Privacy Policy

1. Data we collect

When you enter the HIO Challenge we collect: your name, email address, phone number (optional), membership number, date of birth (for age verification), tee-off time, IP address, and payment confirmation reference (from Stripe — we do not store card numbers).

If you submit a claim we also store your uploaded scorecard image and the club manager details you provide.

2. How we use your data

• To process your entry and confirm payment.
• To send your unique claim link and entry confirmation email.
• To verify hole-in-one claims with your golf club.
• To process prize payments to winning claimants.
• To calculate and process club affiliation fees.
• To comply with legal obligations and prevent fraud.

3. Data sharing

We share your data with: Stripe (payment processing); your registered golf club's manager (for claim verification only); and any regulatory body where required by law. We do not sell your data to third parties.

4. Data retention

Entry records are retained for 7 years for accounting and legal compliance purposes. Claim evidence (scorecard images) are retained for 2 years after the claim is resolved. You may request deletion of your personal data subject to our legal retention obligations.

5. Your rights

Subject to applicable law, you have the right to access, correct, or request deletion of your personal data. Contact us at privacy@hiochallenge.com with any such request.

6. Security

All data is transmitted over SSL/TLS. Passwords are hashed using bcrypt. Payment data is processed entirely by Stripe and never stored on our servers. Uploaded files are stored in a restricted directory not accessible to the public web.

7. Cookies

We use a single session cookie to manage your entry flow. No tracking or advertising cookies are used.

8. Contact

Privacy enquiries: privacy@hiochallenge.com