The NAR website is maintained for your personal use and viewing. Access and use by you of this site constitutes acceptance by you of these Terms and Conditions that take effect from the first date of use. NAR reserves the right to change these terms and conditions at any time by posting changes online.
Data Protection Officer
by e-mail: firstname.lastname@example.org
by post: Floor 2, 41-47 Hartfield Road, Wimbledon, SW19 3RQ
1.1 what information we may collect about you;
1.2 how we will use information we collect about you;
1.3 whether we will disclose your details to anyone else; and
1.4 your choices and rights regarding the personal information you have provided to us.
Please note that the Services may contain hyperlinks to services owned and operated by third parties (e.g. venue or coaches). These third party services may have their own privacy policies and we recommend that you review them. They will govern the use of personal information that you submit or which is collected by cookies and other tracking technologies whilst using these services. We do not accept any responsibility or liability for the privacy practices of such third party services and your use of these is at your own risk.
To provide our Services to you, we collect and process the following information which may include your personal data. "Personal data" or "personal information" means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect the following information from you:
When you access the Services via a third party social media provider such as Facebook, Google, Microsoft or a sports governing body, we may collect and store personal and non-personal information which is available on that third party social media provider, such as your name, its URL, your User ID, email address and gender information. We will also receive technical data in order to ensure the Services connect to the correct third-party account.
When you purchase anything via Sportlabs, we use a third party payment system called Stripe or Go Cardless which transacts all our payments. We have no access to your card payment information.
We may collect personal information about users of the platform in a number of different ways.
2.1 Directly from you - for example, through the booking of a resource (court, table, pitch), booking of a course or session (coaching,runs), purchasing or renewing membership or booking an activity at an event.
2.2 From someone else acting on your behalf – for example, where a parent or guardian has purchased a membership or course for a child. On occasion a venue/coach may upload your personal information directly, i.e. when first setting up a venue on ClubSpark.
The main purpose of processing personal information during the provision of the Service is to:
Where we decide the purpose or means for the processing of the personal data that you provide when using the Services, we are the "data controller" for the purposes of Data Protection law. We have provided further detail on our lawful reason for processing your personal information below.
Performance of a contract. To perform the services, you have requested under the terms of our services agreed between us and other relevant agreements which you enter into from time to time.
Pursuit of legitimate interests. In some cases, we may use your personal information to pursue legitimate interests of our own including commercial interests and those with a wider public benefit. In essence, our principal legitimate interest is in pursuing our mission of enabling more people to be active through the use of technology. For example, we need to process personal data in pursuit of our legitimate interests to:
In all instances we will ensure your interests and fundamental rights do not override those interests.
Consent. Sportlabs may also process your personal data on the basis of consent you give, for example to send you certain direct marketing communications.
Compliance with our legal obligations. In some cases, Sportlabs needs to process your personal data in order to comply with its legal obligations. For example, we need to process personal data in order to comply with health and safety legislation, link to suppliers for Disclosure and Barring Services (criminal records) to obtain checks on coaches and volunteer roles (where lawful) for safeguarding purposes, report certain tax information about our financial arrangements with third parties to HM Revenue & Customs and assist with investigations by police and/or other competent authorities.
"Special categories" of sensitive personal data, such as medical information, requires higher levels of protection and further justification for collecting, storing and using this type of personal information.
The provision of medical information is optional, and we only process this personal information where it is required by a venue /coach to improve your user experience of the course, session or programme provided.
Personal information collected and processed by Sportlabs may be shared with the following recipients, or categories of recipients, where necessary:
Information may be sent to your computer in the form of an Internet “cookie” to allow the Sportlabs servers to monitor your requirements. The cookie is stored on your computer. The Sportlabs server may request that your computer return a cookie to it. These return cookies do not contain any information supplied by you or any personally identifiable information about you.
Such measures are necessary to allow the Sportlabs to measure the usability of the systems, which will help in its continuing development to ensure that we understand the requirements of our users. Your browser software should however enable you to block cookies if you wish to. For more information about cookies, please visit www.allaboutcookies.org.
We will only retain your personal information for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting or reporting requirements.
Where we are the data controller, to determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements. In some circumstances, we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
You have the following rights over the way we process personal data relating to you. We aim to comply without undue delay. Where the venue/coach holds and determines the purpose and means for the personal data (and we do not decide these), they are the “data controller” and we are the “data processor”. In these instances, we may forward your request to the relevant controller.
To make a request, please let us know by contacting our Data Protection Officer with the details below.
We will take all reasonable technical and organisational precautions to prevent the loss misuse or alteration of your personal information.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Please be aware that, although we endeavour to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
Our information is generally stored within the EEA on secure databases.
Where we transfer your information outside of the EEA, normally because our clients are based outside of the EEA (for example, because your personal data is stored on an IT system hosted outside of the EEA), we ensure that any such transfer meets our legal requirements. You can obtain more details of the protection given to your personal data when it is transferred outside the EEA by contacting us using the details below
We have appointed a Data Protection Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the Data Protection Officer:
by e-mail: email@example.com
by post: Floor 2, 41-47 Hartfield Road, Wimbledon, SW19 3RQ
If you are unhappy with the way we are processing your personal data, please let us know by contacting us.
If you do not agree with the way we have processed your data or responded to your concerns, an alternative is to submit a complaint to a Data Protection Supervisory Authority: www.ico.org.uk
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.
If you have any questions about data protection or this privacy notice, please contact us.