ManageMyMatch Data Protection & Privacy

Introduction

The information you provide about yourself and family members is controlled and processed by ManageMyMatch and is subject to data protection laws and regulations as stipulated by the European General Data Protection Regulation (GDPR).

If you are under 16 then you MUST be a "family member" to use this service. Your "family head" takes responsibility in understanding your privacy rights and agreeing to your use of this service. Look in My account to confirm who your family head is.

ManageMyMatch is a web-based service provided by Affinity Resource Group Ltd who can be contacted at support@managemymatch.com. If you have any questions, complaints or requests concerning your data please contact us.

Summary

You provide ManageMyMatch with information about you (e.g. name, email etc) as well as data concerning your sporting activities that is recorded as a result of your use of this service. The main reason for this is to provide you with a useful, personalised, engaging experience when using the service. ManageMyMatch takes appropriate steps to process your data responsibly and securely. Your consent is our lawful basis to process your data.

We share your data in a number of ways:

  1. With clubs that you join. Your club may (and probably does) choose to electronically download, store and process for themselves all or any of the data held in ManageMyMatch that is relevant for the club including your personal data. Please defer to your club concerning their use of your data.
  2. With other members of the club(s) that you join, but only to the extent that they may be able to see what activities you participate in. Members with whom you have matches organised through ManageMyMatch will also have access to your phone and email so that they may contact you.
  3. ManageMyMatch makes use of external services for some of its functions. Such data is generally only held by 3rd parties in limited scope and for relatively short periods of time.

We also ask to establish your precise location solely for the purposes of identifying when you are physically at your club. This allows ManageMyMatch to provide you with additional useful functions (like extending a booking) that are relevant when on club grounds. Your location is used transiently and never recorded. You may choose to deny access to your location when prompted.

Detail

Data collection, processing and accessibility

Not only do you provide ManageMyMatch with personally identifiable data (e.g. your name, phone number etc) but by interacting with the service ManageMyMatch collects, processes and retains detailed information about what sports activities you have engaged with. For example, if you participate in a tournament, ManageMyMatch will record how you performed in that tournament as you enter your match results. Additionally, in order to provide a high level of support and to allow application usage analysis, detailed information is also collected on your use of the service.

Whilst all of this data is available to authorised ManageMyMatch staff, much of it is also available to club officials and some of it to fellow members of clubs to which you belong. In summary:

  • Fellow members of clubs may have access to:
    • The activities with which you have engaged, how you have performed in these and the record of the matches you have played
    • Upon your consent, relative performance and ranking data
    • Messages that you send to fellow members, though these are only accessible to those that fall within the context of the message (i.e. a message to your box league participants)
    • Players with whom you have matches organised (through ManageMyMatch) will have access to your primary phone number and email. Otherwise, other members do not have access to your personal details.
  • Your club additionally has access to:
    • Your personal details: email, primary and secondary phone numbers, address, sex and DoB
    • Relative performance and ranking data (no additional consent sought)

The data that ManageMyMatch collects as a result of your usage of the service is used only to provide you, your club and your fellow members with both a useful picture of your engagements as well as to control and guide your participation with events that your club provide. If any data is to be used outside of this context you will be asked for your specific permission. An example of this is for your match results to be sent to outside ranking agencies.

If you leave a club, your details will no longer be available to the club or any of its members. However, your name will continue to be associated with past activities you engaged in. If you remove your ManageMyMatch account all your personal data is erased and your past activities are anonymised making you unidentifiable in ManageMyMatch. Data removal takes some time to filter out of the back-up cycles that ManageMyMatch maintains, but this clears after a 2 week period. No physical/paper copies of your data are maintained.

Your personal data can be changed/updated by you at any time and ManageMyMatch makes every effort to ensure your activity data is up to date and correct. If you feel anything needs correcting please contact us at support@managemymatch.com.

Data shared with your club(s)

When you join a club with ManageMyMatch, that club may choose to extract your data from ManageMyMatch and use it for their own purposes to better provide you with their services. Infact, this is very likely the case and ManageMyMatch specifically facilitates this in the following ways (all of which are optional to the club):

  1. Computer readable dowloads of your details are available in their management console
  2. Your details together with any purchase records recorded through ManageMyMatch may be transferred to a club-managed Point-Of-Sale (POS) system
  3. Details of any Credit card payments made via ManageMyMatch will be transferred to a club's payments processing system
  4. Details of your name and access key will be transferred to a club's access control system
  5. Personal details together with event participations and subscriptions may be transferred to a club's email management system

Please defer to your club to understand which, if any, of these facilities are used so that you can be aware of how your data is being shared with your clubs. Once shared, your club is the controller of that data which has a separate life beyond ManageMyMatch. For example, leaving your club on ManageMyMatch has no effect on the data that has previously been shared with your club.

Data shared with other organisations

ManageMyMatch makes use of several external services in the day to day execution of its functions. This does involve sharing some of your data with other organisations but only strictly for the purposes of executing a specific function. Sending Email alerts would be an example. These external organisations have appropriate privacy policies that protect your data as it is processed on behalf of ManageMyMatch.

Data storage and security

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and other data stored on ManageMyMatch servers.

Card payments

In order to make payments to your club, ManageMyMatch allows you to enter credit or debit card details and to make on-line payments with your cards.

In keeping with strict PCI DSS standards ManageMyMatch is fully compliant. Key to this standard is the fact that your card details are NEVER sent or stored on ManageMyMatch servers. We off-load all the complex security implications of web payments to a third party called Stripe which is a major player in this context. Stripe handles billions of dollars for businesses around the world.

When a user adds credit to their club account, ManageMyMatch merely facilitates the transaction (from Stripe to the club's accounting system) through its integrated web interface for your convenience.

Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, they make use of best-in-class security tools and practices to maintain a high level of security.