Privacy policy
Your Privacy matters to us
We're committed to protecting your personal data and being fully transparant about how we collect, use, and store it. You'll find all the details below, and if you have any questions, we're always here to help ([email protected]). Please note that we may update our policies from time to time, so revisit every so often to ensure you're aware of the current version.
Here are previous versions of our privacy policy:
Current Policy, effective 02/08/2025:
SlateApp.co.uk (“SlateApp”, “we”, “our”, “us”) is committed to protecting personal data responsibly, transparently, and in accordance with the UK GDPR and Data Protection Act 2018. This policy explains how we collect, use, store, and process personal data, both through our website and through the Slate platform provided to clubs.
Scope of Policy
This policy covers both:
– Data we collect directly via our website (slateapp.co.uk)
– Data processed within the Slate platform for clubs (where we act as a data processor)
Data We Collect
Website Data Collection
We may collect the following information via the website:
– Name
– Email address
– Club name
– Role at your club
– Sport type
– Number of members/players
– Additional details you provide
– Technical data (browser type, IP address, cookies)
Platform Data Collection
Through the Slate platform, clubs may provide:
– User Account Information
– Club Membership Information
– Payment Records
– Match & Attendance Logs
– Messages/Notifications
– Support Queries
– Login & Security Logs
– Club Configuration Data
Note: For platform data, the club is the data controller, and Slate acts as a data processor.
How We Use Your Data
Website Data
We use website data to:
– Process demo requests
– Respond to support queries
– Provide product updates and marketing (with consent)
– Improve site performance and user experience
– Fulfill legal obligations
Platform Data
We use platform data to:
– Deliver contracted services to clubs
– Manage memberships, payments, and events
– Provide support services
– Maintain security and system integrity
We do not use platform data for commercial purposes beyond service delivery.
Lawful Basis for Processing
We rely on:
– Consent (for marketing communications)
– Legitimate interests (to operate and improve services)
– Legal obligations (tax, regulatory, and financial compliance)
Subprocessors & Third Parties
We use the following subprocessors:
– AWS (hosting and infrastructure)
– AWS SES via SMTP (transactional email)
– GoCardless (payments)
– Mailchimp (marketing email)
– Google Analytics (website analytics)
– Hotjar (platform analytics)
Third-party subprocessors may operate internationally. Users should review each provider’s privacy policies for further information on their data handling and transfers.
Data Sharing
We do not sell or share personal data with third parties for commercial gain. Personal data is only shared with subprocessors as required to deliver services.
Data Retention
Data retention is governed by our separate Data Retention & Deletion Policy (effective 01/06/2025). This outlines how long we retain various types of data, and when deletion or anonymisation occurs.
Your Rights
Under UK GDPR, you have the right to:
– Access your data
– Correct inaccurate data
– Request deletion (where applicable)
– Object or restrict processing
– Request data portability
– Withdraw consent (where consent is the basis)
To exercise these rights, contact: [email protected]
Security Measures
We apply appropriate technical and organisational measures to safeguard data against loss, misuse, or unauthorised access.
Contact & Complaints
For privacy enquiries, contact: [email protected].
If unsatisfied, you may contact the Information Commissioner’s Office (ICO): https://ico.org.uk
Policy Updates
This policy may be updated to reflect service changes, legal requirements, or best practice. The latest version will be available on our website.
