Privacy Statement ENG

Privacy statement ClubGolf Foundation and The Birdy Club.

Everywhere in the text where ClubGolf / CG or otherwise refers to ClubGolf, The Birdy Club should also be read.

1 Introduction.
In this privacy statement we explain which data we process from you if we have, want to have or have had a business relationship with you. We also tell you why and for how long we process your data and what your rights are with regard to each processing. In addition, we provide information about the parties we work with and about our security policy.

We believe it is important that our services are reliable and transparent. We therefore handle your personal data discreetly and carefully and we ensure that any processing of your data complies with applicable laws and regulations.

2. Controller for the processing of personal data
The Controller is ClubGolf B.V., Chamber of Commerce 24449813, located at Haringvliet 100, 2nd floor (3011 TH) in Rotterdam (hereinafter: 'CG').

3. The personal data we process.
Depending on your relationship with our organization and the purpose for which we process data, we process personal data, including, but not limited to, the following data:

First and last name with possible maiden name

Initials

Sex

Phone number at home and / or mobile

E-mail address

Date of birth

Address / Postal code living or correspondence

residence

Nationality

Handicap and handicap mutationsmutatie

Entered scorecards

Games played

Membership type

Member code

Registration date

Account number

Invoice and membership rate

Bookings, tee times and lessons

Website and Intranet visit statistics

4. For what purpose and on what basis we process personal data.
We process your personal data in the context of the usual activities of an organization and more specifically for the following purposes, among others:

sending newsletters or mailings

sending your NGF golf pass

registering your activities such as handicap changes, lessons and tee times

sending information or news about events, activities or other commercial offers.

sending requested information

the monitoring of website visits

The processing grounds are those referred to in Article 6 of the GDPR (consent, agreement, legal obligation or legitimate interest).

5. Automated decision making.
We do not make decisions based on automated processing on matters that can have (significant) consequences for people. These are decisions taken by computer programs or systems, without involving a person (for example, one of our employees).

6. How long we keep personal data.
In general, we do not keep your data longer than necessary for the purposes for which we collected your data. The retention period may be different from case to case. An example is that we have to keep a number of documents for a minimum period of time for tax or administration purposes. In those cases, we will only keep the data that is necessary to comply with our legal obligations. After the legal retention periods, we will delete or anonymize your data.

7. Sharing personal data with third parties.
We do not share your personal data with third parties, unless this takes place in the context of executing an agreement with you and to comply with any legal obligation. Insofar as these third parties are to be regarded as processors, we have concluded a processing agreement with those third parties in which, among other things, security, confidentiality and your rights are regulated. We remain responsible for these processing operations.

8. Cookies, or similar techniques, that we use.
We use cookies on our website. This is a small text file that is stored in the browser of your computer, tablet or smartphone when you first visit this website.

We use the following cookies:

cookies with a purely technical functionality. These ensure that the website works properly and that, for example, your preferred settings are remembered. These cookies are also used to make the website work properly and to be able to optimize it.

analysis functionality

You can opt out of cookies by setting your internet browser so that it no longer stores cookies. In addition, you can also delete all information that has previously been stored via the settings of your browser.

9. Your rights (access, modification, deletion, etc).
Below is explained what your rights are with regard to the processing of your data.

Right of access

You have the right to inspect your own data. This also includes the question of what the purposes of the processing are, to which parties the data is provided and what the retention periods are.

Right to rectification

You can ask us to have your data rectified immediately. You also have the right to complete incomplete data, for example by sending us an email.

"Right to be forgotten"

You have the 'right to be forgotten'. Upon request, we will delete your data without undue delay. However, we may not always delete all your data. Sometimes the processing is, for example, still necessary for the fulfillment of legal obligations or for the establishment, exercise or substantiation of claims.

Right to restriction of processing

In principle, you have the right to have the processing of your data restricted, for example if you believe that your data is incorrect or unnecessary.

Notice of Correction, Removal or Restriction

Unless it is impossible or involves a disproportionate effort, we will notify the recipients of your data of any rectification, deletion or restriction of processing.

Right to portability of your data

You have the right to data portability. This means that you can make a request to receive your data. You can then save this data for personal reuse. You only have this right with regard to data that you have provided to us yourself and if the processing is based on your consent or an agreement to which you are a party.

Withdraw permission

If the data processing is based on consent, you have the right to withdraw that consent at any time. However, the processing of your data from the period before the withdrawal remains lawful.

Right to object

You have the right to object to the processing of your data on grounds relating to your particular situation. After your objection, we will in principle stop processing your data, unless there are overriding compelling legitimate grounds for processing your personal data.

Complaint to the Dutch Data Protection Authority or to the court.

If you believe that the processing of your data infringes the law, you can contact us, but you also have the right to file a complaint with the Dutch Data Protection Authority (AP) or to go to court.

Limitations of your rights

Sometimes we may limit your rights, for example in the context of the prevention, investigation, detection and prosecution of criminal offences, such as fraud.

You can send any request to us via info@stichtingclubgolf.nl. To ensure that a request has been made by you, we ask you to enclose a copy of your proof of identity with the request. Make your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and Citizen Service Number (BSN) black in this copy. This is to protect your privacy.

Costs and terms

When exercising the above rights, CG will not charge the data subject any costs, except for abuse (unfounded and/or excessive requests). CG will in principle answer requests within one month, unless this response cannot reasonably be expected from CG. If answering a request takes more time, CG will inform the person concerned about this within one month. Due to the complexity of the request, the response time may increase to a maximum of six months.

Request review

Each request will be assessed individually by CG on the basis of the specific facts and circumstances. There may be circumstances that mean that CG cannot comply with a request, for example if the data of the data subject has been or will be processed on the basis of a legal obligation or legitimate interest. If CG is unable to comply with a request, this will be communicated to the person concerned with reasons.

10. How we protect personal data.
We take the protection of your data seriously and take appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. If you have the impression that your data is not properly secured or there are indications of misuse, please contact us.

11. Changes
We may change this statement if developments give cause to do so, for example in the case of new processing methods. The most current privacy statement can be found on our website. We recommend that you consult this privacy statement regularly so that you are kept informed of the changes.

January 2021