ClubEvent Use of Data
Last updated: 29 Jul 2023
About the ClubEvent ‘App’
The App is available on the Web, and on both Apple and Google web stores. A single app covers both User and Administration functions, depending on the account type of the App user. This page discusses what data an App user can expect to be collected, transmitted and stored by the App, and the wider ClubEvent system, wrt to Administrators, Users and Contacts.
ClubEvent’s purpose is to allow clubs (e.g. sports/social) to manage and run events – ranging from training sessions, tournaments to social functions. To do that, it must manage data about the events, event participants, club members, or contacts. Events can be invitation only (from a list of members/contacts), or open to the public.
Events are managed by one or more Club Administrators who all have access to Event creation/management, and the Club Contact list. This data is held centrally on ClubEvent servers and synchronised across Admin users, through the App. It is also available to Admin users through a web site/web app.
Event data can be made public on a web site; open events need to be available for people to book tickets! At this point, event data is available to all, and Organisers can decide whether ticket holder names (only) are made visible for other participants to view.
As such, data held can be split into: Club Setttings, Events & Contacts.
Settings cover all aspects of running ClubEvent, but also contain some data about the club itself: name, location, address, county, country, timezone, sport type, description, banner url, website address.
Setting up an Event requires the Administrator to enter information about the event: Title, Description, Location, Timings, Organiser Details (opt. name, email, phone) and any Additional information (external urls)
Are open to the public, require the Admin to create ticket types and payment information. When people book tickets to an event, their name and email address will be collected and stored as part of the event. The Event organiser may require collection of other data at this point, to enable them to take part in the event – for instance, an organiser of an Archery Tournament must collect details on an athelete’s bowstyle, age class, club/county/national affiliations etc.
Are closed, and require the Admin to invite a number of Contacts, from the application Contact list. These details (name, email address) are stored as part of the event, along with their status (e.g. Accepted/Declined).
ClubEvent allows Administrators to build a contact list, containing details of Club members and contacts. These can be entered directly, imported from a spreadsheet, or imported from the Administrators mobile contact list. Contacts are only ever created by an Admin action, and never ‘collected’ automatically without the users knowledge.
Contact data consists of name, email, mobile number (opt). The administrator may add comments to a record and tag the contact with any number of ‘tags’ denoting groupings within the club.
Collection of data
The ClubEvent App does not collect data from a users device without explicit user action and consent:
- ClubEvent “Contacts” can be imported from the mobile users address book. This is done when a user specifically presses the import button, where upon they are presented with a list of contacts, from which they may choose one to import.
- Contact and Event details can be imported/export from/to local spreadsheets
Transmission and storage of data
Data is held in a central database, on the ClubEvent servers. All data is encrypted in transit, using SSL/TLS standards. Data is synchronised to the client app, but only that data applicable to the user is synchronised – i.e. a normal user will only receive data about events to which they have access – i.e. open (ticketed) events, or invitation events to which they have been invited. normal users do not have any access to the club’s Contact list. Administrator level users have access to all Events, and the Contact list.
Deletion of Data
Event data will be deleted according to the Club’s settings, the maximum storage time after an event is over is 6 months. At this point, the event data (and all participant data) is removed from the ClubEvent databases.
Contact data is held as long as the Club needs access to it, under control of the Club and Club Administrators (as data controllers). ClubEvent acts as a data processor and could intercede if required to delete a person’s personal data, in the event that a Club refuses to act on its obligations as data controller.
Summary of personal data stored by the App
|Name, Email, Mobile||Stored in the club Contact list||Stored as long as Club Administrator requires the Contact|
|Name, Email, Mobile||Stored as part of an Event||Stored until the Event expires and is automatically deleted.|
|Ticket holder data; additional data held with ticket (e.g. age class, date of birth, address).||Required in order for an event to be organised and run. Data stored is decided on by the event organiser (not ClubEvent)||Stored until the Event expires and is automatically deleted.|
As is true of most client/server systems, ClubEvent automatically collects API usage logs. This information can include:
- internet protocol (IP) addresses,
- operating system,
- date/time stamp, and
- API usage data
These logs are automatically deleted after a short period of time.