Privacy Policy – Gimme Golf

Last updated: 2nd January, 2026

Gimme Golf ("we", "us", "our") operates the website gimmegolf.club, which provides information about golf courses in Ireland and includes user accounts, a mailing list, and an AI-powered chatbot.

This privacy policy explains how we collect, use, store, and protect personal data.

1. Who we are

Gimme Golf is currently run as a hobby project by two individuals based in the United Kingdom, with the intention of developing it into a business in the future.

If you have questions about this policy or how your data is handled, you can contact us via the website.

2. What personal data we collect

We collect only the data necessary to operate the site and its features.

a) Account and mailing list data

  • Email address
  • Password (stored in hashed/encrypted form)

This applies to:

  • User accounts
  • Mailing list subscriptions

b) Chatbot data

Our website includes a chatbot powered by Azure OpenAI.

  • Chat messages are stored on our own server
  • Conversations are retained indefinitely
  • Messages may include personal data if users choose to enter it

We do not intentionally request personal data via the chatbot, but users may submit it freely in chat messages.

Chat data is used for:

  • Debugging
  • Improving chatbot performance
  • Usage analysis

c) Technical and usage data

We collect:

  • Standard server logs (via our UK-based hosting provider)
  • Website usage data via Google Analytics

This may include:

  • Pages visited
  • Device and browser information
  • Approximate location
  • Interaction data

We do not intentionally log or store IP addresses as a separate dataset.

3. Cookies

We use cookies for essential site functionality and analytics.

Essential cookies are required for core features such as user authentication and cannot be disabled.

Analytics cookies (Google Analytics) are used only if you give your consent through our cookie banner. These cookies help us understand how visitors use the site so we can improve it.

You can change or withdraw your cookie consent at any time using the controls provided on the website.

4. Legal basis for processing (UK GDPR)

We process personal data under the following legal bases:

  • Contractual necessity – to provide user accounts and logged-in features
  • Legitimate interests – to operate, maintain, debug, and improve the site and chatbot
  • Consent – for mailing list subscriptions

5. Data retention

  • Account and mailing list data: retained while the account or subscription is active
  • Chatbot conversations: retained indefinitely
  • Server logs and analytics data: retained according to hosting and analytics provider defaults

We do not retain personal data longer than is necessary for legal or operational purposes.

6. Data sharing

We do not sell or share personal data with third parties.

Personal data is processed by trusted service providers acting as data processors, including:

  • Our UK-based hosting provider
  • Microsoft Azure (for Azure OpenAI)
  • Google Analytics

These providers process data only to deliver their services to us.

7. International data transfers

Because we use Azure OpenAI and Google Analytics, some data may be processed outside the UK, including in the United States.

Where this occurs, we rely on appropriate safeguards such as standard contractual clauses or equivalent protections.

8. Your rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data where legally applicable
  • Object to certain types of processing
  • Lodge a complaint with the Information Commissioner's Office

Requests can be made via the website.

9. Security

We take reasonable technical and organisational measures to protect personal data, including:

  • Secure hosting
  • Encrypted password storage
  • Restricted access to stored data

10. Changes to this policy

We may update this privacy policy as the site evolves. Any changes will be posted on this page with an updated date.