This notice was last updated in July 2019.
Golfin.lt, the Data Controller, is a company registered in Lithuania.
Golfin.lt may be referred to as CHG, "we" or "us" in this notice.
Maintaining the security of your data is a priority at CHG and we are committed to respecting your privacy rights. We promise to handle your data fairly and legally at all times. CHG is also committed to being transparent about what data we collect about you and how we use it.
This notice, which applies whether you use our website, contact us by telephone or e-mail, or visit our store, provides you with information about:
- The legal basis which we rely on when collecting and processing your data.
- What personal data we collect.
- How and why we use your data.
- How we protect your data.
- Your legal rights relating to your personal data.
Legal Basis For Processing Your Data
CHG collects and uses customer's personal data because it is necessary for:
- The pursuit of our legitimate interest.
- The purposes of complying with our duties and exercising our rights under a contract for the sale of goods to a customer.
- Complying with our legal obligation.
In certain situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
Examples of legitimate interest include:
- Promoting, marketing and advertising our products and services.
- Sending promotional communications which are relevant to individual customers.
Where we have relied on legitimate interest to send a direct marketing communication, you have the right to opt out of receiving these at any time.
We require your data to comply with contractual obligations.
Examples of contractual obligations include:
- Selling and supplying goods to our customers.
- Passing details to our third party couriers to deliver your order.
- Handling customer contacts, queries, complaints or disputes.
In certain situations, the law requires us to collect and process your data.
Examples of legal compliance include:
- Protecting customers, employees and other individuals and maintaining their safety, health and welfare.
- Complying with our legal and regulatory obligations, such as maintaining records of our sales for VAT purposes.
- Preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies.
- Protecting CHG, its employees and customers, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to CHG.
- Effectively handling any legal claims or regulatory enforcement actions taken against CHG.
What Personal Data We Collect
CHG may collect the following information about you:
- Your full name.
- Your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address.
- Purchases made by you.
- When you make a purchase from us, and pay by credit or debit card, your payment card details (last four digits only).
- When you make a purchase from us, and pay using interest free finance from our trusted partner, your bank account number and sort code.
- Your communication and marketing preferences.
- Your correspondence and communications with CHG.
- Other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).
Our website is not intended for children and we do not knowingly collect data relating to children.
How And Why We Use Your Data
CHG uses your personal data:
- To process your order and deliver goods to you.
- To make a tailored website available to you.
- To verify your identity.
- For crime and fraud prevention, detection and related purposes.
- To contact you electronically about promotional offers and products that we think may be of interest to you.
- For market research purposes, to better understand your needs.
- To enable CHG to manage customer service interactions with you.
- Where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).
CHG uses your personal data for electronic marketing purposes with the aim of updating you about products which are of interest and relevance to you as an individual and to inform you of any promotional offers.
You have the right to opt out of receiving promotional communications at any time by:
- Refusing permission for use of your e-mail address for marketing purposes at the time you place an order with us via our website.
- Making use of the 'unsubscribe' link in e-mails.
- Contacting CHG via the contact channels in this notice.
SHARING DATA WITH THIRD PARTIES
Our service providers and suppliers:
In order to make certain services available to you, we may need to share your personal data with some of our service partners. These include delivery and payment service providers.
CHG only allows its service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on service providers relating to data protection and security, which means they can only use your data to provide services to CHG and to you, and for no other purposes.
Other third parties:
Aside from our service providers, CHG will not disclose your personal data to any third party, except as set out below. We will never sell or rent our customer data to other organisations for marketing or any other purpose.
We may share your data with:
- Credit reference agencies where necessary for card payments.
- Governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so to comply with our legal obligations, exercise our legal rights (for example in court cases), for the prevention, detection, investigation of crime or prosecution of offenders and for the protections of our employees and customers.
To deliver products to you, if you live outside of the European Economic Area (EEA), it may be necessary to share your data outside of the EEA. These transfers are subject to special rules under data protection laws.
If this happens, we will ensure that the transfer will be compliant with data protection law and all personal data will be secure. Our standard practice is to use ‘standard data protection clauses’ which have been approved by the European Commission for such transfers. Those clauses can be accessed by following the link below.
HOW LONG DO WE KEEP YOUR DATA?
We will not retain your data for longer than necessary for the purposes set out in this notice. Different retention periods apply for different types of data, however the longest we will normally hold any personal data is 6 years.
How We Protect Your Data
CHG is committed to keeping your personal data safe and secure. Our security measures include:
- Computer safeguards such as firewalls and data encryption.
- Regular assessments of all service providers who may handle your personal data.
- Regular penetration testing of systems.
- Security controls which protect our systems from external attack and unauthorised access.
- Internal policies setting out our data security approach and training for employees.