Privacy Policy

I.            Privacy Notice

PGA European Tour Privacy Notice

Introduction

The General Data Protection Regulation (GDPR) seeks to protect and enhance the rights of data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU. GDPR does not apply to information already in the public domain.

PGA European Tour (PGAET) takes your privacy seriously and we are committed to protecting your personal information. The address for PGAET (a company incorporated in England and Wales under number 1867610) is PGA European Tour, Wentworth Drive, Virginia Water, Surrey GU25 4LX.

If you would like to get in touch with us, you can also find contact details in the ‘How to Contact Us’ section below.

This Notice

This Privacy Notice applies to personal data (i.e. information concerning any living person (Data Subject)) held by members of the PGAET group of companies (PGAET Group) as data controllers that is not already in the public domain. It explains what personal information we collect, how we collect and use that personal information, with whom we will share it, why and in what circumstances.

The PGAET Group is pleased to provide the following Privacy Notice which covers the PGAET Group, its websites, mobile applications and mobile websites (Platforms). Where you are notified of another privacy notice or policy by the specific PGAET Group entity which collects your personal information, (whether as a customer, official, partner, player or Member of the European Tour), this Privacy Notice sits alongside any specific data protection notice or form provided to you unless such document specifies that this Privacy Notice does not apply to you.

You might find external links to third party websites on our Platforms and those websites may have their own privacy and cookie notices which are different to this Privacy Notice. Our Privacy Notice does not apply to your use of a third party site and you should therefore make sure that you are comfortable with their privacy notices prior to using those sites.

Personal Data

The PGAET Group uses the information collected from you to provide such organisational services as you request from us. In using our services you consent to the PGAET Group maintaining a dialogue with you until you either opt out (which you can do at any stage) or we decide to desist from promoting our services.

The type of information that we may collect will differ depending on the type of service we are offering or the request you make of us. Such information may include your:

  • name
  • title
  • date of birth
  • address
  • contact details (including email address and/or telephone/mobile number)
  • gender
  • booking reference
  • payment card details

For its customers, the PGAET Group will only collect such customer information as is necessary to provide you with and keep you informed about its services.

For Members and officials, PGAET will notify you separately of its processing activities involving your data via the relevant form and/or Handbook.

We may also analyse the personal information you have provided to create a profile of your interests, preferences, online activity and socioeconomic and age groups, so that we can better understand you and aim to build future communications and products which are more relevant for you. These profiles can help us define fan groups, so that we can sometimes personalise and target our communications to provide you with the most relevant information, content, products and services.

Disclosure

We do not broker or pass on information gained from your engagement with us without your specific consent to do so. Notwithstanding the foregoing, we may disclose your personal information to meet our legal obligations; to comply with applicable regulations or a valid governmental request or court order; in order to enforce or apply the terms of use of any of the Platforms or other agreements; to protect the rights, property or safety of the members of the PGAET Group, our partners, customers and/or others; or to protect the integrity of the sport.

Who will we share your data with?

Your personal data may be shared with our third party service providers, who will process it on our behalf to facilitate the particular purposes for which we are using your data. These third parties could include: 

• our ticket and merchandise retailers;

• payment processors;

• software providers, multimedia application providers, website hosting service providers and providers of social media platforms;

• operators of venues at which our tournaments are held;

• promoters organising tournaments sanctioned by us; and

• other suppliers and service providers, such as our accreditation service provider(s), caterers and transport providers.

We ensure that each such third party processor is contractually committed to GDPR compliance and adequate data security standards and to only using your data under our instructions (and not for other purposes). If you require further information regarding these third parties, please get in touch using the contact details at the bottom of this Privacy Notice.

Your personal data may also be shared with government authorities and/or law enforcement officials and/or pursuant to a court order if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws. We may also disclose your personal data as necessary to help us meet our legal and contractual obligations, to enforce our terms of use and to protect the rights, property and/or safety of members of the PGAET Group, our partners customers and/or others and to protect the integrity of the sport of golf.  

We will only share your personal data with a third party for the purpose of them directly marketing to you where you have consented to such data sharing (for example, if you consent to receiving our partner offers and news when participating in a competition run in conjunction with one of our partners).

In addition, where we process your personal data in your capacity as a contractor, supplier, promoter, venue or partner (or as an employee, worker or other representative of any of the aforementioned), we may share your personal data with third parties for operational purposes in connection with the role performed by such contractor, supplier, promoter, venue or partner. For example, if, as a representative of a promoter, your contact details are provided to us, we may pass these on to: 

• third party service providers who will be providing services in connection with the tournament(s) which the promoter is organising for the purpose of facilitating the provision of such services; and/or 

• players (and their managers) who will be attending such tournament(s) in order to facilitate communication with you.

In addition, where we process your personal data in your capacity as a member, manager of a member, caddy or official, we may share your personal data with third parties as required to facilitate your participation in the European Tour, Challenge Tour or Staysure Tour. For example:

• where you are participating in a tournament organised by one of our promoters, we may pass your personal data to such promoter for the purpose of facilitating your participation in such tournament; 

• where we are assisting with your visa application in connection with your participation in a tournament, we may pass your personal data to visa authorities.

We may also need to transfer (or store) your personal information to (or in) countries outside the European Economic Area (EEA), some of which do not protect privacy rights as extensively as in the United Kingdom. However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Notice. Further details of these safeguards can be provided for your review on request by getting in touch using the contact details at the bottom of this Privacy Notice.

In the event that any part of our business is sold or integrated with another business, your details will be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business.

How we use your personal data may also be explained in further specific privacy notices drawn to your attention (such as Member notices in the Handbook or accreditation notices as part of the accreditation application process). These notices supplement this over-arching privacy notice.

Cookies

Our Platforms use cookies. A “cookie” is a small computer file that is downloaded to your device that enables a web server to collect information from your web browser. It collects information as to how you navigate our Platforms and helps us to identify you, to make your visit to our Platforms more enjoyable by personalising your visit by customising our web pages for you, and to build up a demographic profile. For more information on cookies and how to manage cookie settings, please go to our Cookie Policy.

Legal Basis for Processing Personal Data

We will only collect, process, use, share and store your personal information where we are satisfied that we have an appropriate legal basis for doing so. This may be because:

  1. we need to use your personal information to take steps to enter into a contract with you or to meet our contractual obligations to you
  2. we need to use your personal information to respond to marketing or other enquiries from you
  3. we need to use your personal information to pursue our legitimate interests as a commercial organisation
  4. we have your consent to using your personal information for a particular activity (for example, where you have consented to us sharing with you marketing or promotional communications from members of the PGAET Group and/or its official partners, sponsors, suppliers or licensees which we think may be of interest).

Our legitimate interests as a commercial organisation include the administration and promotion of the European Tour and the sport of golf, and the fulfilling of services to its fans and our customers.

Consent

Where we are relying on your consent, you may withdraw your consent to the processing of your personal information at any time by contacting our Data Protection Officer (see the ‘How to Contact Us’ section below).

Retention Policy

Members of the PGAET Group will only retain your personal information for as long as is reasonably necessary for the purposes for which it was collected and in line with our data retention policy. For example, we will normally keep contractual information for a period of ten years after the expiry of any such contract so that, if we need to establish, exercise or defend our legal interests, we may deal with any dispute or concerns that may arise.

Your Rights as a Data Subject

At any point whilst a member of the PGAET Group holds your personal information, you have a number of rights available to you, including the following:

  1. Right of access – you have the right to access a copy of the information that we hold about you and to obtain information about how we process it
  2. Right of rectification – you have a right to request that we correct data that we hold about you if it is inaccurate or incomplete
  3. Right to be forgotten – in certain circumstances, you can ask for the data we hold about you to be erased from our records
  4. Right to restriction of processing – where certain conditions apply you have a right to request that we restrict the processing of your information
  5. Right of portability – you have the right to have the data we hold about you provided to you in an electronic format and/or to request that it is transferred to another organisation
  6. Right to object – you have the right to object to certain types of processing such as direct marketing
  7. Right to object to automated processing, including profiling – you also have the right not to be subject to a decision based solely on automated processing (including profiling) which adversely affects your legal rights

You can exercise these rights in the first instance by contacting our Data Protection Officer (see ‘How to Contact Us’ section below). Should you wish to do so, we will require you to provide additional information to confirm your identity as follows:

One piece of photographic identification (e.g. passport, other national identity card or photocard driving licence) and

One proof of address (e.g. utility bill dated within the last 3 months)

We will advise you promptly if we require further information in order to fulfil your request. Please be aware that these rights are, in the most part, not absolute and are subject to exceptions; for example, if we have a necessary and lawful basis on which to continue processing your personal data, we may refuse your request to delete it,

Further to the rights set out above, you can request the following information from us:

  1. The identity and the contact details of the person or organisation that has determined how and why to process your data
  2. Contact details of our Data Protection Officer
  3. The purpose of the processing as well as the legal basis for processing
  4. If the processing is based on the legitimate interests of PGAET or a third party such as one of its clients, information about those interests
  5. The categories of personal data collected, stored and processed
  6. Recipient(s) or categories of recipients that your data is/will be disclosed/transferred to
  7. How long your data will be stored for
  8. Details of your rights to correct or erase your personal data and your rights to restrict or object to the processing of your data
  9. Information about your right to withdraw consent at any time
  10. How to lodge a complaint with the data protection regulator in the country where you live
  11. The source of personal data if it was not collected directly from you
  12. Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing

Updates

We may amend this Privacy Notice from time to time to keep it up to date with legal requirements, best practice and/or the way we operate our business. If we decide to change our Privacy Notice we will place any updates on this webpage and the privacy sections of any relevant Platforms.

Please therefore check this page and the privacy sections of any relevant Platforms periodically in order to view the latest version of our Privacy Notice; however, any substantial changes affecting how your personal data will be notified to you.

How to Contact Us

The primary point of contact for all issues arising from this Privacy Notice is our Data Protection Officer, who can be contacted by email at: dataprotection@europeantour.com

or by post at:

Data Protection Officer
European Tour
Wentworth Drive
Virginia Water
Surrey
GU25 4LX

In the event that you have any questions, concerns or wish to make a complaint about how your personal data is being processed or regarding our compliance with this Privacy Notice, we would encourage you to contact our Data Protection Officer in the first instance. We will investigate and attempt to resolve complaints and disputes as quickly as possible. If you do not get a response within 30 days you can complain to the Data Protection Regulator (the Information Commissioner’s Office or ICO). You can refer matters to the ICO at any time, but the ICO recommends that individuals always seek to resolve matters through the data controller’s usual processes at first instance.

Supplementary PGA European Tour Player Privacy Notice – 2021 Season

PGAET needs to collect and process Member data to allow it to conduct the requirements of its business. This may include data collected directly from Members alongside data PGAET gathers from other sources, including those acting on Members’ behalf (including, for example, business partners, management companies, agents etc).

Such data will only be used for the purposes outlined in this notice, the above PGA European Tour privacy notice, any further supplemental privacy notice made available to me and/or any applicable terms of Membership of the European Tour, and any significant changes in how PGAET uses my personal data will be notified to me.

There may be circumstances in which PGAET is under a duty to disclose or share Member personal data in order to comply with any legal obligation; or where necessary in connection with welfare, safeguarding, integrity or anti-doping. PGAET may also share Member personal data with governmental authorities (such as border control and/or health authorities) where reasonably necessary for the purposes of processing set out in this privacy notice.

PGAET may also need to process Member personal data in order to enforce or apply the terms of Membership (or any other agreement with the Member).

PGAET will collect, use and disclose Member personal data lawfully and in accordance with Members’ rights as set out in the PGA European Tour privacy notice.

Specific Information Categories

In addition to the data and purposes set out in the PGA European Tour privacy notice, PGAET will need to hold and process certain specific information for the purposes of administering Member participation on the European Tour and/or European Challenge Tour. This includes:

Member passport information (including a photocopy of the passport) for the purposes of:

- Facilitating entry into tournaments (and entry into the country in which the tournament is held) by assisting in travel or visa acquisition

- Facilitating the payment of prize money at the end of a given (applicable) tournament where proof of ID is required.

Certain financial information in the form of Member bank account details or payment card details for the purposes of:

- Facilitating the payment of the annual membership fee

- Fulfilling tournament entry requirements regarding fee payment

- Facilitating the payment of prize money

- Facilitating the payment of any fines accrued whilst competing

Where PGAET needs to supply this information to third parties in order to achieve these purposes, it will only do so under suitable terms of security and confidentiality.

Official World Golf Rankings, Ryder Cup etc.

This form does not concern the lawful publication of Member personal performance data and image for the purposes of sports and journalism coverage in any media.

However PGAET will need to share some personal information (in the form of Members’ full name, country of origin, date of birth and tournament performance data) with the Official World Golf Rankings for the purposes of maintaining the Official Golf World Rankings.

Should a Member qualify for Ryder Cup team selection, PGAET will need to share such Members’ personal data with required authorities for the purposes of:

- Visa provisioning

- Travel provisioning

- Accreditation

- Live scoring

- Other fulfilment activities as reasonably required and notified to the relevant Member(s).

Supplementary PGA European Tour Privacy Notice – Covid 19

Introduction

This notice applies in respect of personal data to be collected by PGA European Tour (PGAET), from individuals attending European Tour and Challenge Tour tournaments, in connection with its screening for Covid-19.

This notice is supplementary to and should be read in conjunction with the European Tour’s general privacy notice, a copy of which is set out above.

Personal Data collected

In order to gain access to a European Tour or Challenge Tour tournament you will need to hold the correct accreditation. As part of the accreditation application process, you will be asked to answer certain questions that are designed to determine if you may be displaying symptoms of Covid-19 or if you could have been recently exposed to Covid-19. You may have already been asked to submit a test before leaving home and once on-site at the venue of the relevant tournament you will also be required to undergo testing for Covid-19

The data collected during the above application and testing procedures will include: (i) any Covid-19 related symptoms you may be suffering (that is, a persistent cough, high temperature, loss of taste or smell and/or shortness of breath); and (ii) your test results.

Use of Personal Data

The legal basis for our use of your personal data, collected as set out above, is as follows:

Legitimate Interest: in order to safely stage tournaments in accordance with government guidelines, we need to ensure we minimise the risk posed by Covid-19. One of the key ways we will do this is to create a ‘bubble’ in respect of which, as far as is reasonably possible, each individual granted access is free of Covid-19. We will use your personal data to assess your suitability for entry into the ‘bubble’ in order to: (i) protect the integrity of the bubble and the health and safety of each individual attending tournaments; and (ii) ensure that we can resume our primary business operations.

Public Health: processing of health related data is generally prohibited unless an exemption applies under GDPR. The exemption we will be relying on for these purposes is Public Health. Given the international nature of our tournaments, the processing of such sensitive data is necessary to protect against serious cross-border threats to health.

Third parties

Certain third party suppliers have been engaged by us in the creation of a bubble at each tournament (for example, Cignpost, Let’s Get Checked and our medical advisers who will be involved in the testing of players and attendees at each tournament). PGAET will ensure that any third party who collects or otherwise processes your personal data on our behalf is contractually committed to GDPR compliance and adequate data security standards. Third party contractors who process data on our behalf do so strictly under our instructions and are not permitted to make other uses of your personal data.

We may also share the symptom and test result data described above with governmental authorities where required to do so by the laws and/or governmental authorities of the relevant territory.

Retention Policy

Members of the PGAET Group will only retain personal information collected in accordance with this Covid-19 supplementary notice for as long as is reasonably necessary for the purposes for which it was collected.

How to Contact Us

The primary point of contact for all issues arising from this Privacy Notice is our Data Protection Officer, who can be contacted by email at: dataprotection@europeantour.com

or by post at:

Data Protection Officer

European Tour Wentworth Drive Virginia Water Surrey

GU25 4LX

In the event that you have any questions, concerns or wish to make a complaint about how your personal data is being processed or regarding our compliance with this Covid-19 supplementary Privacy Notice, we would encourage you to contact our Data Protection Officer in the first instance. We will investigate and attempt to resolve complaints and disputes as quickly as possible. If you do not get a response within 30 days you can complain to the Data Protection Regulator (the Information Commissioner’s Office or ICO). You can refer matters to the ICO at any time, but the ICO recommends that individuals always seek to resolve matters through the data controller’s usual processes at first instance.