Privacy Policy
Last updated 3 July 2026
This policy explains what personal data GoodGreens collects, how we use it, and the choices and rights you have.
1. Who we are
GoodGreens is operated by Anyway Ventures ("we", "us"), registered in England and Wales [company registration number], registered office [registered office address]. This policy explains how we handle personal data across the GoodGreens website (goodgreens.io) and application ("the Service").
For personal data relating to our own customers (club administrators) and website visitors, we are the data controller. For the member feedback that a club collects through the Service, the club is the data controller and we act as its data processor, handling that data on the club's instructions.
2. Data we collect
- Account data: names, email addresses, passwords (stored hashed), club details, roles and permissions.
- Feedback content: course reports, suggestions and survey responses submitted by members — which may include a name and email if a member chooses to provide one (for example, to enter a prize draw).
- Usage data: log and device information, pages viewed and actions taken, used to operate and improve the Service.
- Billing data: subscription and invoice records. Card details are collected and stored by our payment processor, not by us.
- Communications: emails you send us and support correspondence.
3. How we use data
- to provide, maintain and secure the Service;
- to process subscriptions, billing and account administration;
- to send service and transactional emails (for example, invites, receipts and billing notices);
- to respond to enquiries and provide support;
- to understand usage and improve the Service;
- to comply with legal obligations and enforce our terms.
4. Legal bases (UK/EU GDPR)
We rely on: performance of a contract (to provide the Service you sign up for); legitimate interests (to secure, operate and improve the Service, and for direct business communications); consent (where required, for example certain marketing); and legal obligation (for example, to keep accounting records).
5. Service providers we use
We use a small number of trusted providers who process data on our behalf to run the Service:
- Supabase — database, authentication and file storage;
- Netlify — website and application hosting;
- Stripe — payment processing and merchant-of-record services for subscriptions;
- Resend — sending transactional email.
6. International transfers
Some providers may process data outside the UK/EEA. Where they do, we rely on appropriate safeguards such as the UK International Data Transfer Agreement or the EU Standard Contractual Clauses, together with the provider's own compliance measures.
7. Data retention
We keep account and feedback data for as long as your account is active. If you close your account, we delete or anonymise personal data within a reasonable period, except where we need to retain certain records to meet legal, tax or accounting obligations. Clubs can request deletion of their data as described below.
8. Security
We use encryption in transit, access controls, tenant isolation and other measures to protect personal data. No system is completely secure, but we work to protect your data and to limit access to those who need it to operate the Service.
9. Cookies
We use essential cookies to keep you signed in and to run core features, and to remember preferences such as your chosen currency and language. We do not use advertising cookies. You can control cookies through your browser settings, though disabling essential cookies may affect how the Service works.
10. Your rights
Subject to applicable law, you have the right to access, correct, delete or port your personal data, to object to or restrict certain processing, and to withdraw consent. To exercise these rights, contact us using the details below. If your request relates to feedback data held on behalf of a club, we may direct you to, or coordinate with, that club as the controller.
You also have the right to complain to a supervisory authority — in the UK, the Information Commissioner's Office (ico.org.uk).
11. Children
The Service is intended for use by golf clubs and their adult members and administrators. It is not directed at children, and we do not knowingly collect personal data from children.
12. Changes to this policy
We may update this policy from time to time. Where changes are material we will take reasonable steps to notify you. The "last updated" date at the top shows when it was last revised.
13. Contact
For privacy questions or to exercise your rights, contact us at hello@goodgreens.io.