Looper Golf Travel

Privacy Policy

Last updated: 20 February 2025

Who I am

Looper Golf Travel is run by me, Oliver Morrison. I plan curated golf trips for groups across Scotland, Ireland, England, and Wales. For the purposes of UK data protection law, I am the data controller — meaning I decide how and why your personal data is used.

If you have any questions about this policy or your data, email me at oliver@loopergolftravel.com.

What I collect and why

I only collect what I need to plan your trip. Here’s what’s gathered at each stage:

Trip qualifier form

When you fill in the qualifier, I collect your email address, destination preference, where you’re travelling from, how you plan to get there, preferred dates and timeframe, group size, budget, and what matters most to you in a trip.

Why: I need this to understand what you’re after so I can put together an itinerary that actually makes sense for your group.

Payment

When you pay the planning fee, your payment is processed by Stripe. I never see or store your card details. Stripe receives your email address and a reference linking back to your trip preferences.

Why: To process your payment and confirm your booking.

Booking details

After payment, I ask for your full name, phone number, the names and phone numbers of your group members, any specific requests, and your preferred way to be contacted (WhatsApp, SMS, or email).

Why: I need to know who’s in the group and how to reach you while I’m putting your trip together.

Legal basis

Under UK GDPR, I process your data on two grounds:

  • Contract: Most of your data is needed to deliver the service you’ve paid for — planning your trip, coordinating with your group, and sending you options.
  • Legitimate interest: I use your email to send a confirmation after payment. I don’t send marketing emails.

Who else has access to your data

I use a small number of third-party services to run Looper Golf Travel. Each one only receives the data it needs:

  • Stripe — processes your planning fee payment. Receives your email and payment details. Stripe is PCI DSS compliant.
  • Resend — sends your confirmation email. Receives your email address, first name, and trip preferences.
  • Supabase — hosts the database where your trip and booking information is stored. Data is held in a PostgreSQL database with row-level security.
  • Vercel — hosts the website. Server logs may contain request data such as your IP address.

I don’t sell or share your data with anyone else. No advertising networks, no analytics trackers, no data brokers.

Cookies

This site doesn’t use tracking cookies or analytics scripts. Stripe may set essential cookies during the checkout process to prevent fraud — these are strictly necessary and don’t require consent.

How long I keep your data

I keep your trip and booking data for as long as it’s needed to deliver and support the service. In practice, that means:

  • Active bookings: retained while I’m working on your trip and for a reasonable period afterwards in case you want to book again.
  • Payment records: retained for 7 years to comply with HMRC requirements.
  • Incomplete qualifiers: if you start the form but don’t pay, your data is deleted within 12 months.

You can ask me to delete your data at any time — see your rights below.

Your rights

Under UK GDPR, you have the right to:

  • Access the personal data I hold about you
  • Correct anything that’s inaccurate
  • Delete your data (subject to legal retention obligations)
  • Export your data in a portable format
  • Object to processing based on legitimate interest

To exercise any of these rights, email oliver@loopergolftravel.com. I’ll respond within 30 days.

If you’re not satisfied with how I’ve handled a request, you can lodge a complaint with the Information Commissioner’s Office (ICO).

Changes to this policy

If I make meaningful changes to this policy, I’ll update the date at the top. For significant changes that affect how your data is used, I’ll make reasonable efforts to let you know directly.