Privacy Policy

This Privacy Policy explains how and why Clubware collects and uses personal information, and what we do to ensure it is kept private and secure.

About Clubware (and How to contact us)

We are Clubware Pty. Ltd (Clubware), a company incorporated in Australia with number ACN:115985905. Our registered office is Brisbane, Queensland 4000.
Clubware Pty. Ltd has licensed;
Harlands Services Ltd (Harlands) a company incorporated in England and Wales with number 2982925. Whose registered office is at 2nd Floor Rockwood House, 9-17 Perrymount Road, Haywards Heath, West Sussex, RH16 3DU,
Debit Finance Collections Plc a company incorporated in England and Wales with number 3422873. Whose registered office is 16 Davy Avenue, Knowlhill, Milton Keynes MK5 8PL.

To distribute the Clubware Membership Management Software in the UK and Europe.

You can contact the appropriate Data Protection Manager with questions about this policy by writing to the office address relevant to your service provider, marking your letter for the attention of The Data Protection Manager or
Harlands Services Ltd 01444 449157 or emailing
Debit Finance Collections Plc 01908 422 000 or emailing 

To contact Clubware please email stating your enquiry.

For the purposes of data protection law Clubware will be a data processor acting on behalf of its clients, who would be classed as the data controllers. Clubware will be a data controller with regards to data it holds about its clients.

Our relationship to the Data Controllers

We process data on behalf of our clients, the data controllers. For a customer (data subject) of our client to subscribe to the services offered the customer must provide certain demographic data including but not limited to Name, address, phone numbers, email address. The provision of this data will be given in accordance to the privacy policy of the data controller.
Clubware also processes information, on behalf of the data controller, that relates to employees of the data controller.

Clubware and its clients will enter into an agreement for services, this is known as the Clubware Software License Agreement (CSLA).

Where Clubware is a Data Controller

To fulfil our contract with our clients Clubware will store information relating to the client’s business and its officers. This data enables Clubware to maintain records of prior conversations and business to business transactions such as email and voicemail. Clubware will also store records of software support requests from its clients.

What information is processed

Clubware as the Data Processor

Clubware is a member management system, it enables our clients to manage information about its members. To this end Clubware will process;

  • Personal details such as demographic information including name, address, date of birth, email address, phone number
  • Member physiological data such as height, weight, body fat measurements which would be freely given by the data subject
  • Service usage data
  • Booking history
  • Communication history
  • Personal information relating to an employee including, name, email address, phone number.

Clubware as the Data Controller

As a data controller Clubware will collect the following information;

  • Business contacts including name, phone number and email address

If you would like to unsubscribe from our mailing lists please either use the Unsubscribe feature within the mail or email stating that you no longer wish to receive information relating Clubware and its services.

If you believe the data we hold about your business is incorrect but still wish to receive information about Clubware and its services please email stating that you would like to update your information.

Why data is collected and stored

Clubware as the Data Processor

We process data in accordance with our CSLA and to fulfil the contract we have with the data controller. We only use the data with the consent of the data controller, who in turn, will collect consent from the data subject. Where consent has not been freely given, Clubware can restrict the processing of the data.

Clubware as the Data Controller

Clubware collects data on our clients and prospective clients to fulfil our contract with our clients and will lawfully engage in business to business sales opportunities with prospective clients who have either requested information about our products and services or who Clubware believe has a legitimate interest in Clubware and is services.

How we use information

Clubware as the Data Processor

To fulfil our contract with the data controller Clubware contracts a sub-processor to store the data. Commonly known as a cloud hosting supplier. Clubware reserve the right to change sub-processor as necessary to continue to fulfil its contract with the data controller, but will endeavour to communicate with the data controller prior to any such change. Clubware will continue to process the data in accordance with the CSLA and in accordance with data protection law.

Where we are lawfully allowed to process information in accordance with our agreement with the data controller we will not process this data further than is necessary to fulfil the agreement.

For the data controller to fulfil its contract with the data subject Clubware has a need to collect the information described in - 3 What information is processed.

Clubware will not use any form of automated decision making when dealing with personal data. This includes information Clubware holds relating to its clients, and the data subjects.

Clubware will conform to the law in England and Wales and provide information to the relevant authorities when requested. We will seek explicit written permission from the data controller to process the data in this manner. Where permission is not sought or provided, Clubware will only process data in this manner if subject to a court order or warrant.

Clubware as the Data Controller

Clubware does not process the data it collects on clients or prospective clients further than is necessary. Clubware does not sell or trade data collected nor does it use this data for automated profiling.

Website visitors and cookies

Our website

We don’t normally collect or process personal information about visitors to our website unless they choose to provide information. We may collect non-personal information about visitors to our website as this helps us optimise and improve the website. This information might include your internet protocol address, the browser being used to connect to our site, the device (e.g. its operating system) and the connection type (e.g. the Internet service provider used). However, none of this information will directly identify you.

Other websites

Our website may include hyperlinks to other websites. We are not responsible for the content or functionality of any of those external websites. If an external website requests personal information from you, the information you provide will not be covered by this Policy. We suggest you read the privacy policy of any website before providing any personal information.


We use cookies, small text files consisting of random letters and numbers stored on your computer or internet browser, to distinguish you from other web users. Unless you choose to prevent cookies (which can be done by changing the settings on your browser or device – the Network Advertising Initiative has guidance on how to do this. Cookies optimise the site and enable certain functionality. They also allow us to monitor website traffic and to personalise the content of the site for you. If you choose to prevent cookies you may not be able to use certain features on our website.

Google Analytics Cookies

We also use Google Analytics to track usage of our website and collect details of repeat visits. These cookies do not collect any personal information about you. Google Analytics Privacy Policy can be found here
The cookie file names are: __utma, __utmb, __utmc, __utmv, __utmz The cookies will identify your browser, the times and dates that you interacted with our site and the marketing materials or referring pages that led you to our website. We use this information to compile reports (e.g. regarding the number of visitors to the site, where visitors have come to the site from and the pages they visited) and to help us improve the website. This information is anonymous and will not identify you.

Other recipients of information

We respect the privacy of information, and will never sell or trade personal data. We may however share or transfer data in certain circumstances. Some of these are outlined elsewhere in this notice, but there are other situations where sharing or transferring data may be appropriate. For example; where Clubware has a need to engage with a 3rd party IT support provider to correct or fix an issue with Clubware or dependent systems. Where this is necessary Clubware will seek permission from the data controller and where possible the 3rd party will be instructed to complete a Non-disclosure agreement (NDA) with Clubware.


We may contact you by email, telephone or post with updates or information about your agreement with us, notifications regarding your payments and with updates to our terms of business or this Policy.

Marketing communications

We are engaged to provide services to organisations such as our clients, and therefore do not market to our services to individuals personally.

We do send marketing emails, which contain information about Clubware and our services, to organisations we think might be interested in them. If you receive such an email, it could be because your organisation is an existing client or has enquired about our services. Alternatively, we may have received the details of your organisation from a third party as we do, on occasion, purchase marketing lists containing contact details for potential business clients.

If you receive marketing communications from us, you can change how you hear from us or unsubscribe at any time. You can do this by clicking the “unsubscribe” link on any of our emails, or by emailing 

If you have received a marketing communication in error and wish to complain then please contact 

Storing data

We only store personal information for as long as required in order to fulfil the purpose it was collected for and in accordance with the instructions of the data controller.

As a data controller, we regularly review what data we have and delete that which is no longer necessary. You also have a right to request that your data be deleted (the right to be forgotten), please see paragraph 12 for further details.

We normally only process data within the European Economic Area (EEA). If Clubware or one of our sub-processors needs to transfer it outside of the EEA then we will take steps to make sure adequate levels of privacy protection, in line with UK data protection law, are in place. These safeguards will usually be contractual and/or the result of a European Union decision which allows the transfer (such as a US organisation which is certified under the EU-US Privacy Shield framework).

Keeping your data safe

We employ a variety of physical and technical measures to keep your personal data safe and to prevent unauthorised access to, or use or disclosure of it. Electronic data and databases are stored on secure computer systems and we control who has access to them (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data.

Our sub-processors equally store data in secure environments and Clubware regularly engages with its sub-processors to ensure compliance to known good practice.

However, we cannot absolutely guarantee the security of the internet or external networks or your own device, accordingly any online communications (e.g. information provided by email or through our website) are at your own risk.

Your rights

As a data controller Clubware want to ensure you remain in control of your personal information. Part of this is making sure you understand your legal rights, which are as follows:

(a) the right to confirmation as to whether or not we have your information and, if we do, to obtain a copy of the personal data;

(b) the right to have certain information provided to you in a portable electronic format, or transmitted to another data controller, where technically feasible;

(c) the right to have inaccurate data rectified;

(d) where personal data is processed on the basis of your consent, the right to withdraw that consent;

(e) the right to object to your data being used for marketing or for legitimate interest’s purposes;

(f) the right to restrict how your personal information is used; and

(g) the right to be forgotten, which allows you to have your data erased in certain circumstances (though this is not an absolute right and may not apply if we need to continue using the information for a lawful reason).

If you would like further information on your rights or wish to exercise them, please email 

Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so (for example, because the information no longer exists or there is an exception which applies to your request).

If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you should contact the UK Information Commissioner's Office, which oversees data protection compliance in the UK. Details of how to do this can be found at