Privacy Policy

Last updated: 14/12/2025

1. Introduction

The Club Management Portal ("we", "our", "us") is committed to protecting your privacy and handling personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, store, and protect personal information when you use our services.

2. Data Controller & Data Processor

Account, billing, and support information relating to clubs and their officers: Brindleford Technologies Ltd t/a Club Management Portal is the Data Controller.

Member data entered into the Portal by clubs: The relevant Club is the Data Controller. In these cases, Brindleford Technologies Ltd acts solely as a Data Processor, processing data on behalf of the Club under a Data Processing Agreement (DPA).

Data Controller (for account data)
Brindleford Technologies Ltd t/a Club Management Portal
Company Number: 16871436
Registered Address: 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ

3. Personal Data We Collect

3.1 Account Information (Controller role)

  • Name and contact details (email address, telephone number)
  • Account credentials (username and encrypted password)
  • Club affiliation and role within the club

3.2 Member Data (Processor role, on behalf of clubs)

  • Personal details (name, address, date of birth)
  • Contact information (email, telephone, postal address)
  • Membership records (membership number, type, status, proposer/seconder)
  • Financial information (subscription payments, arrears)

3.3 Technical Data

  • IP address and browser details
  • Login timestamps and usage patterns
  • Device information and operating system
  • Cookies and similar tracking technologies

4. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Contract – To perform our service agreement with you.
  • Legitimate Interests – To improve services, maintain security, and prevent fraud.
  • Legal Obligation – To comply with laws and regulations.
  • Consent – Where you provide explicit consent (e.g., marketing preferences).

For member data processed on behalf of clubs, the relevant club determines the lawful basis.

5. How We Use Personal Data

  • Providing and maintaining club management services
  • Processing membership and billing information (on behalf of clubs)
  • Communicating with you about services and updates
  • Ensuring security and integrity of the platform
  • Complying with legal and regulatory requirements
  • Improving services through analytics and feedback

6. Data Sharing & Third Parties

We may share data with:

  • Service Providers – Hosting providers, payment processors, IT support.
  • Legal Authorities – When required by law or to protect rights.
  • Business Transfers – In case of merger, acquisition, or sale of assets.

We do not sell or rent your personal data to third parties for marketing.

7. International Transfers

Data is primarily processed in the UK. If transferred outside the UK, we ensure safeguards are in place, such as:

  • Adequacy decisions recognised by the UK Government
  • Standard Contractual Clauses (SCCs)
  • Other lawful mechanisms under UK GDPR

8. Data Retention

  • Account Data (Controller role): Retained for the duration of your account plus 7 years for compliance.
  • Member Data (Processor role): Retained only as directed by the Club.
  • Technical Data: Retained up to 2 years for security and improvement.

9. Your Data Protection Rights

You may exercise the following rights (depending on whether we act as controller or processor):

  • Right of Access
  • Right to Rectification
  • Right to Erasure
  • Right to Restrict Processing
  • Right to Data Portability
  • Right to Object
  • Right to Withdraw Consent

Note: For member data, please contact your Club directly, as they are the Data Controller. We will assist them where required.

10. Data Security

We implement appropriate technical and organisational measures, including:

  • Encryption of data in transit and at rest
  • Role-based access controls and authentication
  • Regular security testing and updates
  • Staff training on data protection
  • Breach response procedures in line with UK GDPR

11. Cookies & Tracking

Our website uses cookies for:

  • Essential functionality
  • Performance and analytics
  • Security and fraud prevention

You can manage cookies via your browser. Disabling certain cookies may affect service functionality.

12. Data Breach Notification

If a breach occurs that poses a risk to rights and freedoms, we will notify the Controller (the club, where relevant) and/or affected individuals without undue delay, and in any case within 72 hours of becoming aware.

13. Children's Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided data, please contact us.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or through our service.

15. Contact Information

Data Protection Officer
Brindleford Technologies Ltd t/a Club Management Portal
Email: privacy@clubmanagement.cloud
Post: 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ

16. Supervisory Authority

If you believe your rights have been infringed, you may lodge a complaint with the ICO:

Information Commissioner's Office (ICO)
Website: www.ico.org.uk
Telephone: 0303 123 1113
Post: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Return to Home

We use analytics cookies (Google Analytics) to understand how both the public site and Club Portal are used so we can improve performance and reliability. These scripts only load after you provide consent and never run if you reject them. You can change your choice at any time by clearing cookies. Learn more