Privacy Policy

Last updated: 24 March 2026

1. Who We Are

The Birdie Club is a golf society management platform. This privacy policy explains how we collect, use, and protect your personal data when you use our website and services.

2. What Data We Collect

When you use The Birdie Club, we may collect:

  • Account information: Name, email address, phone number (optional), home golf club, handicap index.
  • Society data: Society name, member lists, roles, and society settings.
  • Event data: Event details, bookings, attendance, and payment status.
  • Scoring data: Hole-by-hole scores, playing handicaps, competition results.
  • Payment data: Payment amounts and transaction references. We do not store card numbers. All card payment processing is handled by Stripe. See Stripe's Privacy Policy.
  • Usage data: Pages visited, features used, and general analytics to help us improve the platform.

3. How We Use Your Data

We use your data to:

  • Provide and maintain the platform (accounts, societies, events, scoring, payments).
  • Process card payments via Stripe on behalf of society organisers.
  • Send you relevant notifications about events, bookings, and your societies (if enabled).
  • Improve the platform based on usage patterns.

We do not sell your personal data to third parties. We do not use your data for advertising or marketing purposes beyond the platform.

4. Data Sharing

We share your data with:

  • Your society members: Your display name, home club, and handicap are visible to other members of your societies. Scores and competition results are visible on leaderboards.
  • Stripe: When you make a card payment, your payment information is processed by Stripe. When a society organiser sets up payments, their banking details are processed by Stripe.
  • Supabase: Our database and authentication provider. Data is stored in Supabase's infrastructure. See Supabase's Privacy Policy.
  • Live leaderboards: If a competition has a live code, anyone with that code can view player names, handicaps, and scores for that competition. No account required.

5. Data Storage and Security

Your data is stored securely in Supabase's cloud infrastructure with row-level security policies that restrict access based on your society membership and role. All data is transmitted over HTTPS.

We do not store card numbers, CVVs, or full bank account details. All payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or financial record-keeping purposes (e.g., transaction records may be retained for up to 7 years).

Scores and competition results may be retained in anonymised form for the benefit of the society even after your account is deleted.

7. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate personal data (you can update most information via your profile).
  • Delete your account and personal data.
  • Export your data in a portable format.
  • Object to the processing of your data in certain circumstances.

To exercise any of these rights, contact us at hello@birdie.club.

8. Cookies

We use essential cookies for authentication (keeping you logged in) and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

9. Children

The Birdie Club is not intended for use by anyone under the age of 18. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify registered users of material changes via email or through the platform.

11. Contact

For privacy-related queries, contact us at hello@birdie.club.