Welcome to The Padel Inn Group Ltd (“we,” “us,” or “our”) privacy policy. This Privacy Policy explains how we collect, use, store, and disclose personal data when you:
This Privacy Policy forms part of our commitment to protecting your personal data. It should be read alongside any other policy or notice referring to it, including our Terms
and Conditions. It is not intended to override any additional terms that specifically address data protection or privacy in other contexts.
2.1 Data Controller
For the purposes of the UK GDPR and the Data Protection Act 2018, The Padel Inn Group Ltd (trading as Padel Inn) acts as the data controller of the personal data collected in the course of providing our services and operating our facilities.
2.2 Contact Information
If you have any questions about this Privacy Policy or our data practices, or if you wish to exercise your legal rights, please contact us at:
3.1 Categories of Data
We may collect and process the following categories of personal data:
3.2 Children and Minors
Where minors (under 18) use our facilities or participate in activities, we may collect limited personal data from a parent or guardian to ensure proper consent and safety.
4.1 Direct Interactions
You may provide personal data when you fill in forms on our website, sign up for membership, make or amend bookings, enter tournaments, or communicate with us (by
phone, email, or in person).
4.2 Automated Technologies
We may automatically collect certain Technical Data (e.g., IP addresses, browser type) via cookies, server logs, or similar tracking technologies when you visit our website. For
more details, please refer to our Cookie Policy or the relevant section below.
4.3 Third Parties and Public Sources
We may obtain personal data from third parties (e.g., analytics providers, social media platforms, booking or payment processors) or from publicly available sources, always
ensuring such collection is lawful and respects your rights.
5.1 Lawful Bases for Processing
5.1.1 Performance of a Contract
We may process your personal data when it is necessary to fulfil our contractual obligations. This includes managing memberships, handling court bookings, organising
tournaments and events, and providing any related customer services or support. For instance, if you sign up for a coaching session, we will need to process your Identity and
Contact Data to confirm your booking and keep you informed of any schedule changes.
5.1.2 Legitimate Interests
In certain situations, we rely on our legitimate business interests to process your personal data, provided that doing so does not unfairly infringe upon your fundamental
rights and freedoms. These interests may include improving the quality and efficiency of our facilities, conducting limited marketing communications related to services you
already use or might reasonably expect, preventing unauthorised use of our equipment or services, and maintaining the security of our online platforms and premises
(including the use of CCTV for crime prevention).
5.1.3 Legal Obligations
We may need to process your personal data to comply with our legal or regulatory obligations. Examples include adhering to health and safety regulations, responding to
lawful requests from public authorities, and maintaining accurate transaction records for tax or accounting requirements. Where health and safety laws mandate the
recording of incidents or accidents on our premises, we may also gather relevant information for reporting or investigative purposes.
5.1.4 Consent
If a specific purpose for processing your data does not fall under the bases of contract, legitimate interests, or legal obligations, we may seek your explicit consent. Typical
scenarios include sending you direct marketing communications that go beyond existing customer relationships, collecting health or medical information so we can tailor
coaching or fitness advice, or using photos or footage in promotional materials where you are clearly identifiable. You have the right to withdraw your consent at any time by
contacting us using the details in Clause 2.
5.1.5 Vital Interests
In rare cases, we may process your personal data to protect someone’s vital interests— such as where an urgent medical situation arises on our premises and we need to share
information with healthcare providers, especially if you are unconscious or otherwise unable to give consent.
5.2 Typical Uses of Personal Data
We may use your personal data to facilitate and enhance your experience in a number of ways. For example, we process Identity and Contact Data to administer memberships,
schedule coaching sessions, and manage tournament entries. Financial Data is used to handle payments and issue refunds, while Transaction Data enables us to track booking
history and provide relevant customer service. Where you have agreed or have an ongoing relationship with us, we may send you service-related updates, event invitations, or promotional offers that align with your booking history or membership level. We also maintain security measures such as CCTV for the safety of our customers and staff, store relevant health information if necessary for safe participation in physical activities, and analyse booking patterns or feedback to improve our facilities and develop new programmes. All such processing complies with the lawful bases outlined above and respects your privacy rights under the UK GDPR and Data Protection Act 2018.
6.1 Sharing within the Course of Business
We may share your personal data with selected third parties where this is necessary to provide our Services, protect our business interests, or comply with legal requirements.
In such cases, we ensure that these third parties agree to handle your data in a manner consistent with this Privacy Policy and in accordance with the UK GDPR and the Data
Protection Act 2018.
6.2 Third-Party Service Providers
To facilitate day-to-day operations, we may engage external providers for various tasks, including IT infrastructure, payment processing, booking systems, marketing support,
and other administrative or technical services. When we involve these providers, we share only the personal data that is strictly needed to carry out the specified activities.
Where feasible, we also put contractual safeguards in place to ensure your data remains protected and is used solely for legitimate business purposes outlined by us.
6.3 Legal and Regulatory Obligations
We may disclose your personal data when required to do so by law or when we genuinely believe such disclosure is necessary to uphold legal obligations, such as
complying with a court order, subpoena, or a request from law enforcement or a regulatory authority. Additionally, we may share data if this is required for the
prevention or detection of crime, to protect public safety, or for other compelling public interest purposes recognised under data protection legislation.
6.4 Business Transactions and Restructuring
In the event of a merger, acquisition, reorganisation, or sale of some or all of our assets or shares, your personal data may be transferred as part of the transaction. Any such
transfer will be carried out under strict confidentiality and in accordance with applicable data protection laws. Where practicable, we will provide notice and an opportunity for
you to object or opt out of the transfer if such an option is legally required or feasible.
6.5 Professional Advisers and Insurance Providers
We may disclose your personal data to our lawyers, auditors, accountants, and insurers to the extent necessary for them to provide their respective services. This could include
sharing data related to financial transactions, membership or booking disputes, and any claims or incidents occurring at our Facilities. These parties are bound by professional
or contractual duties of confidentiality and must process such data only for the purposes we specify.
6.6 Consent-Based Disclosures
Where you have explicitly given consent for a specific use or disclosure of your data— such as for marketing endorsements, customer testimonials, or media publications—we
may share your personal data in line with that consent. You retain the right to withdraw or modify your consent at any time, although any prior disclosures made based on your
original consent remain valid.
6.7 Anonymised or Aggregated Data
We reserve the right to share anonymised or aggregated data, which cannot be used to identify you as an individual, for purposes such as statistical analysis, performance
tracking, or strategic planning. Since this form of data does not reveal your identity, it typically falls outside the scope of personal data regulation.
6.8 Protection of Rights and Safety
If we believe it is necessary to disclose personal data to protect our rights, property, or safety—or that of our employees, customers, or other stakeholders—we may do so to the
extent authorised by law. Such disclosures might occur in response to suspected breaches of our Terms and Conditions, attempts to defraud us, or conduct that puts
others at risk.
7.1 Scope of International Transfers
We may on occasion need to transfer your personal data outside the United Kingdom (UK) or the European Economic Area (EEA). Such transfers might occur if, for example,
our servers or service providers are located in a jurisdiction that is different from your own. All international transfers of personal data are conducted in compliance with
applicable data protection laws, including the UK GDPR and the Data Protection Act 2018.
7.2 Adequacy Regulations and Other Safeguards
When transferring personal data to a country or organisation that is not subject to an adequacy regulation issued by the UK government, we will ensure that appropriate
safeguards are in place to protect your rights and freedoms. These safeguards may include:
7.3 Access to Further Information
If you would like additional details about the specific transfer mechanisms or safeguards we use, please contact us using the details in Clause 2 of this Privacy Policy. We will
provide such information to the extent it does not compromise any confidentiality obligations or sensitive commercial arrangements.
7.4 Your Rights in Connection with International Transfers
Where a transfer requires your explicit consent (for example, in exceptional circumstances involving sensitive data), you have the right to withdraw your consent at
any time. Additionally, you retain all other data protection rights outlined under the UK GDPR, including the right to request access to, rectification or erasure of your personal
data, and to object to or restrict certain processing activities.
We have implemented technical and organisational measures (e.g., secure servers, encryption, restricted access) to protect your personal data from unauthorised access,
misuse, or loss. Although we strive to maintain robust security, no online transmission or storage system can be guaranteed to be entirely secure.
9.1 Purpose of Retention
We will store your personal data only for as long as is necessary to fulfil the purposes for which it was collected, as detailed in Clauses 3 and 5 of this Privacy Policy. These
purposes may include managing memberships, processing bookings, ensuring health and safety, fulfilling legal or contractual obligations, and maintaining relevant records
for auditing or regulatory requirements.
9.2 Legal and Regulatory Obligations
Certain laws or regulations may require us to retain specific records for a defined period. For instance, financial and tax-related records may need to be kept for a minimum
number of years under UK tax law. Where such obligations apply, we will abide by those statutory retention requirements.
9.3 Reviewing Retention Periods
We periodically review the categories of data we hold to determine whether continued retention is necessary. Factors considered include ongoing membership, the completion
of bookings or events, the resolution of disputes or legal claims, and any relevant limitation periods under UK law. Once we conclude that retention is no longer required,
we either securely delete or anonymise the data.
9.4 Anonymisation and Aggregation
In some cases, we may decide to anonymise or aggregate data to use for internal analytics, statistical reporting, or research purposes. Anonymised data does not identify
any individual and thus falls outside the scope of personal data under the UK GDPR. We generally retain such anonymised datasets indefinitely, since they cannot be used to reidentify you.
9.5 Secure Disposal
When we determine that personal data is no longer needed, we ensure its secure destruction or deletion. For paper records, this may involve shredding or incineration,
while electronic data is erased in a manner designed to prevent recovery. If the data is stored with third-party service providers, we require them to follow equivalent disposal
methods.
9.6 Your Right to Erasure
You retain the right to request that we erase your personal data in certain circumstances, such as when the data is no longer necessary for the purposes it was collected, or where you withdraw consent (if we relied on your consent to process the data). We address such requests in accordance with Clause 10 of this Privacy Policy and
within the timeframes mandated by the UK GDPR.
10.1 Overview of Rights Under UK GDPR
You enjoy various rights under the UK GDPR with respect to your personal data. These rights are designed to give you greater control over how your data is processed.
Depending on the circumstances and the specific legal basis upon which we rely, you may be able to exercise one or more of the following rights:
10.2 How to Exercise Your Rights
If you wish to exercise any of the rights outlined in Clause 10.1, you should submit a written request to us using the contact details specified in Clause 2 of this Privacy Policy.
We may need to verify your identity before responding, especially if the request involves sensitive or extensive personal data.
10.3 Response Timeframe
We strive to respond to all legitimate requests within one month of receipt. This period may be extended by up to two further months if the request is particularly
complex or if you have made multiple requests. If such an extension is necessary, we will inform you of the reasons and provide updates on the progress of your request.
10.4 Fees and Manifestly Unfounded Requests
In most cases, you will not be charged a fee to exercise your rights. However, we may charge a reasonable fee, or refuse to comply, if your request is clearly unfounded,
repetitive, or excessive, in accordance with the provisions of the UK GDPR. We will provide a clear explanation if we decide to levy a fee or refuse to act on your request.
10.5 Interaction with Other Rights and Obligations
Your rights under the UK GDPR may be subject to certain exceptions or limitations, for example, if fulfilling your request would infringe the rights of another individual or if
the data in question must be retained to comply with a legal obligation. Where such conflicts arise, we will inform you in writing and set out the relevant legal basis for our
decision.
11.1 Purpose of Cookies
We use cookies and similar technologies on our website to improve your experience, enhance site functionality, analyse how users interact with our services, and provide
relevant marketing or promotional content. Cookies are small text files placed on your device that help the website recognise your browser or device. By using our website, you
agree to our use of cookies as described in this clause and, where applicable, any standalone Cookie Policy or notice displayed upon your first visit.
11.2 Types of Cookies Used
We may employ different types of cookies to serve distinct purposes:
If you would like more details on the specific cookies we use and their duration, please
contact us using the details in Clause 2 of this Privacy Policy.
11.3 Third-Party Tracking Technologies
We may partner with third-party service providers—such as analytics providers or advertising networks—who set their own cookies or other tracking technologies on our
site. These third parties process data in accordance with their own privacy policies, but we aim to ensure that such processing aligns with UK data protection standards. You
may wish to review the respective third parties’ policies for more information on their data handling practices.
11.4 Managing Your Cookie Preferences
Depending on your browser settings or device, you can typically manage or delete cookies and control how cookies are set on your device. You may block certain types of
cookies by activating browser settings that refuse them, although doing so could limit access to some features or degrade your user experience. Detailed guidance on how to
manage cookies in popular browsers can be found at www.aboutcookies.org or through the help menu in your browser.
11.5 Cookie Consent and Changes
For non-essential cookies, we will seek your consent via a cookie banner or similar mechanism upon your first visit to our site. You can withdraw or modify your consent
preferences at any time by adjusting your browser or device settings, or by opting out of specific cookie categories through our cookie management platform, if available. If we
make any significant changes to the way we use cookies, we will notify you by updating this clause, posting a notice on our website, or both.
11.6 Compliance with PECR and UK GDPR
Our use of cookies and other tracking technologies complies with the Privacy and Electronic Communications Regulations (PECR) and the UK GDPR. If you have any questions or concerns about our cookie practices, please contact us using the details in Clause 2 of this Privacy Policy.
Our premises may be monitored by CCTV for security, safety, and crime prevention. Video footage may be retained for a limited period under our data retention policy. Where required by law, we may share CCTV images with law enforcement or other authorised entities. We will handle all CCTV data in accordance with the Data Protection Act 2018 and the UK GDPR
We may revise this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any updates will be posted on our website with a revised “Last Updated” date. We encourage you to review this Policy periodically to stay informed about how we process your data.
14.1 Internal Resolution
If you have any concerns or complaints about how we handle your personal data, we encourage you to contact us first so we may address the issue promptly.
14.2 External Authority
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for
data protection matters. More information is available at ico.org.uk.
The Padel Inn Group Ltd (trading as Padel Inn)
Registered Office: 25 Dulverton Road, Witton, Birmingham, West Midlands, United
Kingdom, B6 7EQ
Company Number: 16221124
Email: hello@padel-inn.com
Telephone: 01217145543
