Date Protection

​

All personal data that Schball Ltd (the “service provider”) may use will be collected, processed, and held in accordance with the provisions of EU Regulation 2016/679 General Data Protection Regulation (“GDPR”) and You the user of the service provider rights under the GDPR.

 

“Data Protection Legislation”

means 1) unless and until EU Regulation 2016/679 General Data Protection Regulation (“GDPR”) is no longer directly applicable in the UK, the GDPR and any national implementing laws, regulations, and secondary legislation (as amended from time to time), in the UK and subsequently 2) any legislation which succeeds the GDPR.

 

1. Data Processing

   1. In this, “personal data”, “data subject”, “data controller”, “data processor”, and “personal data breach” shall have the meaning defined in Article 4, EU Regulation 2016/679 General Data Protection Regulation (“GDPR”).

   2. All personal data to be processed by the Service Provider on behalf of the Client under this Agreement shall be processed in accordance with the terms of the Private Policy entered by the Parties on 20th May 2020.

   3. For the purposes of the Data Protection Legislation and for the, person/s using the site the Client is the “Data Controller” and the Service Provider is the “Data Processor”.

   4. The type(s) of personal data, the scope, nature and purpose of the processing, and the duration of the processing are set out in Privacy Policy.

   5. The Data Controller shall ensure that it has in place all necessary consents and notices required to enable the lawful transfer of personal data to the Data Processor for the purposes described in this Agreement.

   6. The Data Processor shall, with respect to any personal data processed by it in relation to its performance of any of its obligations under this Agreement:

      1. Process the personal data only on the written instructions of the Data Controller unless the Data Processor is otherwise required to process such personal data by law. The Data Processor shall promptly notify the Data Controller of such processing unless prohibited from doing so by law.

      2. Ensure that it has in place suitable technical and organisational measures (as approved by the Data Controller) to protect the personal data from unauthorised or unlawful processing, accidental loss, damage or destruction. Such measures shall be proportionate to the potential harm resulting from such events, taking into account the current state of the art in technology and the cost of implementing those measures. Measures to be taken are set out in Privacy Policy.

      3. Ensure that any and all staff with access to the personal data (whether for processing purposes or otherwise) are contractually obliged to keep that personal data confidential; and

      4. Not transfer any personal data outside of the European Economic Area without the prior written consent of the Data Controller and only if the following conditions are satisfied:

         1. The Data Controller and/or the Data Processor has/have provided suitable safeguards for the transfer of personal data;

         2. Affected data subjects have enforceable rights and effective legal remedies;

         3. The Data Processor complies with its obligations under the Data Protection Legislation, providing an adequate level of protection to any and all personal data so transferred; and

         4. The Data Processor complies with all reasonable instructions given in advance by the Data Controller with respect to the processing of the personal data.

   7. Assist the Data Controller at the Data Controller’s cost, in responding to any and all requests from data subjects in ensuring its compliance with the Data Protection Legislation with respect to security, breach notifications, impact assessments, and consultations with supervisory authorities or regulators (including, but not limited to, the Information Commissioner’s Office);

   8. Notify the Data Controller without undue delay of a personal data breach;

   9. On the Data Controller’s written instruction, delete (or otherwise dispose of) or return all personal data and any and all copies thereof to the Data Controller on termination of this Agreement unless it is required to retain any of the personal data by law; and

   10. Maintain complete and accurate records of all processing activities and technical and organisational measures implemented necessary to demonstrate compliance with this document and to allow for audits by the Data Controller and/or any party designated by the Data Controller.

2. The Data Processor shall not sub-contract any of its obligations to a sub-processor with respect to the processing of personal data under this document without the prior written consent of the Data Controller (such consent not to be unreasonably withheld). In the event that the Data Processor appoints a sub-processor, the Data Processor shall:

   1. Enter into a written agreement with the sub-processor, which shall impose upon the sub-processor the same obligations as are imposed upon the Data Processor by this document and which shall permit both the Data Processor and the Data Controller to enforce those obligations; and

   2. Ensure that the sub-processor complies fully with its obligations under that agreement and the Data Protection Legislation.

3. Either Party may, at any time, and on at least 30 working days notice, alter this document, replacing it with any applicable data processing clauses or similar terms that form part of an applicable certification scheme. Such terms shall apply and replace this document by attachment to this Agreement.

 

 

 

PRIVACY POLICY

 

1. Data Processing

 

Scope

Our Privacy Policy (“Privacy Policy”) is designed to help you understand how we collect, use and safeguard the information you provide to us and to assist you in making informed decisions when using our Service.

 

Nature

Service” refers to the Company’s services accessed via the Site, in which users can view, book sessions and events

 

Purpose

By accessing our Site or our Service, you accept our Privacy Policy and Terms of Use (found here: www.schball.com/data-protection, and you consent to our collection, storage, use and disclosure of your Personal Information as described in this Privacy Policy.

 

 

Duration

The Company reserves the right to change this policy and our Terms of Service at any time.  We will notify you of significant changes to our Privacy Policy by sending a notice to the primary email address specified in your account or by placing a prominent notice on our site. Significant changes will go into effect 30 days following such notification. Non-material changes or clarifications will take effect immediately. You should periodically check the Site and this privacy page for updates.

 

 

2. Types of Personal Data

We collect “Non-Personal Information” and “Personal Information.” Non-Personal Information includes information that cannot be used to personally identify you, such as anonymous usage data, general demographic information we may collect, referring/exit pages and URLs, platform types, preferences you submit and preferences that are generated based on the data you submit and number of clicks. Personal Information includes your email, name and mobile or landline number which you submit to us through the contact and registration process at the Site.

 

 

3. Categories of Data Subject

To activate the Service you do not need to submit any Personal Information other than your email address. To use the Service thereafter, you do need to submit further Personal Information being name and mobile. However, in an effort to improve the quality of the Service, we track information provided to us by your browser or by our software application when you view or use the Service, such as the website you came from (known as the “referring URL”), the type of browser you use, the device from which you connected to the Service, the time and date of access, and other information that does not personally identify you. We track this information using cookies, or small text files which include an anonymous unique identifier. Cookies are sent to a user’s browser from our servers and are stored on the user’s computer hard drive. Sending a cookie to a user’s browser enables us to collect Non-Personal information about that user and keep a record of the user’s preferences when utilising our services, both on an individual and aggregate basis. The Company may use cookies to collect the following information:

 

 

4. Organisational and Technical Data Protection Measures

Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. 

​

​