PlayHQ

Privacy Policy

Table of Contents

  1. Introduction

    PlayHQ wants you to be familiar with how we collect, use and disclose your personal data (sometimes also referred to as “personal information”). We are committed to protecting your privacy and handling your personal data in accordance with applicable privacy laws, including the Australian Privacy Act 1988 (Cth), the General Data Protection Regulation (EU) 2016/679 (GDPR), and the The UK General Data Protection Regulation (UK GDPR).

    This privacy notice (“Notice”) explains how we collect, use, disclose, and protect your personal information, and should be read in conjunction with our Terms of Use.

    This Notice has been drafted as to be applied to our operations and personal information processing activities globally. Our personal data processing activities may be more limited in some jurisdictions due to restrictions imposed under local laws. For example, the laws of a particular country may limit the types of personal data we can collect or the manner in which we process that personal data. In those instances, we may adjust our internal policies and/or practices to adapt to the requirements of the relevant local law. It is important that you read this Notice carefully, together with any other privacy notice or fair processing notice we may provide to you on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your personal data. This Notice supplements other notices and privacy notices and is not intended to override them.

    We may update this Notice from time to time by posting an updated version on our website, and will endeavour to notify you where changes are material. We encourage you to check our website regularly to ensure that you are familiar with and aware of the terms of our current Notice.

  2. About Us

    We are PlayHQ Sports Pty Ltd ABN 11 624 565 359, a developer and provider of sports management software for community sport (“PlayHQ”, “we”, “us” or “our”).

    Our head office is situated at Level 8/360 Elizabeth St, Melbourne VIC 3000, Australia. Our website, www.playhq.com, and the PlayHQ sports management software platform are provided by us (our “Website”).

    We act as both a data controller and a data processor for the personal information we collect about you. This means that in some cases, where we are the controller, we determine the purposes and means of processing your personal data in compliance with applicable data protection laws, whereas in other cases we are acting as a processor upon the direction of third parties, such as sporting organisations or bodies.

    This Notice sets out our responsibilities where we are the controller of, and responsible for, your personal data.

  3. Our Contact Details

    Please contact us as follows:

    • By mail: Level 8/360 Elizabeth St, Melbourne VIC 3000, Australia
    • By email: help@playhq.com

  4. Data Protection Officer

    PlayHQ has appointed a Data Protection Officer (DPO) to oversee our data protection strategy and ensure compliance with data protection laws. Our DPO can be contacted at:

    • By mail: Level 8/360 Elizabeth St, Melbourne VIC 3000, Australia
    • By email: help@playhq.com

    The DPO's responsibilities include:

    • Monitoring compliance with data protection laws
    • Advising on data protection obligations
    • Providing advice regarding Data Protection Impact Assessments (DPIAs)
    • Acting as a contact point for data subjects and supervisory authorities

    You should contact our DPO for any concerns about how we process your personal data or questions about exercising your data protection rights.

  5. Scope of this Policy

    This Notice applies to our interactions with individuals (otherwise referred to as “Data Subjects”) in the context of our business operations. This includes (but is not limited to):

    • visitors to our Website;
    • users of our Mobile Applications (“apps”);
    • individuals who engage with us, whether by on- or offline means, to inquire about our platform and / or services (including (but not limited to) for the purposes of receiving a demonstration of and / or to purchase same and / or to set up new accounts or services with us);
    • individuals who engage with us, including by offline means, for purposes related to their business relationship with us, including (but not limited to) for the purposes of service provisions and / or customer support; and
    • representatives of our partners, advisers and other service providers.

  6. What is Meant by "Personal Data" or "Personal Information"?

    Personal data is information which identifies you as an individual. Examples of personal data include anything which may identify you, such as your name, address, bank account details, internet protocol (IP) address, username or another identifier.

    Some personal data is unique to you and therefore requires greater protection. This data is referred to as sensitive or special category data which includes information regarding your health, genetic or biometric information, religious or philosophical beliefs, race, or ethnicity to provide a few examples. Further information about sensitive or special category data is given at section 12.

  7. How We Collect Information About You

    In order for us to provide our services and to operate effectively, we may collect information about you. The data we collect depends on the context of your interactions with us and the choices that you make, including your privacy settings and the features that you use.

    We collect personal data from you:

    1. Directly

      We may collect personal information when you:

      • enter, provide or send us information, such as when register for an account with us and / or provide information relating to sporting activities such as performance information and results;
      • engage or receive, or enquire about engaging or receiving goods or services from us;
      • request information about us;
      • contact us (including via email and / or our online contact forms, via SMS or social applications (such as Facebook and LinkedIn), or via offline methods, including by telephone, for example, to access customer support services, provide us with feedback or other information including requests for media partnerships;
      • invest in our business or enquire as to a potential purchase of our business.

    2. Indirectly

      Where possible, we collect your personal information directly from you. However, there may be occasions when we collect personal information about you from another entity, such as the sporting organisations we partner with or, in the case of a minor, from an authorised parent or legal guardian.

      We will also collect information we learn about you through our relationship with you and the way you interact with us.

      We will also collect information relating to your browsing activity while on our Website or mobile applications; we will usually collect such information indirectly using the technologies explained in section 23 below.

      In some circumstances we may also receive information from:

      • other companies supplying services to us (including, but not limited to, providers of technical, payment and delivery services and background checks);
      • data analytics used to improve our Website, products/services, marketing, customer relationships and experiences; and / or
      • publicly accessible social media networks such as Facebook, Instagram, LinkedIn, Google, and Twitter.

    If you are providing personal information on behalf of someone else, you must have the consent of that person to provide their personal information to us to be collected, used, and disclosed in accordance with this Notice. It is your responsibility to ensure that you have the authority to share personal data about third parties with us.

    If you are providing personal information on behalf of someone under the age of 13 (a "Minor"), you must be that Minor’s parent or legal guardian and you must provide consent for the Minor’s personal information to be collected, used and disclosed in accordance with this Notice before sharing any such personal data with us.

  8. Children

    As a developer and provider of software to support community sport, we collect personal data relating to persons of all ages, including Minors. Our Website and mobile applications are designed to ensure the privacy and safety of Minors. If you are under the age of 13, the consent and supervision of a parent or guardian will be required before our services can be used. The consent of a Minor’s parent or legal guardian must be validly given before personal data relating to the child is provided to us.

    If you believe we have collected data from or relating to a Minor without appropriate consent, please notify us immediately at help@playhq.com so that we can take appropriate action.

  9. Types of Information We Collect

    We may collect, use, store and transfer different kinds of personal information about you depending on our relationship with you and the jurisdiction in which you are located. This can include:

    CategoryData Points
    Business Contact DataIncludes business contacts details including business email address, postal address and telephone number, relevant team and / or department.
    Communications DataSuch as records of your contact with us whether a query, inquiry, feedback, compliment, or complaint and any other information you voluntarily provide, including online or through other communication methods.
    Compliance DataReference numbers for background checks, as well as outcomes
    Contact DataIncludes email address, postal address and / or telephone number.
    Emergency Contact DataIncludes email address, postal address and / or telephone number of emergency contact, next of kin information and information relating to familial connection / relationship.
    Identity DataIncludes name, date of birth, username or similar identifier, marital status, title, date of birth, gender, data relating to familial connections / relationship.
    Image DataIncluding profile photographs and photographs, images and video footage from clubs and sporting events and activities.
    Marketing DataIncludes your preferences in receiving marketing from us, including our newsletter, and your communication preferences.
    Profile DataIncludes username, purchases or orders made, interests, preferences, feedback, information that you provide including information provided at the time of registering for an account with or to use our services.
    Special Category DataIncluding information relating to gender, ethnicity, disability status, and any health or injury details which may relate to participation in sport.
    Survey Response DataIncludes responses to surveys and questionnaires
    Technical DataIncludes IP address, network activity across our platforms including our Website, your login data, browser type and version, time zone setting and location, browser plugin types and versions, operating system and platform, and other technology on the devices you use to access our Website and mobile applications.
    Transactional DataInformation about the services we provide and those we purchase; details about invoices and payments for products and services purchased from us.
    Usage DataIncludes information about how you use our Website and mobile applications, your searches on the Website and your online activity based on your engagement with our Website and interaction with us.

    In certain cases, we may also collect other information, including information about third parties, and any other information, when you provide that to us.

  10. Sensitive or Special Category Data

    Sensitive or special category data is personal data that needs more protection because it is sensitive. We may process sensitive personal data about you only where processing is necessary, for example to fulfill our legal obligations (e.g., compliance with employment or health and safety laws).

    We will only process that sensitive personal information about you in such jurisdictions and if and to the extent permitted or required by applicable law.

    We have implemented appropriate policies and safeguards, as required by law, to ensure the secure and lawful processing of sensitive and special category data. For more information on these safeguards, or to request further details about how we handle this type of data, please contact us using the contact details provided in this Notice.

  11. How We Process and Use Your Information

    We need your personal information to conduct our business and provide you with our Website, mobile applications and services. Most commonly we will use your personal information in the following circumstances:

    • Where you have consented before the processing
    • Where we need to perform a contract we are about to enter or have entered with you, for example, to fulfil a transaction or provide services to you.
    • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
    • Where we need to comply with a legal or regulatory obligation.

    We will only collect, process and/or use the personal information where we are satisfied that we have an appropriate legal basis to do so.

    Where we ask you for your consent to enable us to process your personal information, you are not required to provide that consent. However, where such consent is not provided, we may not be able to collect and process certain personal data about you which may limit or prevent our ability to interact with you.

    EEA and UK residents: For more information on how and why we use and process your personal information see the section called "Additional Information for UK and EEA Residents" below.

    US residents: For more information on how and why we use and process your personal information see the section called "Supplemental Information for U.S. Residents" below.

    Canadian residents: For more information on how and why we use and process your personal information see the section called "Supplemental Information for Canadian Residents" below.

  12. Withdrawing Consent

    If we rely on your consent to process your personal information you have the right to withdraw that consent at any time. You can withdraw your consent by contacting us at help@playhq.com.

    Please note that this will not affect the lawfulness of the processing before the point at which you withdraw your consent nor, when applicable law allows, will it affect the processing of your personal information on the basis of any other lawful ground other than consent.

    For more information on Consent in US states see: "Consent Requirements Regarding Targeted Advertising, Sale of Personal Information, and Sensitive Data Processing" below in this Notice.

  13. Safeguarding Your Personal Data

    We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We will review, monitor and update these security measures to meet our business needs, changes in technology and regulatory requirements. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties that have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.

    Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we do not have any control over what happens between your device and the boundary of our information infrastructure. You should be aware of the many information security risks that exist (including, but not limited to, when you contact us by email) and take appropriate steps to safeguard your own information.

    We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

  14. Retention of Personal Data

    We will keep your personal information for no longer than is necessary to fulfil the purposes we collected it for as outlined in this Notice, or to comply with applicable legal, accounting, regulatory, contractual or reporting requirements.

    To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information involved, the risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. Retention periods vary depending on such factors, as well as in respect of jurisdictional requirements. For example, personal data may be retained longer where required by laws in the United States (e.g., tax or employment laws) or the United Kingdom (e.g., data protection and employment regulations).

    Once retention periods have elapsed, we securely delete, anonymise, or archive personal data in accordance with applicable data protection laws, including Australian data privacy laws, GDPR and UK GDPR, as well as U.S. state-specific privacy laws such as the California Consumer Privacy Act (CCPA). If you require further details on specific retention periods, please contact us using the information provided below.

  15. Who We Share Your Data With

    Insofar as reasonably necessary for us in carrying out and delivering our services and for the purposes set out in this Notice, we may share your personal data with the below parties that help us manage our business and deliver our services:

    • Service providers, including those offering IT, system administration, and software services;
    • Payment service providers, involved in the processing and completion of payment transactions;
    • Third parties involved in the provision of our services, such as Cricket Australia or the AFL, as well as merchandising providers, such as TPF;
    • Analytics providers, such as Google Analytics, to assist us with analytics over our Website and mobile applications;
    • Suppliers and administrative support, third parties, employees, agents, subcontractors, and professionals who provide products, services, and administrative support to us;
    • Regulatory and legal authorities, such as law enforcement agencies, judicial bodies, tax authorities, or other government and regulatory entities, where required by law;
    • Parties who support, advise or are otherwise involved in our business transactions: for example as part of a proposed sale, reorganisation, transfer, financial arrangement, asset disposal, or similar transaction related to our business or assets; and
    • Other parties (with your permission): We may share data with other third parties explicitly authorised by you.

    This list is non-exhaustive, and there may be other situations where we need to share your personal data to effectively provide our services. This may also include disclosing your personal data to third parties where needed in an emergency such as in a situation where we reasonably believe that disclosure of your information is necessary to lessen or prevent a serious threat to the life, or to the health or safety of any individual, or to public health or safety, and it is unreasonable or impracticable to obtain your consent.

    We only allow those parties / organisations to handle your personal data if we are satisfied they take appropriate measures to protect it. We also impose contractual obligations on them to ensure they can only use your personal data to provide services to us and, where applicable, to you.

    We or the third parties mentioned above occasionally also share personal data with:

    • our and their external auditors, e.g., in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations;
    • our and their professional advisors, in which case the recipient of the information will be bound by confidentiality obligations, for example (but not limited to circumstances) where reasonably necessary for the establishment, exercise or defence of a legal claim;
    • law enforcement agencies, courts, tribunals, and regulatory bodies to comply with our legal and regulatory obligations, for example where we are required to disclose information under a subpoena, court order or other mandatory reporting requirements;
    • other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised, but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations.

    We will not share your personal data with any other third party without your consent.

    The specific kind of information we share will depend on your activities with us and only to the extent as required or permitted by law, and/or with your consent.

    Please note however that this Notice does not apply to sharing of personal information by third party providers who may collect personal information from you and may share it with us. In these situations, we strongly advise you to review the applicable the relevant third-party provider’s privacy notice before submitting your personal information.

  16. Transfer of Personal Data Overseas

    We primarily store personal information on servers located within the same region as our users. For Australian users, this means personal information is primarily stored in Australia; for users in the European Union and UK, this means personal information is stored primarily within the European Union.

    However, we operate globally, and certain aspects of our information processing and data storage may be centralised in countries outside your own. This means that we may have to share and transfer your personal information from one country to another, or even across multiple jurisdictions including Australia, North America, the UK and countries within the European Economic Area (EEA). Your personal information may therefore be subject to privacy laws that are different from those in the country where the personal information is collected or those in your country of residence.

    To safeguard your personal information, we ensure that all international transfers comply with applicable data protection laws, including Australian data privacy laws, the UK GDPR, EU GDPR, and relevant U.S. privacy regulations. We undertake thorough due diligence and risk assessments before any data transfer, ensuring your information has an appropriate level of protection. Where required, we implement legal safeguards such as Standard Contractual Clauses (SCCs) or other approved mechanisms to ensure your data is handled securely and lawfully.

    You can find more details of the protection given to your information when it is transferred overseas by contacting us at help@playhq.com.

  17. Third-party Services, Websites and Links

    This Notice does not apply to sharing of personal information by third party providers who may collect personal information from you and may share it with us. In these situations, we strongly advise you to review the applicable the third-party provider’s privacy notice before submitting your personal information.

    You should be aware that information about your use of our website (including your IP address) may be retained by your ISP (Internet Service Provider), the hosting provider and any third party that has access to your Internet traffic.

    Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

  18. Automated Decision Making

    We do not use automated decision-making processes.

  19. Opting Out of Marketing

    If you provide us with your contact details (e.g. email address), we may contact you to let you know about our services and events that we think you may be interested in.

    You can unsubscribe from our marketing and promotional communications by clicking on the unsubscribe link in the emails or by contacting us at help@playhq.com

    Please note that it may take up to 7 days for your request to opt out from receipt of marketing communications to be fully processed.

    If you wish to opt out of other forms of communication or have any issues with unsubscribing, you can contact us directly at help@playhq.com. We will process your request promptly in accordance with applicable data protection laws, including Australian data privacy laws, the UK GDPR, the EU GDPR, and relevant U.S. privacy laws such as the CAN-SPAM Act and CCPA, where applicable.

    Please note that opting out of marketing communications does not affect transactional or service-related communications necessary for the performance of a contract or other legitimate purposes.

  20. Cookies and Tracking Technologies

    Each time you interact with our Website, we may, depending on the consent provided and your jurisdiction, automatically collect personal information, including technical data about your device, your browsing actions and patterns, content and usage data. We collect this data using Cookies, server logs and other similar technologies like pixels, tags and other identifiers in order to remember your preferences, to understand how our Website is used.

  21. Your Rights

    In some regions and states, such as the EEA and UK, you have rights that allow you greater control of and access to your personal information.

    These rights may include the right:

    • To request and obtain a copy of your personal information
    • To request rectification and/or erasure
    • To restrict processing of your personal information
    • Data portability

    In certain circumstances you may also have the right to object to the processing of your personal data. You can make a request to exercise your rights by contacting us at help@playhq.com.

    We will consider and act upon any requests in accordance with applicable data protection laws.

    For more information about your rights in specific locations, please refer to the sections below.

  22. Supplemental Information for US Residents

    This section applies to individuals residing in the United States, with specific provisions for residents of states with enacted privacy laws. This notice outlines how we process personal information, including our practices related to consent, and the rights granted to residents under various state laws, including California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, New York, Nevada, Oregon, Rhode Island, Tennessee, Texas, Utah, Vermont, and Virginia.

    1. US Residents' Rights

      US residents in certain states have specific rights regarding their personal information. These rights vary depending on the state, as indicated below.

      • Right to Know

        The right to request information on the categories and specific pieces of personal information we have collected, used, disclosed, or shared, as well as the sources, purposes, and third parties involved.

        (California, Colorado, Connecticut, Iowa, Utah, Virginia)
      • Right to Access

        The right to access copies of personal information held by us.

        (California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, New York, Nevada, Oregon, Rhode Island, Tennessee, Texas, Utah, Vermont, Virginia)
      • Right to Correct

        The right to request corrections to inaccurate personal information.

        (California, Colorado, Connecticut, Iowa, Utah, Virginia)
      • Right to Delete

        The right to request deletion of personal information, subject to legal limitations and exceptions.

        (California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, New York, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia)
      • Right to Opt-Out of Sale or Sharing

        The right to opt-out of the sale or sharing of personal information for purposes such as targeted advertising or profiling.

        (California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Minnesota, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Vermont, Virginia)
      • Right to Limit Use of Sensitive Personal Information

        California residents have the additional right to limit the use and disclosure of their sensitive personal information to purposes specified under the CPRA.

        (California)
      • Universal Opt-Out Mechanism

        The right to use a universal opt-out mechanism to signal privacy preferences across platforms (where applicable).

        (California, Colorado, Connecticut, Iowa)

    2. Consent Requirements Regarding Targeted Advertising, Sale of Personal Information, and Sensitive Data Processing

      In accordance with various state privacy laws, we provide consumers with the right to opt out of the use of their personal information for targeted advertising or its sale to third parties. While these laws do not always require upfront consent, they ensure that consumers have control over how their data is used for these purposes. Additionally, certain states require explicit consent to process "sensitive" personal information, which may include data such as race, ethnicity, health information, biometric data, and, in some cases, precise geolocation. We are committed to respecting these rights, providing options to manage the use of your personal information, and ensuring that your sensitive data is only processed in compliance with applicable legal requirements.

    3. Shine the Light Law and Similar Requirements

      Under California's Shine the Light law (California Civil Code Section § 1798.83), California residents are entitled to request and receive information regarding certain types of personal information that we share with third parties for their direct marketing purposes.

      In addition to California, the following states have similar, though narrower, laws concerning data transparency or opt-out rights:

      • Nevada: Nevadan law allows residents to opt-out of the sale of their personal information to third parties. While this law does not require detailed disclosures about data sharing for direct marketing, Nevada residents may request that we refrain from selling their personal data. For opt-out requests, please contact us at help@playhq.com.
      • Vermont: Vermont’s law requires data brokers to disclose certain data-sharing practices and allows residents to opt-out of the sale of personal information if their data is collected by a data broker. Vermont residents may contact us at help@playhq.com for more details on our data-sharing practices.

      To make a Shine the Light request or exercise similar rights under Nevada or Vermont law, please contact us at help@playhq.com including "Shine the Light Request" or "Data Sharing Request" in your subject line.

      Please specify the nature of your request (e.g. Shine the Light, Nevada Opt-Out, or Vermont Disclosure Request) and include sufficient details in your request to help us identify your records. We will process and respond to your request within the required timeframes.

      Note that we may require additional information to verify your identity before processing certain requests. Once verified, we will respond within the timeframe specified by the relevant state law.

  23. Supplemental Information for Canadian Residents

    This section applies to residents of Canada and addresses federal and provincial privacy requirements, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. This is part of our commitment to protect personal information and ensure transparency about how we process it.

    1. Scope of This Privacy Section

      This section applies to personal information collected, used, and disclosed by us in the course of commercial activities and to fulfil obligations under applicable Canadian privacy laws, including:

      • PIPEDA (Federal): applies across Canada, except where provincial privacy laws supersede it.
      • Provincial Privacy Laws: include British Columbia’s Personal Information Protection Act (BC PIPA), Alberta’s Personal Information Protection Act (AB PIPA), and Quebec’s Act Respecting the Protection of Personal Information in the Private Sector (ARPPIPS, also known as Quebec's Law 25).
      • Provincial Health Privacy Laws: in some provinces, specific laws govern health information.

    2. Consent and Lawful Basis for Processing

      We rely on consent and other lawful bases for processing personal information, as required by Canadian privacy laws.

      • Express or Implied Consent: Where required, we obtain your express or implied consent to collect, use, or disclose your personal information. Consent may be implied for purposes that are obvious or necessary to fulfil your request.
      • Exceptions to Consent: In certain cases, we may collect, use, or disclose personal information without consent if required or authorized by law (e.g., for fraud prevention, security, or legal compliance).

      Important Note for Quebec Residents: Under Quebec’s ARPPIPS, as amended by Law 25, explicit consent is required for processing "sensitive" information, including health data. In some cases, written consent may be required.

    3. Rights of Canadian Residents

      Canadian residents have specific privacy rights under federal and provincial laws, which may vary slightly by province.

      • Right to Access

        You have the right to request access to your personal information, including details on how it has been used or disclosed.

      • Right to Correct

        You may request corrections to your personal information if it is inaccurate or incomplete.

      • Right to Withdraw Consent

        You may withdraw consent for the collection, use, or disclosure of your personal information, subject to legal or contractual restrictions.

      • Right to Complain

        If you believe your privacy rights have been violated, you may file a complaint with the relevant privacy commissioner’s office:

        • Office of the Privacy Commissioner of Canada (PIPEDA)
        • British Columbia Privacy Commissioner (BC PIPA)
        • Alberta Privacy Commissioner (AB PIPA)
        • Quebec Commission d'accès à l'information (CAI)
      • Right to Data Portability (Quebec)

        Quebec residents have the right to request that their personal information be transferred to another organization in a structured, commonly used, and machine-readable format, subject to certain conditions under Law 25.

        To make a request or exercise your rights under relevant Canadia privacy laws, please contact us at help@playhq.com. We will respond to your request within the timeframe required by the applicable federal or provincial privacy law.

  24. Additional Information for UK and EEA Residents

    We are subject to the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR) in relation to the services we offer to individuals and our wider operations in the UK and European Economic Area (EEA).

    1. Details About Our Processing of Your Personal Data

      The table below describes the ways we plan to use your personal data, and which lawful basis we rely on to do so. We have also characterised our legitimate interests, where appropriate.

      PurposeExample ActivitiesData TypesLawful BasisLegitimate Interests
      To provide our servicesManagement of accounts, fulfilment of transactions, and / or performance a contract with you or at your request, including (but not limited to) management of competition registrations and facilitation of communications between clubs and participantsBusiness Contact Data, Contact Data, Identity Data, Profile Data, Transactional Data, Technical DataPerformance of a ContractN/A
      To manage and provide our WebsiteMonitoring, troubleshooting, data analysis, network security and system testingCommunication Data, Identity Data, Location Data, Technical Data, Usage DataLegitimate InterestNecessary to maintain the useability, security and integrity of our Website and networks
      To manage and monitor our business and servicesThe provision of administration and IT services, network security, fraud prevention and / or in the context of a business reorganisation or group restructuring exercise.Business Contact Data, Communication Data, Contact Data, Identity Data, Technical DataLegitimate InterestManaging, protecting and administering our business to maintain, monitor and improve services
      To managing payments, fees and chargesCollecting and recovering money owed to usBusiness Contact Data, Contact Data, Communication Data, Transactional InformationPerformance of a ContractN/A
      To handle merchandising and the fulfillment of merchandise ordersN/ABusiness Contact Data, Contact Data, Communication DataPerformance of a ContractN/A
      To handle user and event registrationsCreating and supporting the maintenance of user accounts and event profiles for users including individuals, participants, clubs, organisations and othersBusiness Contact Details, Contact Details, Emergency Contact Details, Images, Profile Data, Special Category DataConsentN/A
      To assess the quality of our servicesN/ABusiness Contact Data, Communication Data, Contact Data, Identity Data, Marketing Data, Survey Response Data, Transactional Data, Usage DataLegitimate InterestNecessary to ensure the provision of high quality services and to inform the making of changes and improvements to our services as appropriate
      To address service updates and supportContacting individuals regarding services, updates, and customer supportBusiness Contact Data, Communication Data, Contact Data, Communications Data, Location Data, Profile DataLegitimate InterestNecessary to maintain communication and provide assistance to users, clubs, organisations and participants, in order to ensure efficient and responsive service, continuity of service and to fulfil expectations.
      To implement cookiesCollecting and analyse information about website usage to improve user experience and functionalityTechnical Data, Usage DataConsent / Legitimate InterestConsent is obtained where required by law for non-essential cookies via appropriate cookie opt-in mechanism. Legitimate interest is relied upon for essential cookies.
      To adminster rights and claimsN/ABusiness Contact Data, Communication Data, Contact Data, Identity Data, Technical Data, Usage DataLegitimate InterestNecessary to enforce or apply our Website terms of use, our terms and conditions of business, or other contracts. To exercise our rights, to defend ourselves from claims and to keep to laws and regulations that apply to us and the third parties we work with.
      To transfer dataTransferring personal data across jurisdictions to support global operations and servicesBusiness Contact Data, Communication Data, Contact Data, Identity Data, Profile DataLegitimate InterestNecessary to facilitate global operations and comply with applicable international transfer mechanisms, including Standard Contractual Clauses or other approved safeguards.
      To administer complaints and queriesResponding to and managing complaints, queries, or feedbackBusiness Contact Data, Communication Data, Contact Data, Identity Data, Profile DataLegitimate InterestProvides effective and timely resolution of complaints and queries to improve customer experience, ensure service satisfaction, and maintain user and stakeholder trust.
      To communicate through our platformsFacilitation of communication via website contact forms, live chat, or other channels including (but not limited to) customer supportBusiness Contact Data, Communication Data, Contact Data, Identity Data, Profile DataLegitimate InterestNecessary to enable users to reach out for support, inquiries, or feedback and to ensure efficient communication and problem resolution.
      To market our products and servicesProvision of promotional information about services and updates (general marketing)Business Contact Data, Communication Data, Contact Data, Identity Data, Profile DataConsentN/A
      To administer data subject rightsProcessing and verifying identity of the requesterBusiness Contact DataLegal ObligationN/A
      To perform data analyticsUsing data analytics to improve our Website, services, marketing, customer relationships and experiencesCommunications Data, Marketing Data, Technical Data, Usage DataConsentN/A
      To keep recordsKeeping appropriate internal records about our business and servicesCommunications Data, Marketing Data, Technical Data, Usage Data, Transactional DataLegal ObligationN/A
      To meet legal RequirementsPerforming processing necessary for compliance with legal obligations, such as, but not limited to: security requirement compliance with applicable law, for example in response to a request from a court or regulatory body, where such request is made in accordance with the law and / or to detect fraudulent or criminal activity; child protection; health and safety compliance with governing body regulations; compliance with relevant government funding programsAll data types potentially in scopeLegal ObligationN/A

    2. Your Rights

      Please see more details about your rights in the table below. In most circumstances, you do not need to pay any charge for exercising your rights. We have one month to respond to you.

      Your RightDetails
      Right to be informedWe have a legal obligation to provide you with concise, transparent, intelligible, and easily accessible information about your personal data and our use of it. We have written this notice to do just that, but if you have any questions or require more specific information.
      Right of accessYou have the right to ask us for copies of your personal data. This right always applies. There are some exemptions, which means you may not always receive all the information. When you request this data, this is known as making a data subject access request (DSAR). In most cases, this will be free of charge; however, in some limited circumstances, for example repeated requests for further copies, we may apply an administration fee.
      Right to rectificationYou have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
      Right to erasureYou have the right to ask us to erase your personal data in certain circumstances. We have the right to refuse to comply with a request for erasure if we are processing the relevant personal data for one of the following reasons: To exercise the right of freedom of expression and information; To comply with a legal obligation; To perform a task in the public interest or exercise official authority; For archiving purposes in the public interest, scientific research, historical research or statistical purposes; For the exercise or defence of legal claims.
      Right to restriction of processingYou may ask us to stop processing your personal data. We will still hold the data but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies, you may exercise the right to restrict processing: The accuracy of the personal data is contested; Processing of the personal data is unlawful; We no longer need the personal data for processing, but the personal data is required for part of a legal process; The right to object has been exercised and processing is restricted pending a decision on the status of the processing.
      Right to object to processingYou have the right to object to processing in certain circumstances. You can also object if the processing is for a task carried out in the public interest, the exercise of official authority vested in you, or your legitimate interests (or those of a third party).
      Right to data portabilityThis right only applies if we are processing personal data based on your consent or for the performance of a contract and the processing is automated.

    3. Complaints

      We hope that we can resolve any query or concern you raise about our use of your information. Please contact us at help@playhq.com first and title your email “Complaint”. All complaints will be treated in a confidential manner, and we will try our best to deal with your concerns.

      You have the right to lodge a complaint with a supervisory authority in the EEA member state where you work or normally live, or where any alleged infringement of Data Protection Law occurred.

      The details of European supervisory authorities can be found here.

      The supervisory authority in the UK is the ICO, which may be contacted at https://ico.org.uk/concerns or by telephone on 0303 123 1113.

  25. Questions or Concerns

    If you have any concerns about our handling of your personal information or believe your privacy rights have been infringed, you have the right to make a complaint. We are committed to resolving privacy-related complaints promptly and effectively.

    We encourage you to contact us directly at help@playhq.com so that we can address any issues promptly. However, if you are not satisfied with our response, you may also have the right to file a complaint directly with your local privacy regulator. We have provided some contact details for your reference below:

    • United Kingdom: You can file a complaint with the Information Commissioner’s Office (ICO) via www.ico.org.uk.
    • European Economic Area (EEA): If you are located in the EEA, you can reach out to your local data protection authority. A list of EEA data protection authorities can be found here.
    • United States: You may also reach out to the consumer protection agency in your state or contact the Federal Trade Commission (FTC) for general privacy concerns via www.ftc.gov.
    • California: Complaints can be directed to the California Attorney General's Office or, under the new California Privacy Rights Act (CPRA), to the California Privacy Protection Agency (CPPA), via https://oag.ca.gov/privacy/ccpa.
    • Colorado, Connecticut, Virginia, and Other States: States with privacy laws (e.g., Colorado Privacy Act, Virginia Consumer Data Protection Act) direct complaints to their respective Attorneys General. Check the specific Attorney General’s website for complaint procedures. You can find the contact information for each Attorney General's office through the National Association of Attorneys General (NAAG) directory.
    • Canada: If you have concerns regarding our data practices in Canada, you may file a complaint with the Office of the Privacy Commissioner of Canada (OPC) via www.priv.gc.ca.
    • Australia: For data privacy inquiries in Australia, you may reach out to the Office of the Australian Information Commissioner (OAIC) via www.oaic.gov.au.
    • New Zealand: Contact the Office of the Privacy Commissioner New Zealand via www.privacy.org.nz.
PlayHQ
Terms of UsePrivacy Policy
© 2025 PlayHQ. All rights reserved. Made in Melbourne, Australia.