Updated April 2024

Privacy Policy

4.2 Legal Basis for Processing for Subscribers in the EEA. If you reside in the European Economic Area (“EEA”), we collect and process personal information about you only where we have a legal basis for doing so under the EU’s General Data Protection Regulation 2016/679 (“EU GDPR”) and the United Kingdom’s Data Protection Act of 2018 (“UK GDPR”). The legal basis depends on the Services you use and how you use them. This means we collect and use your personal data only where:
▪ We need it to provide you with Services, including to operate the Services, provide customer support and to protect the integrity of the Services and our technology systems where other clients, customers and subscribers are concerned;
▪ It satisfies a legitimate interest, such as for research and development, to market and promote the Services, and to protect our legal rights and interests;
▪  You give us consent to do so for a specific purpose; or
▪ We need to process your personal information to comply with a legal obligation, including our provision of Services to you under an agreement with us.
If you have consented to our use of personal information for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we have a legitimate interest in doing so, you have the right to object to that use, although, in some cases, this may mean no longer being able to use the Services.
We do not disclose and share your personal data with third parties other than as follows:
▪ Where it has been de-identified, including through aggregation or anonymization;
▪ When you instruct us to do so;
▪ With your consent, for example, when you agree to our disclosing your personal information with other third parties subject to their separate privacy policies and practices;
▪ With our Affiliated Group Companies;
▪ With third party vendors, consultants and other service providers who work with us and need access to your personal information to carry out their work function. Examples include vendors and third-party service providers who provide assistance with marketing, scheduling, billing, payment processing, data analysis, fraud detection and prevention, network and IT system security, technical support and customer service;
▪ With third party business partners who are involved in providing products and services to our Subscribers, including filling product requests, providing training or customer support, or implementing the Services.
▪ To comply with laws or to respond to lawful requests and legal process;
▪ To protect our rights and property (including that of our agents, representatives and business partners), and to enforce our agreements, policies and terms of service;
▪  In order to protect any individual’s vital interests (but only where we believe it reasonably necessary in order to protect that individual’s vital interests); and
▪ In connection with or during negotiation of any business transfer, merger, financing, acquisition, dissolution transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets to another company.
Although no company or service can guarantee complete security, we use appropriate technical and organizational measures to protect personal information that we collect and process. We have implemented information security policies, password protection protocols, rules and other technical measures to protect the personal information under our control from unauthorized access, improper use or disclosure, and unlawful destruction or accidental loss. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. While information security risks are always evolving, so are the controls. The controls that we have implemented are periodically reviewed as part of internal and external audits.
We retain personal information that we collect from you where we have an ongoing legitimate business need for doing so (for example, to comply with applicable legal requirements or to enforce our agreement with you). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it; or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. When processing personal information of End Users on behalf of Subscribers, we will retain such End User data for as long as we are required under our agreement with the Subscriber; for as long as the Subscriber asks us to retain the End User data; or as required by applicable law.
Our Services are not intended or directed to children under the age of 13. We do not knowingly collect personal information from children without prior parent consent. If you believe we may have information from a child, please contact us.
This Privacy Statement does not apply to the practices of companies that we do not own or control, or to people that we do not employ or manage. If our Services include links to third-party websites, please be aware that we are not responsible for the privacy practices of these third parties. We encourage you to familiarize yourself with the privacy policies for third-party companies so you have an understanding about how your personal information might be collected and used by them.
10.1 Privacy Rights for Subscribers. Certain privacy laws around the world, including the EU GDPR, UK GDPR and the California Consumer Privacy Act (as modified by the California Privacy Rights Act, which takes effect July 1, 2023 (together, the “CCPA”), provide users with rights related to their personal information. Consistent with those laws, we give you the choice of accessing, editing, or removing certain information, as well as choices about how we contact you. You may change or correct your account information through your account settings. You may also remove certain optional information that you no longer wish to be publicly available through the Services. You can also request to permanently close your account and delete your personal information. Depending on your location, you may also be entitled to other rights.
▪ Right to Access & Portability. You can access certain personal information associated with your account by visiting your account privacy settings. You can request a copy of your personal information by emailing us at privacy@clubessentialholdings.com with the subject heading: “Information Request.”
▪ Right to Correction. You have the right to request that we rectify inaccurate information about you. By visiting your account settings, you can correct and change certain personal information associated with your account.
▪ Right to Restrict Processing. In certain cases where we process your personal information, you may also have the right to restrict or limit the ways in which we use such information.
▪ Right to Deletion. In certain circumstances, you have the right to request the deletion of your personal information, except information we are required to retain by law, regulation, or to protect the safety, security, and integrity of the Services and our other clients or customers.
▪ Right to Object. If we process your information based on our legitimate interests as explained above, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons.
▪ Right to Withdraw Consent. Where we rely on consent, you can choose to withdraw your consent to our processing of your personal information using specific features provided to enable you to withdraw consent, like an email unsubscribe link in an email or your account privacy preferences. If you have consented to share your precise device location details but would no longer like to continue sharing that information with us, you can revoke your consent to the sharing of that information through the settings on your mobile device.
The CCPA provides California residents with the following additional rights:
▪ Right to Know. California residents may request disclosure of the specific pieces and/or categories of personal information that the business has collected about them, the categories of sources for that personal information, the business or commercial purposes for collecting the information, the categories of personal information that we have disclosed, and the categories of third parties with which the information was shared.
▪ Right to Opt-Out of the “Sale” of Personal Information. We do not “sell” personal information as that term is traditionally understood. We also do not knowingly “sell” personal information of consumers under 16 years of age. settings.
Limiting use of, or deleting, your personal information may impact features and functionalities that rely on that information. However, we will not discriminate against you for exercising any of your rights, including otherwise denying you use of the Services, providing you with a different level or quality of Services, or charging you a different price.
10.2 Privacy Rights of End Users. If you are an End User and the personal information pertaining to you as an individual has been submitted to us by or on behalf of a Subscriber, and you wish to exercise any data protection rights you may have with respect of such data under applicable law – including the right to access, port, correct, amend or delete such data – please send your request directly to the Subscriber with whom you have a business relationship. We have limited ability to access or correct a
Subscriber’s content or data. If, as an End User, you make your request directly to us, please provide the name of the Subscriber who submitted your personal information to our Services, and we will refer your request to that Subscriber and support them as we are able in responding to the request in a reasonable timeframe.
10.3 Exercising Your Privacy Rights. If you would like to manage, change, limit or delete your personal information, you can do so via your account settings in the Services. Alternatively, you can exercise any of the rights above by contacting us at privacy@clubessentialholdings.com.
10.4 Verification Procedures. To help protect privacy and the security of your personal information, we may ask you to provide us with additional information to verify your identity and/or ownership rights before we fulfill your privacy rights request. If we cannot verify your identity or your ownership rights in the data, we may not be able to act on your request until proper documentation is provided.
10.5 How to Opt Out from our Marketing. You can opt out from receiving marketing communications from us by:
▪ Clicking on the unsubscribe link within each marketing email;
▪ Updating your communication preferences within the Services (go to the account settings menu); or
▪ By contacting us directly to have your contact information removed from our distribution list.
Please note that even after you opt out from receiving marketing messages from us, you may continue to receive generic (non-targeted) ads and transactional (non-promotional) messages from us regarding our business relationship with you.
We reserve the right to store and process your personal information in the United States and in any other country where we, our Affiliated Group Companies and our third-party service providers have operations in accordance with and as permitted by applicable privacy laws. Some of these countries may have privacy or data protection laws that are different from the laws of your country (and, in some cases, may not be as protective). When we transfer, store or process personal information outside of your jurisdiction (including to or in the United States), we take appropriate safeguards to require that your personal information remains protected in accordance with this Privacy Statement and applicable privacy laws.
Some of these recipients of your personal information are located in countries for which the European Commission and the United Kingdom Government (as and where applicable) have issued adequacy decisions, which means that these countries are recognized as providing an adequate level of data protection under applicable United Kingdom and/or European data protection laws and the transfer is therefore permitted under Article 45 of EU GDPR.
Other recipients of your personal information are located in countries outside the EEA or United Kingdom that are not the subject of an adequacy decision, for example, the United States. In these cases, we may use the Standard Contractual Clauses approved by the European Commission or, as applicable, the International Data Transfer Agreement approved by the United Kingdom Government, to help ensure your personal information is protected. Please contact us for additional information about the transfer safeguards we and our Affiliated Group Companies rely on.
12.1 Shine the Light. California law entitles residents to ask for notice describing what categories of personal information we share with third parties for their own direct marketing purposes. We do not share any personal information with third parties for direct marketing purposes.
12.2 Notice of Collection. In addition to the rights and choices described above in Section 10, the CCPA requires disclosure of the categories of personal information collected over the past 12 months. While this information is provided in greater detail in Section 3, titled “Personal Information That We Collect,” the categories of personal information that we have collected (as described by the CCPA) are:
▪ Identifiers, including name, email address, location name, physical address.
▪ Other individual records such as phone number, billing address, or credit or debit card information. This category includes personal information protected under pre-existing California law (Cal. Civ. Code 1798.80(e)) and overlaps with other categories listed here.
▪ Demographics, such as your age or gender. This category includes data that may qualify as protected classifications under other California or federal laws.
▪ Commercial information, including purchases, transaction data, and engagement with the Services.
▪ Internet activity, including your interactions with the Services and what led you to those Services.
▪ Sensory visual data, such as pictures posted on the Service.
▪ Geolocation data provided through location enabled services such as WiFi and GPS.
▪ Inferences, including information about your interests, preferences and favorites. 12.3 Sources and Purposes for Our Collection. We collect these categories of personal information from the sources described above, and we use these categories of personal information for our business and commercial purposes as described in Section 4, titled “How We Use Personal Information,” including providing and improving the Services, maintaining the safety and security of the Services, processing payments and sales transactions, and for marketing purposes. 12.4 “Do Not Track” Signals. Some browsers have incorporated Do Not Track (“DNT”) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to browser DNT signals. You can use the range of other tools we provide to control data collection and use, including the ability to opt out from receiving marketing from us as described above. 12.5 Accessibility. If you have a disability and would like to access this policy in an alternative format, please contact us by email at privacy@clubessentialholdings.com.
We may update this Privacy Statement from time to time, so you should check back periodically. If we make changes that are material, we will provide you with appropriate notice before such changes take effect.
Your information is controlled by Clubessential Holdings, LLC and the Affiliated Group Company with whom you have a business relationship. If you have questions about this Privacy Statement or our privacy practices, please direct your inquiry to Clubessential Holdings, LLC and the relevant Affiliated Group Company at the contact information listed below.
UNITED STATES Clubessential
Clubessential, LLC
Attn: Privacy Team
4600 McAuley Place, Ste. 350
Cincinnati, OH 45242
Email: privacy@clubessentialholdings.com
ClubReady, LLC
Attn: Privacy Team
14515 North Outer Forty, Ste. 300
Chesterfield, MO 63017
Email: privacy@clubready.com
Golf Compete, Inc. d/b/a foreUP
Attn: Privacy Team
1064 S N County Blvd., Ste. 260
Pleasant Grove, UT 84062
Email: privacy@foreup.com
Vermont Systems
RecTrac, LLC d/b/a Vermont Systems
Attn: Privacy Team
12 Market Place
Essex Junction, VT 05452
Email: privacy@vermontsystems.com
Innovatise GmbH
Attn: Privacy Team
Goethestraße 4-8
60313 Frankfurt am Main
Email: privacy@innovatise.com
TAC Informatiostechnologie GmbH
Attn: Privacy Team
Schildbach 211
8230 Hartberg, Austria
Email: privacy@tac.eu.com
Exerp ApS
Attn: Privacy Team
Rued Langgaards Vej 8, 2 Floor
2300 Copenhagen, Denmark
Email: dpo@exerp.com
EEA Representative
Attn: Lawrence Goodman