Privacy Policy

Stewarton Bowling Club - Privacy Policy

Last updated: 1 March 2026

Stewarton Bowling Club (“the Club”, “we”, “us”) is committed to protecting the privacy of our members, employees, visitors, and website users. This Privacy Policy explains how we collect, use, and store personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Stewarton Bowling Club
1A Dunlop Street,
Stewarton,
KA3 5AT
policies@sbc.scot

The Club is the data controller for the personal information we process.

2. Personal Data We Collect

2.1 Membership Data

Name, address, contact details
Date of birth (for membership category purposes)
Emergency contact information
Participation in competitions, coaching, and club events
Membership payments and financial records
Disciplinary or grievance information (where applicable)
Photographs or videos (with consent)

2.2 Employee Data

Name, address, contact details
National Insurance number
Bank details (for payroll or expenses)
Right‑to‑work documentation
Employment role information
Training, qualifications, and incident reports
Disciplinary or grievance information (where applicable)

2.3 Website & Technical Data

IP address, browser type, device information
Cookies and usage logs
Contact form submissions

2.4 Communications & Email Analytics

We collect information about how members interact with emails we send, including:

Whether an email was opened
Whether links were clicked
Delivery status (delivered, bounced, blocked)
Device type or email client (where provided by the email service)
Time of open or click

This information is collected automatically by our email service provider.

3. How We Use Personal Data

We use personal data to:

Administer membership and renewals
Organise matches, competitions, and events
Communicate with members and employees
Monitor email delivery and engagement to improve communication
Manage payroll, expenses, and employment obligations
Maintain accurate financial and administrative records
Respond to enquiries and maintain website functionality
Comply with legal and regulatory obligations

4. Lawful Bases For Processing

We rely on the following lawful bases under UK GDPR:

Contract — administering membership or employment
Legal obligation — tax, accounting, right‑to‑work checks, accident reporting
Legitimate interests — running the Club efficiently, improving communications, organising events
Consent — photography, optional communications
Vital interests — protecting health and safety in emergencies

5. Data Categories & Lawful Processing

Data Category	Examples	Purpose	Lawful Basis
Membership details	Name, address, contact info, DOB	Administering membership, contacting members	Contract; Legitimate interests
Emergency contacts	Next of kin, phone numbers	Safety and emergency response	Vital interests; Legitimate interests
Competition & match data	Attendance, performance and results	Organising events and improving performance	Legitimate interests
Payment & financial data	Membership fees, payroll, expenses	Financial administration and accounting	Contract; Legal obligation
Employee data	NI number, bank details, right‑to‑work	Payroll, HR, legal compliance	Contract; Legal obligation
Safeguarding/incident data	Accident reports, welfare notes	Ensuring safety and wellbeing	Legal obligation; Legitimate interests
Photos & media	Event photos, team photos	Promotion and club communications	Consent
Website data	IP address, cookies, contact forms	Website functionality and security	Legitimate interests
Communications & analytics	Email opens, clicks, delivery status	Ensuring effective communication, improving updates	Legitimate interests

6. Sharing Personal Data

We do not sell personal data. We may share information with:

Bowls Scotland or competition organisers
Payment processors
Payroll or accounting providers
IT and website service providers
Emergency services
HMRC or other authorities where legally required

All third parties must handle data securely and in accordance with UK GDPR.

7. Data Storage & Security

We take appropriate technical and organisational measures to protect personal data, including:

Secure digital and paper storage
Password‑protected systems
Restricted access to sensitive information
Regular review of data retention and security practices

8. Data Retention

We retain personal data only for as long as necessary:

Membership records — while membership is active
Financial records — statutory retention periods
Employee records — in line with employment law
Accident and incident reports — in line with legal requirements
Emails and analytics — retained only as long as needed for communication purposes

9. Your Rights

Under UK GDPR, you have the right to:

Access your personal data
Request correction of inaccurate information
Request deletion of your data (where lawful)
Object to certain types of processing
Withdraw consent at any time (where consent applies)
Request data portability

Requests can be made by contacting the Club Secretary.

10. Cookies & Website Usage

Our website uses cookies for security, analytics and to improve functionality and user experience. You can manage cookie settings via the footer link or through your browser.

11. Contact & Complaints

For questions about this Privacy Policy or how your data is handled:

Hugh Fulton – Club Secretary
policies@sbc.scot

If you’re dissatisfied with our response, you can raise concerns with the Information Commissioner’s Office (ICO).

12. Updates To This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website with the date of last update clearly shown at the beginning.