top of page

PRIVACY POLICY

Effective Date: 1 April 2026

Last Updated: 1 April 2026

Your privacy matters to us.

At Sporting Chances Group (SCG), we’re committed to protecting your personal information and being transparent about how we use it. This Privacy Policy explains what we collect, how we use it, and the choices you have. 

This applies to our website (www.sportingchances.org) and any other platforms we operate. 

When we say “personal information”, we mean any information that can identify you—whether that’s your name and contact details, information about your device, or how you interact with our website. 

If you follow links to third-party websites, please note that they have their own privacy policies. We don’t control those sites, so we recommend checking their policies before sharing your information. 

INFORMATION WE COLLECT

We collect information in two main ways: 

  • Voluntarily Provided - Information you give us when you contact us, fill out a form, or engage with our services  

  • Automatically Collected - Information automatically sent by your device when you browse or interact with our website  

LOG DATA 

When you visit our website, some information is collected automatically by our servers. This helps us understand how the site is used and improve your experience. 

This may include: 

  • Your IP address  

  • Browser type and version  

  • Pages you visit and time spent on them  

  • Date and time of your visit  ​

 

If something goes wrong on the site (for example, an error), we may also collect technical details to help us fix the issue. 

On its own, this information doesn’t usually identify you—but it can sometimes be combined with other data. 

DEVICE DATA 

When you visit our website or interact with our services, we may automatically collect data about your device, such as: 

  • Device Type – Identifying whether the user is on a desktop, smartphone, tablet, or smart TV. 

  • Browser Type & Version – Details about the web browser being used, such as Chrome, Safari, or Firefox.  

 

Data we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us. 

PERSONAL INFORMATION 

Depending on how you interact with us, we may collect personal information such as: 

  • Contact details – name, email address, phone number, address  

  • Communication data – messages, feedback, or enquiries you send us  

  • Recruitment information – CVs, work history, education details (if applying to join us)  

  • Transaction data – payment and billing details (where relevant)  

 

We only collect what we need—and we’ll always aim to be clear about why. 

CHILDREN & YOUNG PEOPLE 

We recognise that our services involve working with children and young people. 

Where we collect or process personal information relating to individuals under the age of 18, we take additional care to ensure that this information is handled appropriately and in line with applicable data protection laws. 

Where required, we will seek consent from a parent, guardian, school, or other responsible authority before collecting or using a young person’s personal information. 

We may communicate information about our services through schools, organisations, or mailing lists which may include individuals under 18. In such cases, we take reasonable steps to ensure that communications are appropriate and compliant with applicable laws and guidance. 

If you are a parent or guardian and believe that a child has provided us with personal information without appropriate consent, please contact us using the details in this policy. 

LEGITIMATE REASONS FOR PROCESSING YOUR PERSONAL INFORMATION 

We only collect and use your personal information when we have a legitimate reason for doing so. In which instance, we only collect personal information that is reasonably necessary to provide our services to you.

COLLECTION & USE OF INFORMATION 

We may collect personal information from you when you do any of the following on our website: 

  • Access our content 

  • Contact us via contact forms, email, social media, or on any similar technologies 

 

We use your information to: 

  • Respond to enquiries and stay in touch  

  • Deliver our services  

  • Improve our website and user experience  

  • Understand how users interact with our website using analytics and tracking tools (such as Google Analytics and marketing platforms including Meta) 

  • Understand how people use our services  

  • Send marketing communications (only where you’ve agreed)  

  • Manage onboarding of staff, students, or programme participants  

  • We won’t use your information for purposes that aren’t compatible with these. 

 

We may combine voluntarily provided and automatically collected personal information with general information or research data we receive from other trusted sources. For example, our marketing and market research activities may uncover data and insights, which we may combine with information about how visitors use our site to improve our site and your experience on it. 

 

Emails and correspondence sent to us may be securely stored and managed using Microsoft 365 for record-keeping, service delivery, and administrative purposes. 

SECURITY OF YOUR PERSONAL INFORMATION 

We take the security of your personal information seriously. 

We use appropriate technical and organisational measures to protect it from loss, misuse, or unauthorised access. 

That said, no online system is completely secure. While we do our best, we can’t guarantee absolute security. 

You also play a role—especially when it comes to keeping passwords and account details safe. 

 

Access Control 

Access to personal information is restricted to authorised personnel and contractors who require access in order to perform their role. 

HOW LONG WE KEEP YOUR PERSONAL INFORMATION 

We keep your personal information only for as long as we need to. This time period may depend on what we are using your information for, in accordance with this privacy policy. For example, if you have provided us with personal information as part of creating an account with us, we may retain this information for the duration your account exists on our system. If your personal information is no longer required for this purpose, we will delete it or make it anonymous by removing all details that identify you. 

However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes. 

DISCLOSURE OF PERSONAL INFORMATION TO THIRD PARTIES 

We may share personal information with trusted third parties where necessary to operate our website, deliver our services, or support our organisation. 

This may include: 

  • Service providers who help us run our website and systems  

  • Employees and authorised personnel, including contractors and freelancers who support our operations  

  • Partner organisations, such as schools, local authorities, and programme partners 

  • Professional advisers or business partners, where required  

 

We ensure that anyone who processes personal data on our behalf is authorised to do so and is subject to appropriate confidentiality and data protection obligations.

 

 

Third parties we currently use include: 

  • Wix (website hosting, CRM, and analytics)  

  • Google Analytics (website usage insights)  

  • Microsoft 365 (email and document management)  

  • Meta (marketing and communications tools)

INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION 

While SCG is based in the UK, some of the people who support our operations (including website management and administration) may be located in other countries. 

For example, authorised team members based in Australia may access personal data in order to manage the website, respond to enquiries, and support our services. 

We may also use trusted third-party providers (such as Wix and Microsoft 365) that store or process data outside the UK. 

Whenever personal data is accessed or transferred internationally, we ensure appropriate safeguards are in place, in line with the UK GDPR. 

This includes ensuring that: 

  • Access is limited to authorised individuals  

  • Data is handled securely  

  • Appropriate contractual or legal protections are in place 

YOUR RIGHTS & CONTROLLING YOUR PERSONAL INFORMATION 

Your choice

By providing personal information to us, you understand we will collect, hold, use, and disclose your personal information in accordance with this privacy policy. You do not have to provide personal information to us, however, if you do not, it may affect your use of our website or the products and/or services offered on or through it. 

Information from third parties

If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us. 

 

Marketing permission

If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below. 

 

Access

You may request details of the personal information that we hold about you. 

 

Correction

If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date. 

 

Non-discrimination

We will not discriminate against you for exercising any of your rights over your personal information. Unless your personal information is required to provide you with a particular service or offer (for example providing user support), we will not deny you goods or services and/or charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, or provide you with a different level or quality of goods or services. 

 

Downloading of Personal Information

We provide a means for you to download the personal information you have shared through our site. Please contact us for more information. 

Notification of data breaches

We will comply with laws applicable to us in respect of any data breach. 

 

Complaints

If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint. 

 

Unsubscribe

To unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details provided in this privacy policy, or opt-out using the opt-out facilities provided in the communication. We may need to request specific information from you to help us confirm your identity.

BUSINESS TRANSFERS 

If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data, including your personal information, among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may, to the extent permitted by applicable law, continue to use your personal information according to this policy, which they will be required to assume as it is the basis for any ownership or use rights we have over such information. 

LIMITS OF OUR POLICY 

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices. 

CHANGES TO THIS POLICY 

At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy. 

If the changes are significant, or if required by applicable law, we will contact you (based on your selected preferences for communications from us) and all our registered users with the new details and links to the updated or changed policy. 

If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information. 

ADDITIONAL DISCLOSURES FOR UK GENERAL DATA PROTECTION REGULATION (UK GDPR) COMPLIANCE (UK) 

Data Controller / Data Processor 

The GDPR distinguishes between organisations that process personal information for their own purposes (known as “data controllers”) and organisations that process personal information on behalf of other organisations (known as “data processors”). For the purposes covered by this Privacy Policy, we are a Data Controller with respect to the personal information you provide to us and remain compliant with our data controller obligations under GDPR. 

Third-Party Provided Content 

We may indirectly collect personal information about you from third-parties who have your permission to share it. For example, if you purchase a product or service from a business working with us, and give your permission for us to use your details in order to complete the transaction. 

We may also collect publicly available information about you, such as from any social media and messaging platforms you may use. The availability of this information will depend on both the privacy policies and your own privacy settings on such platforms. 

LEGAL BASES FOR PROCESSING YOUR PERSONAL INFORMATION 

Data Protection and Privacy Laws permit us to collect and use your personal data on a limited number of grounds. In which case, we will collect and use your personal information lawfully, fairly and in a transparent manner. We may, from time to time, communicate information about our services that could be received by individuals under the age of 18 (for example, via schools, organisations, or general mailing lists). Where this occurs, we take reasonable steps to ensure such communications are appropriate, responsible, and compliant with applicable laws. 

Our lawful bases depend on the services you use and how you use them. This is a non-exhaustive list of the lawful bases we use: 

 

Consent From You  

Where you give us consent to collect and use your personal information for a specific purpose. You may withdraw your consent at any time using the facilities we provide; however this will not affect any use of your information that has already taken place. When you contact us, we assume your consent based on your positive action of contact, therefore you consent to your name and email address being used so we can respond to your enquiry. 

Where you agree to receive marketing communications from us, we will do so based solely on your indication of consent or until you instruct us not to, which you can do at any time. 

While you may request that we delete your contact details at any time, we cannot recall any email we have already sent. If you have any further enquiries about how to withdraw your consent, please feel free to enquire using the details provided in the Contact Us section of this privacy policy. 

 

Performance of a Contract or Transaction 

Where you have entered into a contract or transaction with us, or in order to take preparatory steps prior to our entering into a contract or transaction with you. For example, if you contact us with an enquiry, we may require personal information such as your name and contact details in order to respond.  

 

Our Legitimate Interests 

Where we assess it is necessary for our legitimate interests, such as for us to provide, operate, improve and communicate our services. We consider our legitimate interests to include research and development, understanding our audience, marketing and promoting our services, measures taken to operate our services efficiently, marketing analysis, and measures taken to protect our legal rights and interests. 

 

Compliance with Law 

In some cases, we may have a legal obligation to use or keep your personal information. Such cases may include (but are not limited to) court orders, criminal investigations, government requests, and regulatory obligations. For example, we are required to keep financial records for a period of 7 years. If you have any further enquiries about how we retain personal information in order to comply with the law, please feel free to enquire using the details provided in the Contact Us section of this privacy policy. 

 

Your Data Subject Rights 

 

Right to Restrict Processing: You have the right to request that we restrict the processing of your personal information if (i) you are concerned about the accuracy of your personal information; (ii) you believe your personal information has been unlawfully processed; (iii) you need us to maintain the personal information solely for the purpose of a legal claim; or (iv) we are in the process of considering your objection in relation to processing on the basis of legitimate interests. 

 

Right to Object: You have the right to object to processing of your personal information that is based on our legitimate interests or public interest. If this is done, we must provide compelling legitimate grounds for the processing which overrides your interests, rights, and freedoms, in order to proceed with the processing of your personal information. 

 

Right to be Informed: You have the right to be informed with how your data is collected, processed, shared and stored. 

 

Right of Access: You may request a copy of the personal information that we hold about you at any time by submitting a Data Subject Access Request (DSAR). The statutory deadline for fulfilling a DSAR request is 30 calendar days from our receipt of your request. 

 

Right to Erasure: In certain circumstances, you can ask for your personal data to be erased from the records held by organisations. However this is a qualified right; it is not absolute, and may only apply in certain circumstances. 

  

When may the right to erasure apply? 

  • When the personal data is no longer necessary for the purpose for which it was originally collected or processed for. 

  • If consent was the lawful basis for processing personal data and that consent has been withdrawn. SCG relies on consent to process personal data in very few circumstances. 

  • SCG is relying on legitimate interests as a legal basis for processing personal data and an individual has exercised the right to object and it has been determined that SCG has no overriding legitimate grounds to refuse that request. 

  • Personal data are being processed for direct marketing purposes e.g. a person’s name and email address, and the individual objects to that processing. 

  • There is legislation that requires that personal data are to be destroyed.  

 

Right to Portability: Individuals have the right to get some of their personal data from an organisation in a way that is accessible and machine-readable, for example as a csv file. Associated with this, individuals also have the right to ask an organisation to transfer their personal data to another organisation.  

 

However, the right to portability:

  • only applies to personal data which a person has directly given to SCG in electronic form; and 

  • onward transfer will only be available where this is “technically feasible”. 

 

Right to Rectification: If personal data is inaccurate, out of date, or incomplete, individuals have the right to correct, update or complete that data. Collectively this is referred to as the right to rectification. Rectification may involve filling the gaps i.e. to have to have incomplete personal data completed – although this will depend on the purposes for the processing. This may involve adding a supplementary statement to the incomplete data to highlight any inaccuracy or claim thereof. 

 

This right only applies to an individual’s own personal data; a person cannot seek the rectification of another person’s information. 

 

Notification of data breaches: Upon discovery of a data breach, we will investigate the incident and report it to the UK’s data protection regulator and yourself, if we deem it appropriate to do so. 

 

Complaints: You have the right, at any time, to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance using the details below. Please provide us with as much information as you can about the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. 

 

 

Automated Decision-Making 

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects on individuals. 

ENQUIRIES, REPORTS & ESCALATION 

To enquire about SCG’s privacy policy, or to report violations of user privacy, you may contact our Data Protection Officer using the details in the Contact us section of this privacy policy.  

If we fail to resolve your concern to your satisfaction, you may also contact the Information Commissioner’s Office (ICO), the UK Data Protection regulator: 

Information Commissioner’s Office 

Wycliffe House | Water Lane, Wilmslow, Cheshire, SK9 5AF 

Tel: 0303 123 1113 (local rate) 

Website: www.ico.org.uk 

CONTACT US

For any questions or concerns regarding your privacy, you may contact us using the following details: 

Emma Marshall, SCG Data Protection Officer & Senior Manager 

Email: emma@sportingchances.org 

Address: Unit 6, Kimpton Link Business Centre 40 Kimpton Road, Sutton, SM3 9QP 

bottom of page