Skratchr Logo

Privacy & Data Policy

Effective Date: January 1, 2025
Last Updated: January 1, 2025

1. Purpose of This Policy

This Privacy & Data Policy explains how Skratchr Ltd ("Skratchr", "we", "our", "us") collects, uses, stores, and protects your personal data when you use our mobile app, website, and related services.

We comply with:

  • UK GDPR (2021)
  • EU GDPR (2018) (where applicable)
  • UK Data Protection Act (2018)
  • PECR / ePrivacy Regulations

2. Data We Collect

Category Examples Purpose
Account Data Name, email, username, profile photo, password To create and manage your account
Golf Data Scores, course names, badges, equipment, handicap To track and display your performance
Partner Data Verified handicap status via WHS/MyGolf integrations To validate authenticity of records
Device & Usage Data Device ID, IP address, app logs, crash reports To maintain security and improve performance
Location Data (optional) GPS location (when enabled) To show nearby courses, events, and partners
Marketing & Communication Data Preferences, in-app messages, emails To send service updates and optional offers

We do not collect special category data (e.g. health, ethnicity, religion).

3. How We Use Your Data

We process data to:

  • Provide app functionality and personalise user experience;
  • Enable golf round tracking, badges, and leaderboard features;
  • Verify handicap data through authorised systems;
  • Send service updates, community news, and feature information;
  • Improve performance and detect misuse;
  • Comply with legal obligations.

4. Legal Basis for Processing

Under UK GDPR, our lawful bases include:

  • Consent – for optional features such as marketing or location tracking.
  • Contract – to deliver the app's core functionality.
  • Legitimate Interests – to improve and secure the platform.
  • Legal Obligation – where required by regulators or law enforcement.

5. Data Sharing and Third Parties

We may share data with trusted partners only where necessary:

Recipient Purpose Location
Cloud Hosting (AWS, Azure, etc.) Secure storage and operation UK/EU or approved SCC regions
Analytics Providers (e.g. Google Analytics, Mixpanel) Usage analytics and performance EU/US (with SCCs)
Golf Data Integrations (e.g. WHS, My England Golf) Handicap verification UK/EU
Marketing Platforms (e.g. Mailchimp, Meta Ads) Communication and user engagement UK/EU/US (SCCs applied)
Payment Processors (if applicable) Paid services, events UK/EU

We do not sell, rent, or trade your data.

6. International Transfers

If data is transferred outside the UK/EEA, Skratchr ensures adequate protection using:

  • UK/EU Adequacy Decisions, or
  • Standard Contractual Clauses (SCCs) approved by the ICO and European Commission.

7. Data Retention

We keep data only as long as necessary for the purposes collected:

  • Account data – retained while your account is active.
  • Deleted accounts – permanently erased within 30 days.
  • Backup data – securely deleted within 90 days.
  • Legal or compliance records – retained for up to 6 years where required.

8. Your Rights

Under GDPR, you have the following rights:

  • Access – request a copy of your data.
  • Correction – amend inaccurate data.
  • Deletion – request deletion ("right to be forgotten").
  • Restriction – limit data processing.
  • Portability – request data transfer in a readable format.
  • Objection – object to processing or marketing.
  • Withdraw Consent – at any time for optional features.

To exercise your rights, email: privacy@skratchr.com

9. Cookies and Tracking

Skratchr uses cookies or SDKs to:

  • Remember login sessions;
  • Measure app performance and engagement;
  • Provide personalised experiences.

You can control or delete cookies through your device or browser settings.

10. Data Security

We use industry-standard security measures, including:

  • Encrypted connections (HTTPS/TLS);
  • Secure password hashing and token-based authentication;
  • Access controls and audit logging;
  • Regular security testing and monitoring.

Despite best efforts, no system is completely secure.

11. Children's Data

Skratchr is not intended for users under 16 years old.

If we learn we have collected data from a child under 16 without consent, we will delete it immediately.

12. Changes to This Policy

We may update this Policy from time to time.

Significant updates will be communicated through the app or by email.

13. Contact and Complaints

For questions or requests regarding your data:
?? connect@skratchr.com

If you are unsatisfied with our response, you can contact:

Information Commissioner's Office (ICO)

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

?? 0303 123 1113

?? https://ico.org.uk

14. Version Control

Policy Version: 1.0
Effective From: January 1, 2025