to the Club holding sensitive data, e.g. Child Protection Disclosure application, then the rights of data portability will apply to this sensitive data.


7.0        Changes to this Policy (Who do you contact for more information?)

The Club takes actions aiming to ensure that member contact details are kept up to date, and we ask that members assist by keeping their personal information up to date.  Members do have the right to see what data we are holding in respect of their personal record, and such access requests should be referred directly in writing to the Club Admin Team.

Data Controller & Data Protection Officer                            Email:
Craigie Hill Golf Club
Cherrybank                                                                    Tel:  01738 622644 (Opt 1)

Please note that any requests to erase any member records will only be agreed if there is no over-riding requirement for the Club to continue holding the records to allow full and proper management of the Club, including the need to maintain historical records for preparation of the accounts.

8.0        Additional Information

You can find more information about the new regulations from the Information Commissioner's Office, including the right to complain to the Information Commissioner, with contact details available on

A copy of the formal Club GDPR Policy will be made available via the protected member’s communications section on the Club website.

 Members should note that any updates to the Club GDPR Policy will be published on the Club website.

We use cookies to deliver superior functionality and to enhance your experience of our websites. Read about how we use cookies and how you can control them here. Continued use of this site indicates that you accept this policy. If you do not want to show this message again then please accept our policies.