Deer Park Golf & Country Club

Privacy Policy

1. Muir Group PLC Privacy Notice

Muir Group Plc (“Muir Construction Ltd”, “Muir Homes Ltd”, “Muir Timber Systems Ltd”, “Muir Leisure Ltd”, “Hermiston Securities Ltd”, “Muir Aberdeen Ltd”, “JW Muir Property Investments Ltd”) is committed to respecting your privacy and to complying with applicable data protection and privacy laws.

For Muir Leisure Ltd. the protection of personal data is of the utmost importance. Our Privacy Notice has been written to offer you peace of mind, so that you know exactly how we use, store and protect the personal information you give to us.

Our data is safe and secure – we comply with all of the relevant Data Protection regulations, including General Data Protection Regulations (GDPR), and we are committed to using your data in a responsible and sustainable way, making sure that your privacy is protected at all times.

2. Information Collection

Personal Data

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (such as anonymous data).

There are some ‘special categories’ of more sensitive personal data which require a higher level of protection.

We collect, store and use some or all of the following categories of personal information:

• Client information: name, title, address, telephone number, email address, photographic identification, date of birth, bank account details and copies of council tax and utility bills.

• Marketing information: name, title, address, telephone number, email address, event attendance history, payment details and marketing preferences.

• Social media information: username and engagement details (likes, retweets, shares, reactions, comments).

We may also collect, store and use the following ‘special categories’ of more sensitive personal information:

• Where we have collected this information other than from you, we will always ask you to confirm its accuracy. By way of example this category may include, amongst other things: race or ethnicity, political opinions, philosophical or religious beliefs, trade union membership, biometric data, medical conditions, prescriptions, surgeries, therapies, medical history and disabilities.

Non Personal Data

By using our website, we may automatically collect non-personal information about you. Cookies are used throughout our website for tracking session data, and this data is automatically discarded after you leave the website. Persistent cookies may also be used to remember your club selection preference. Cookies do not ever hold personal data such as name, address and contact information.

3. How will we use your information?

Data Protection says that we are allowed to use and share your personal data only where we have a proper reason to do so. The law says we must have one or more of these reasons and these are:

• Contract - your personal information is processed in order to fulfil a contractual arrangement.

• Consent – where you agree to us using your information in this way e.g. for storing your payment card details.

• Legitimate Interests - this means the interests of Muir Group in managing our business to allow us to provide you with the best products and service in the most secure and appropriate way.

• Legal Obligation – where there is statutory or other legal requirement to share the information e.g. when we have to share your information for law enforcement purposes.

We may use your information for a number of purposes which includes: managing and administering your account and/or contract; delivering any services, products or information requested by you; responding to complaints or account enquiries; administering debt recoveries. Our lawful basis for this is to fulfil a contract and legitimate interest.

We use your marketing information for marketing purposes, this includes contacting you with relevant information about our services, developments, special offers, products, inviting you to events and measuring engagement with our communications to ensure that the content that we create is relevant and useful. Our lawful basis for this is your consent.

In submitting a job application and/or speculative CV and if you have provided your consent, we may contact you to discuss if there are other opportunities or provide you with recommended jobs or contact you for other jobs you may be interested in. We will keep your details on file for 12 months unless you inform us otherwise. Our lawful basis for this is your consent.

Any social media posts or comments you send to us (on the Deer Park Facebook page, for instance) will be shared under the terms of the relevant social media platform (e.g. Facebook/Twitter) on which they are written and could be made public. We are not responsible for this kind of sharing. We recommend you should review the terms and conditions and privacy policies of the social media platforms you use.

Change & Consent

You can update your details, change marketing preferences and/or change your mind and withdraw such consent at any time by logging into your members page on the Deer Park website or by contacting:

Data Protection Officer

Muir Leisure Ltd

Belleknowes Industrial Estate

Inverkeithing

KY11 1HY

deerparkcompliance@muir-group.co.uk

4. Data Sharing

We engage third parties to provide the following services: public relations and marketing, IT support, dictation services, practice management systems, document management systems, case management systems, printing and reprographics support, event hosting services, email marketing management systems, survey and market insight services.

All third parties are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow third parties to use your personal data for their own purposes. We only permit them to access your personal data for specific purposes and in accordance with our instructions.

Muir Leisure Ltd may also be obliged to disclose your personal information to meet any legal or regulatory requirements (for example to comply with a court order or during audits) or obligations in accordance with applicable law (for example HMRC).

5. Data Retention

To make sure we meet our legal data protection and privacy obligations, we only hold on to your information for as long as we actually need it for the purposes we acquired it for.

In most cases, this means we will keep your information for as long as you continue to use our services, and for a reasonable period of time afterwards if you stop doing so. After that we will delete it other than where we lawfully can keep any data for audit or legal reasons.

When we no longer need to keep certain data, we destroy paper documents securely by shredding and delete the electronic record.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

6. Information Security

We have put in place appropriate security measures to protect your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those people who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put procedures in place to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

7. Your rights

We will securely retain your information for as long as is reasonably necessary and in accordance with applicable law. Under certain circumstances, by law you have the right to:

• Request access to your personal information. This is commonly known as a subject access request. This enables you to receive a copy of the personal information we hold about you and to check that we are processing it lawfully.

• Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

• Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

• Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

If you want to review, verify, correct or request erasure of your personal information or object to the processing of your personal data, please write to us at the following:

Data Protection Officer

Muir Leisure Ltd

Belleknowes Industrial Estate

Inverkeithing

KY11 1HY

deerparkcompliance@muir-group.co.uk

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

You may continue to receive information and mailings for a short period while your request is dealt with.

8. If you fail to provide personal information

If you fail to provide certain personal information when we request it, we may not be able to perform our contract with you properly or we may be prevented from achieving our legitimate interests.

9. Change of purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another purpose and that purpose is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the lawful basis which allows us to do so.

10. Privacy Support

Muir Group Ltd. reserves the right to amend or modify this Privacy Notice at any time and in response to changes in applicable data protection and privacy legislation. If we decide to change our Privacy Notice, we will post the changes on our website so you know what information we collect and how we use it.

11. Complaints

If you have any concerns over how we use your data, please contact us in the first instance at the following contact details:

Data Protection Officer

Muir Leisure Ltd

Belleknowes Industrial Estate

Inverkeithing

KY11 1HY

deerparkcompliance@muir-group.co.uk

If you are not satisfied that we have addressed your concerns adequately, you have the right to lodge a complaint with the ICO. Their contact details are below:

The Information Commissioner's Office – Scotland

45 Melville Street

Edinburgh

EH3 7HL

Telephone: 0303 123 1115

Email: Scotland@ico.org.uk