App Privacy Policy

Privacy Policy — Lindum Hockey Club app

Effective date: 12th of November, 2025
Last updated: 12th of November, 2025

1. Who we are

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Lindum Hockey Club (“the club”) is the data controller for the personal data processed through this App, unless otherwise stated.

If you are using the App as part of a membership (e.g. a club member), this Privacy Policy should be read alongside the terms and conditions of membership.

2. What this policy covers

This Privacy Policy explains:

  • What personal data we collect when you use the App;
  • How and why we use it;
  • Your rights under UK data protection law; and
  • How to contact us if you have a question or complaint.

 

3. What information we collect

a. Camera and QR scanning

The App requests access to your device camera only when you choose to scan one of the QR codes as positioned around the club or at venues where the club is a part of the organisation of players or club members.

Camera frames are processed locally on your device to detect and decode QR codes. We do not store or transmit any camera images or video.

 

b. Attendance and membership data

When you scan a QR code, the App records:

  • The QR identifier contained in the code
  • The club member identifier voluntarily added into the App
  • The date and time of the scan

 

c. Personal information

The club links your membership record to the profile within the app (e.g. name, membership details, club member data, etc.). That data is managed by the club and processed under their lawful basis. The App is used to only process the minimal identifiers required to record attendance.

 

4. How we use your information

  • We use the information described above to:
  • Verify valid membership and mark attendance for sessions or events;
  • Provide attendance reports to authorised administrators;
  • Improve app performance and reliability;
  • Respond to technical support requests.

We do not use camera access or attendance data for marketing, advertising, or profiling purposes.

5. Our lawful bases for processing

Under the UK GDPR, we rely on the following lawful bases:

Purpose Lawful Basis
Recording attendance for members or participants Performance of a contract (Article 6(1)(b))
Operating and maintaining the App Legitimate interests (Article 6(1)(f)) — ensuring the app functions effectively and securely
Compliance with legal obligations (e.g. record keeping, safety regulations) Legal obligation (Article 6(1)(c))
Providing support or responding to user requests Consent or legitimate interests, depending on context

If we ever rely on consent, you may withdraw it at any time within the App or by contacting us.

 

6. Who we share data with

We only share your data when strictly necessary:

  • Membership organisations / administrators: to allow them to manage attendance records.
  • Legal authorities: only if required by law or court order.

We never sell or rent your personal data.

 

7. Data storage, transfers & retention

Storage location: Data is stored on secure servers within the UK or the European Economic Area (EEA).

Transfers: If data must be transferred outside the UK/EEA, we ensure appropriate safeguards (e.g. adequacy decisions or standard contractual clauses).

 

8. Security

We take data security seriously and use:

  • Encryption in transit (TLS) and at rest;
  • Role-based access controls for administrators;
  • Regular system updates and audits.

While we take reasonable precautions, no system is completely secure. In the unlikely event of a personal data breach, we will notify the UK Information Commissioner’s Office (ICO) and affected individuals in accordance with the UK GDPR.

 

9. Your data protection rights

Under the UK GDPR, you have the following rights:

  • Access – request a copy of your personal data we hold.
  • Rectification – ask us to correct inaccurate or incomplete data.
  • Erasure (“right to be forgotten”) – request deletion of your data.
  • Restriction – ask us to limit how we use your data.
  • Objection – object to certain types of processing, such as legitimate interest.
  • Portability – request your data in a structured, machine-readable format.
  • To exercise these rights, contact us.
    You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk
    .

10. Children’s privacy

The App is not intended for use by children under 13. In these events, parental use of their membership profile is advised.

 

11. Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes in law or our data-handling practices. We will post any updates within the App and update the “Last updated” date above. For major changes, we will provide a clear notice before they take effect.

 

12. Contact us

For any questions, data requests, or complaints please contact us.