MOON COMMUNITY CLUB LIMITED PRIVACY POLICY

 

Moon Community Club Limited (“MCCL”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal information. We want to be transparent with you about how we collect and use your personal information.

This Privacy Policy (“Policy”) sets out the reasons why, and the ways in which, MCCL will use your personal information and your related rights and options. At all times we aim to respect any personal information you share with us, or that we receive from other organisations, and keep it safe.

 

This Policy contains important information about your personal rights to privacy. Please read it carefully to understand how we use your personal information.

 

The provision of your personal information to us is voluntary. However, without providing us with your personal information, your use of our services or your interaction with us may be restricted impaired. For example, you would not be able to become a member.

 

  1. What is personal information?
  2. When do we collect personal information about you?
  3. What personal information do we use?
  4. How and why will we use your personal information?
  5. Lawful basis for processing
  6. Will we share your personal information?
  7. How long do we keep your personal information?
  8. Security/storage of and access to your personal information
  9. International transfers of your personal information
  10. Your rights and how to exercise them
  11. Communications for marketing
  12. Links and third parties
  13. Children’s personal information
  14. Changes to this Policy
  15. How to contact us

 

  1. What is personal information?

 

Before you read any further, it might be useful to explain what we mean by “personal information”. The relevant legal definition can be found here. In brief, it is information which relates to you and from which you can be identified, whether from that information alone or from that information combined with other information. It is a very broad definition, so lots of types of information can amount to personal information.

 

  1. When do we collect personal information about you?

 

We collect personal information in the following ways:

 

2.1 When you give it to us directly

 

For example, personal information that you submit to us when you sign up as a member, request particular services or make general enquiries.

 

2.2 When you visit our website

 

When you visit or use our website, we automatically collect the following types of personal information:

  • technical information, including the internet protocol (IP) address used to connect your device to the internet, browser type and version, time zone setting, browser plug-in types and versions and operating systems and platforms; and
  • information about your visit to our website, including the uniform resource locator (URL) clickstream to, through and from the website (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling and clicks) and methods used to browse away from the page).

 

We also collect and use your personal information by using cookies on our website. Please see our Cookie Notice for more information about how our use of cookies may involve using your personal information.

 

2.3 When we obtain it indirectly

We also collect your personal information from third party sources. For example, your personal information may be shared with us by analytics providers and search information providers (for example, via cookies deployed by our website). To the extent we have not done so already, we will notify you when we receive personal information about you from such sources and tell you how and why we intend to use that personal information.

In general, we may combine your personal information from these different sources for the purposes set out in this Policy.

 

2.4 When it is publicly available

 

For example, if you interact with us on social media (such as Instagram) and depending on your privacy settings, certain information about your user account or profile (such as username, profile picture or other details in your profile).

 

  1. What personal information do we use?

 

We may collect, store and otherwise process the following kinds of personal information:

 

  • your name and contact details (including emergency contacts) such as postal address, telephone number and email address;
  • details related to your membership (for example start date and classification of membership);
  • gender and nationality;
  • your user account details, such as username and password;
  • details of the organisation you work for / with and your role / connection;
  • personal descriptions and photographs;
  • financial information related to your payment for our services, for example credit/debit card details, account number and sort code;
  • information related to social media accounts or profiles;
  • information about your computer/mobile device and your visits to and use of our website, including, for example, your IP address and geographical location;
  • information about our services and products, or our selected partners’ services and products, which we consider may be of interest to you and/or in relation to which you express an interest; and/or
  • any other personal information which you choose to share with us as per section 2 of this Policy.

 

Do we use special categories of personal information?

 

Applicable data privacy law recognises certain categories of personal information as sensitive and therefore requiring more protection, for example information about your health, ethnicity and political opinions. This is known as “special category” personal information.

 

We do not set out to collect special categories of your personal information, but there may be unforeseen circumstances where we either need to (for example due to injury on our premises) or where members volunteer it (for example discussing political opinions on our message boards). When this happens, we only collect, or facilitate collection of, special categories of personal information where applicable data privacy law allows us to and where there is a good reason.

 

  1. How and why will we use your personal information?

 

We mainly collect and use personal information because we can’t provide our services otherwise.

 

In general, we use your personal information to achieve the purposes set out in this Policy. In particular, we may use your personal information to:

 

  • personalise, administer and manage your membership and account;
  • provide you with information, products or services you request from us;
  • provide you with news and updates about our services and members’ events;
  • to allow distribution of our members’ newsletter;
  • raise awareness of MCCL’s activities by capturing photos, videos and live streaming events (these will only ever be used for promotion, education and development purposes);
  • carry out any other obligations arising from contracts entered into between you and us;
  • ensure that content from our website is presented in the most effective manner for you and for your devices;
  • respond to communications from you in general, for example questions, comments, complaints, concerns or allegations;
  • inform reciprocal clubs or organisations with whom you may wish to interact by way of introduction;
  • provide you with information about other products or services we or our partner organisations offer that are similar to those you have already purchased, used or enquired about (only where you have provided your consent for us to do so – please see section 11 of this Policy);
  • administer our website for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • keep our website safe and secure, for example by conducting analysis required to detect malicious data and understand how this may affect your IT system;
  • notify you about changes to our services;
  • analyse and improve our work, services and products;
  • maintain internal records where appropriate (for example, in case a legal claim is reasonably foreseeable);
  • provide training and/or quality control;
  • audit and/or administer our accounts;
  • satisfy legal obligations which are binding on us, for example in relation to regulatory, government and/or law enforcement bodies with whom we may work (for example requirements relating to the payment of tax or anti-money laundering);
  • prevent fraud and/or misuse of services; and/or
  • establish, defend and/or enforce legal claims.

 

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

 

  1. Lawful basis for processing

 

Applicable data protection law requires us to rely on one or more from a set of “lawful bases” to collect and use your personal information. In short, these are six reasons recognised by regulators as giving us lawful grounds to collect and use your personal information.

 

We consider the grounds listed below to be relevant:

 

  • Where you have provided your consent for us to use your personal information in a certain way (for example, we will ask for your consent to collect your personal information by using cookies or other tracking technologies, or to send you marketing material by email or our members-only newsletter);
  • In order for us to comply with a legal obligation which is binding on us (for example, where we are obliged to share your personal information with regulatory bodies which govern our work and services);
  • Where necessary for the performance of obligations under a contract to which you are a party or to take steps at your request prior to entering a contract (broadly, to provide you with our member-only services in exchange for your membership fee); or
  • Where there is a legitimate interest in us doing so.

 

Applicable data privacy law allows us to collect and use your personal information if it is reasonably necessary to achieve our, your or others’ legitimate interests (as long as that use is fair, balanced and does not unduly impact your rights).

 

In brief, “legitimate interests” is a broad concept and can potentially include any reasonable, legitimate and valid objective (whether commercial or otherwise). Our legitimate interests could, for example, include provision, promotion or improvement of our services.

 

When we process your personal information to achieve such legitimate interests, we consider and balance any potential impact on you (both positive and negative), and your rights under applicable data protection law. We will not use your personal information for activities where our interests are overridden by the impact on you, such as where that use would be excessively intrusive (unless, for instance, we are otherwise required to or permitted to by law).

 

  1. Will we share your personal information?

 

We will also share your personal information with selected third parties where required by law, where it is necessary to administer our working relationship with you or where we have another valid and lawful reason for doing so, including if you have given your consent.

 

Those selected third parties include:

  • suppliers and sub-contractors for the performance of any contract we enter into with them, for example IT service providers such as website hosts or cloud storage providers, payment service providers or debt recovery service providers;
  • other members’ clubs and organisations with whom we have a reciprocal / referral-based relationship (introductions will only be made at your request);
  • professional advisers or service providers, such as lawyers, accountants, auditors and insurers;
  • regulatory authorities, such as tax authorities or the Information Commissioner’s Office (the UK data protection regulator, “ICO”) if our use of your personal information requires reporting in certain circumstances;
  • parties assisting us with research to monitor the impact/effectiveness of our work and services, for example analytics providers who help us evaluate your use of our website, provide reports on how the website is used and let us know which content is most popular;
  • parties who help us protect the safety and property of MCCL, its personnel, users, visitors or others; and
  • parties relevant to any corporate transaction relevant to MCCL.

 

We may also need to disclose your personal information to third parties:

 

  • in the event that we sell or buy any business or assets, in which case we may disclose your personal information (solely as relevant to the transaction) to the (prospective) seller or buyer of such business or assets;
  • if substantially all of our assets are acquired by a third party, personal information held by us may be one of the transferred assets;
  • If we are under any legal or regulatory duty to do so; and/or
  • To protect the rights, property or safety of MCCL, its personnel, users, visitors or others.

 

Where appropriate, we require third parties to enter into contracts with us which place obligations on them to protect your personal information in line with our policies and procedures and our obligations under applicable data privacy law.

 

  1. How long do we keep your personal information?

 

As a general rule, we keep your personal information for as long as you are an MCCL member. Once you are no longer a member (whether you actively cancel, purposely do not renew, we terminate your membership or your membership lapses for any reason), then we usually securely delete your personal information from our records.

 

However, there may occasionally be situations where we need to keep your personal information after your membership of MCCL ends (for example in case of legal dispute (whether active or prospective). In such instances, we keep your personal information as long as required in connection with the purpose(s) for which it is retained and used. As a general rule, we apply a backstop of 6 years to remove your personal information after the date your membership ends – we only keep it longer if there is a genuinely good reason to do so.

 

  1. Security/storage of and access to your personal information

 

MCCL is committed to keeping your personal information safe and secure and therefore takes reasonable and proportionate technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We restrict access to those who have a need to know and we train staff in handling your personal information securely and in line with MCCL’s obligations under applicable data privacy law.

 

Unfortunately, there is no such thing as 100% security in the online environment. As a result we cannot and do not guarantee the security of any personal information you submit to us through or in connection with our website.

 

If you consider that your interaction with us is no longer secure (e.g. you consider that the security of any account you might have with us has been compromised), please immediately notify us by contacting us at dataprotection@mcc.social.

 

  1. International transfers of your personal information

 

As we are a UK-based organisation, when we use your personal information internally we will not transfer it outside of the UK or European Economic Area (“EEA”). However, because (as set out in section 6 above) we share your personal information with third parties, it is possible information that we collect from you will be transferred to and stored in a location outside the UK or EEA.

 

Some countries outside of the UK or EEA have a lower standard of protection for personal information, including lower security requirements and fewer rights for individuals.

 

Where we cause your personal information to transferred, stored and/or otherwise used outside the UK or EEA in a country that does not offer an equivalent standard of protection to the EEA, we will take all reasonable steps necessary to ensure that the recipient implements appropriate safeguards (such as by entering into a contract which puts the recipient under similar obligations as if they were based in a the UK or a EEA country, or requesting that they have signed up to a domestic certification scheme which guarantees the same level of protection as in the UK or EEA) designed to protect your personal information and to ensure that your personal information is treated securely and in accordance with this Policy. If you have any questions about the transfer of your personal information, please contact us using the details below.

 

  1. Your rights and how to exercise them

 

Applicable data protection law gives you certain rights to control how we use your personal information.  These are as follows:

 

  • Right to withdraw consent: where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to ask us to stop using your personal information for marketing purposes (including to stop receiving promotions and offers from us or our partners at any time).
  • Right of access: you can ask us for confirmation of what personal information we hold about you and to request a copy of that information. Provided we are satisfied that you are entitled to see the personal information requested and we have successfully confirmed your identity, we will provide you with your personal information subject to any exemptions that apply under data protection law to oblige, or allow, us to withhold it.
  • Right of erasure: at your request we will delete (and ask parties with whom we have shared your personal information to delete) your personal information from our records as far as we are required to do so.
  • Right of correction: if you believe that our records of your personal information are inaccurate, you have the right to ask for those records to be updated. You can also ask us to check the personal information we hold about you if you are unsure whether it is accurate or up to date.
  • Right to restrict processing: you have the right to ask for processing of your personal information to be restricted if there is disagreement about its accuracy or legitimate usage (until that disagreement is resolved).
  • Right to object: in the following situations, you have the right to object to our processing of your personal information:
    • where we use your personal information relying on the lawful basis of legitimate interests (please see section 5 above);
    • where we use your personal information for marketing purposes; or
    • where we use your personal information for statistical purposes.

We are then required to stop using your personal information in the manner to which you object unless we can demonstrate a reason of compelling importance to continue (unless you object to our use of your personal information for marketing purposes, in which case we must stop regardless of any compelling grounds to continue).

  • Right to portability: in certain limited situations where we process your personal information by automated means, you may ask us to provide that personal information, or another service provider, in a commonly used, machine-readable format.
  • Automated decision-making: you have the right not to be subject to a decision based solely on automated processing of your personal information which produces legal or similarly significant effects on you, unless such a decision is:
    • necessary to enter into/perform a contract between you and us/another organization;
    • is authorised by EU or UK law to which we are subject (as long as that law offers you sufficient protection); or
    • is based on your explicit consent.
  • Right to complain: you are further entitled to make a complaint about us or the way we have used your personal information to the data privacy supervisory authority in your home country. In the UK, the supervisory authority is the ICO – https://ico.org.uk.

 

We may ask you for additional information to confirm your identity and for security purposes before actioning any attempt to exercise these rights. Please note that some of these rights only apply in limited circumstances. For further information on how to exercise these rights, or the extent to which they may apply to you, please contact us using the details below.

 

  1. Communications for marketing

 

We may use your contact details to provide you with information about our work, events, services and/or products which we consider may be of interest to you (for example, about similar products which you previously purchased, or as part of our members-only newsletter).

 

Where we do this via email, SMS or telephone, we will not do so without your prior consent (unless we are allowed to do so via applicable law).

 

Where you have provided us with your consent previously but do not wish to receive marketing material from us anymore, please let us know by emailing info@mcc.social. You can also opt out of receiving marketing emails from MCCL at any time by clicking the “unsubscribe” link at the bottom of our emails.

 

  1. Links and third parties

 

We may provide links our website directly to other sites. This Policy does not cover external websites and the privacy practices of their operators and we are not responsible for the content of those sites or the privacy practices of their operators. We encourage you to read the privacy notices of any external websites you visit via links you may click on our website.

 

  1. Children’s personal information

 

When we process children’s personal information, where required we will not do so without their consent or, where required, the consent of a parent / guardian. We will always have in place appropriate safeguards to ensure that children’s personal information is handled with due care and safety.

 

  1. Changes to this Policy

 

We reserve the right to make changes to this Policy at any time.  Any changes we may make to this Policy in the future will be posted on this page and, where appropriate and reasonably possible for us to do so, notified to you by email.  We may also notify you in other ways from time to time about the processing of your personal information.  This Policy was last updated on 5 March 2021.

 

  1. How to contact us

 

Questions, comments and requests regarding this Policy are welcomed and should be sent via the following channels:

 

Post: WSM, Connect House 133-137 Alexandra Road, Wimbledon, London SW19 7JY

Email: info@mcc.social

MCC APP

app store

© Moon Community Club Limited 2024. All rights reserved.

We value your privacy

We only collect cookies to analyze our website traffic and performance. Please help us better manage our site by clicking Yes to consent to cookies, or you can opt out at any time.