Staying connected with Disc Golf England through EDGA digital networks.

Privacy policy for English Disc Golf Association (EDGA)

Effective Date: 28 December 2025

1. Introduction

The English Disc Golf Association (“EDGA”, “we”, “us”, or “our”) is an Unincorporated Association acting as the Data Controller for your information. This policy details how we collect, use, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. The Data We Collect

Through our membership portal and website, we collect the following information:

  • Household Identity: Full name, email address, and verified postal address of the Primary Member.
  • Extended Profile Data: Gender, mobile contact number, and club affiliation.
  • Sporting Identifiers: Unique EDGA membership numbers and PDGA numbers (if provided).
  • Junior Data: Names and dates of birth for members under 18, provided exclusively by a parent or legal guardian.
  • Technical & Security Data: Encrypted login credentials, IP addresses, and system logs required to prevent unauthorised access and spam.

3. Lawful Basis for Processing

We process your data under the following legal grounds:

  • Contractual Necessity: To administer your membership and provide access to the Association’s digital services.
  • Legitimate Interests: To maintain an accurate historical record of the sport in England, assign unique sporting identifiers, and secure our website against cyber-attacks and spam.
  • Legal Obligation & Safeguarding: For junior members, we collect date of birth to verify eligibility, ensure correct safeguarding measures, and administer junior-specific competitions.
  • Consent: For marketing communications and newsletters.

4. Email Updates and Newsletters

We use Mailchimp to manage our email lists and send updates. When you subscribe, your name, email address, and any preferences you provide are stored securely in Mailchimp.

  • International Transfers: Mailchimp is based in the United States and may process your data on servers located there. Mailchimp relies on Standard Contractual Clauses (SCCs) and additional safeguards to protect personal data when it is transferred outside the UK and EU.
  • Technical Security: We utilise Mailchimp’s API to add and update subscribers via an encrypted connection.
  • Unsubscribe: You can opt-out at any time via the Unsubscribe Form or through the link provided in any of our emails.

5. Third-Party Data Processors

We share data only with trusted partners necessary for the Association’s operations and security:

  • Stripe: For secure payment processing. We adhere to PCI-DSS standards; EDGA servers never store or transmit raw credit card data.
  • Website Security & Spam Protection: We use third-party services to protect the site from cyber-attacks, brute-force login attempts, and spam. These services may process your IP address and other technical data to verify that your interaction with our site is legitimate.
  • Administrative Sync: We use secure automation tools to synchronise website data with our internal, access-controlled administrative database.

6. Data Security

We take the security of your data seriously. We employ appropriate technical and organisational measures to protect your personal information against unauthorised access, accidental loss, or disclosure. This includes the use of encrypted connections (SSL) and scrambled, non-identifiable URL identifiers for member profiles to prevent unauthorised public access.

7. Data Retention

  • Profile Data: Retained for the duration of your active membership and account standing.
  • Historical Sporting Record: To preserve the integrity of the sport’s history in England, names and EDGA numbers are retained indefinitely as a permanent record of membership milestones.
  • Financial Audit: Transactional data is retained for 7 years to meet UK statutory accounting requirements.

8. Junior Data & Handover

The Primary Member (Adult) remains the custodian of junior data within the Household Model. When a junior member reaches the age of majority, the Primary Member can initiate a secure “Profile Claim” invitation, allowing the junior to establish their own independent account.

9. Your Rights

Under the UK GDPR, you have the right to request access to the data we hold, correct inaccuracies, or request erasure (subject to our requirements for historical record-keeping). To exercise these rights, please contact us via our Contact Form.

10. Cookies

For information on the cookies we use and how to manage your preferences, please see our Cookie Policy.

Share this now