THE CLUBHOUSESign In

Privacy Policy

Last updated: 28 February 2026

1. Who We Are

The Clubhouse is operated by The Collective Software Ltd, registered in Northern Ireland, United Kingdom. We are the data controller for the personal data collected through the Service.

For any privacy-related queries, contact us at hello@theclubhouse.software.

2. What Data We Collect

We collect the following personal data when you use the Service:

Account Information

  • Email address
  • First and last name
  • Password (stored securely hashed by Supabase Auth)
  • Profile photo (optional)
  • Nickname (optional)

Golf Data

  • Handicap index and handicap history
  • Scorecards (hole-by-hole scores for each fixture)
  • Fixture registrations and attendance
  • Competition entries and picks
  • Leaderboard rankings and statistics

Communication Preferences

  • Notification preferences (email, push)
  • Communication timing and tone preferences

Payment Data

  • Payment transaction records (amounts, dates, status)
  • We do not store card numbers or bank details — these are handled entirely by Stripe

Technical Data

  • Device tokens for push notifications
  • Login timestamps and frequency
  • Browser and device information (via standard HTTP headers)

3. How We Use Your Data

We use your personal data to:

  • Provide the Service — manage your account, display scores and leaderboards, facilitate fixture management
  • Process payments — facilitate fee collection through Stripe on behalf of your society
  • Send notifications — fixture reminders, score confirmations, payment receipts, and other society communications (based on your preferences)
  • Generate insights — personalised coaching tips and performance statistics visible to you and your society members
  • Improve the Service — understand usage patterns to fix issues and develop features

4. Legal Basis for Processing

Under UK GDPR, we process your data on the following bases:

  • Contract — processing necessary to provide the Service you signed up for
  • Legitimate interest — improving the Service, preventing abuse, and ensuring security
  • Consent — for optional features like push notifications and AI coaching tips (you can withdraw consent at any time)

5. Data Sharing

We share your data only in the following circumstances:

  • Within your society — your name, handicap, scores, and leaderboard position are visible to other members of societies you belong to
  • Stripe — payment data is shared with Stripe to process transactions. See Stripe’s Privacy Policy
  • Supabase — our database and authentication provider, hosted in the EU. See Supabase’s Privacy Policy
  • Resend — our email delivery provider. See Resend’s Privacy Policy
  • Anthropic — anonymised performance data may be sent to Anthropic’s Claude AI to generate coaching tips. No personally identifiable information is included beyond first name
  • Vercel — our hosting provider. See Vercel’s Privacy Policy

We do not sell your personal data to third parties. We do not share your data with advertisers.

6. Data Retention

  • Account data is retained for as long as your account is active
  • Golf data (scores, handicap history) is retained for the lifetime of your society membership to maintain accurate records
  • Payment records are retained for 7 years to comply with UK tax and accounting obligations
  • Push notification tokens are automatically removed when they expire or become invalid

If you delete your account, your personal data will be removed within 30 days. Anonymised statistical data (e.g. aggregate scores) may be retained.

7. Your Rights

Under UK GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — correct inaccurate personal data (you can also do this directly in your profile settings)
  • Erasure — request deletion of your personal data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing based on legitimate interest
  • Withdraw consent — for consent-based processing (e.g. push notifications), at any time via your profile settings

To exercise any of these rights, contact us at hello@theclubhouse.software. We will respond within 30 days.

8. Cookies

We use the following cookies:

  • Authentication cookies — essential for keeping you logged in (strictly necessary, no consent required)
  • Organisation context cookie — remembers which society you last viewed (strictly necessary for multi-society users)

We do not use advertising or tracking cookies. We do not use third-party analytics cookies.

9. Security

We take reasonable measures to protect your personal data, including:

  • Encrypted connections (HTTPS) for all data in transit
  • Passwords hashed using industry-standard algorithms
  • Row Level Security (RLS) in our database ensuring users can only access data they are authorised to see
  • Secure, httpOnly cookies for authentication

10. Children

The Service is not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes via email or an in-app notification. The “last updated” date at the top of this page indicates when the policy was last revised.

12. Contact & Complaints

For privacy queries or to exercise your rights, contact:

hello@theclubhouse.software

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).