1. Who we are

The Earl Haig Club (Whitchurch, Cardiff) is the data controller for the information you provide to us. If you have any questions about how we use your data, you can contact Joel at:

📧 [email protected]

📍 The Earl Haig Club, Whitchurch, Cardiff

2. What information we collect

When you apply for membership, we collect:

• Your name and contact details (address, phone, email)
  

• Your date of birth (to verify eligibility)
  

• Names of your two referrers (if applicable)
  

• Membership type and year
  

• Payment details (via Square POS)
  

• A scanned copy of your application form (if supplied)
  

• A membership ID number (linked to your Square account for discounts)
  

If you opt in to marketing, we also store your preference to receive event updates.

3. How we use your information

We use your information to:

• Manage your membership and benefits
  

• Issue membership cards and QR codes
  

• Record renewals, payments, and attendance
  

• Apply discounts at the bar and till (via Square POS)
  

• Contact you about important club business (renewals, AGMs, policy updates)
  

• Send you event news and marketing emails only if you have opted in
  

4. Lawful basis for processing

We rely on the following lawful bases under UK GDPR:

• Contract: to provide you with membership services and benefits.
  

• Legitimate interests: to run the club efficiently and securely.
  

• Consent: if you choose to receive marketing emails.

5. Marketing communications

If you opt in, we use your email to send you event updates, news, and offers through Squarespace Email Campaigns.

• You can unsubscribe at any time by clicking the link in any marketing email.
  

• If you unsubscribe, we will stop marketing emails but continue to contact you about your membership.

6. Who we share your data with

We only share data where necessary:

• Square POS – to apply membership discounts and store payment records.

https://squareup.com/gb/en/legal/general/privacy

• Squarespace – if you subscribe to marketing emails.

https://www.squarespace.com/privacy

These providers are GDPR-compliant and may store data outside the UK under approved safeguards. We do not sell or share your data with anyone else.

7. How long we keep your data

• Active members: as long as you remain a member.
  

• Former members: up to 6 years after expiry (for accounting and legal purposes).
  

• Scanned application forms: securely deleted after the retention period.
  

• Marketing preferences: kept until you unsubscribe or ask us to delete them.

8. Your rights

You have the right to:

• Access the personal data we hold about you
  

• Request corrections if your details are wrong
  

• Request deletion of your data (where legally possible)
  

• Restrict or object to certain uses of your data
  

• Withdraw consent for marketing at any time
  

If you want to exercise these rights, contact us at the details above. You also have the right to complain to the Information Commissioner’s Office (ICO) at www.ico.org.uk.

9. How we protect your data

We store membership records securely on our internal database, which is not publicly accessible. Access is restricted to authorised staff/committee members. We use secure connections (HTTPS), role-based permissions, and encrypted backups.

10. Updates to this notice

We may update this Privacy Notice from time to time. The latest version will always be available on request or on our website.