Privacy Policy

1. Introduction

Freedom Field Finder ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you use our website and platform at freedomfieldfinder.co.uk (the "Platform").

By using the Platform, you consent to the practices described in this policy. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Information You Provide

• Account information: name, email address, password, and account type (dog owner or field owner).
• Field listings: field name, description, location, images, pricing, availability, and amenities (Field Owners only).
• Booking information: selected dates, times, and contact details.
• Guest booking information: name, email address, and phone number for bookings made without an account.

2.2 Information Collected Automatically

• Usage data: pages visited, actions taken on the Platform, and timestamps.
• Device information: browser type, operating system, and screen resolution.
• IP address: used for rate limiting and security purposes.

2.3 Payment Information

Payments are processed securely by Stripe. We do not store your full card number, expiry date, or CVV on our servers. We receive only a payment reference and confirmation of the transaction amount.

3. How We Use Your Information

We use your personal data to:

• Create and manage your account.
• Process bookings and payments.
• Send transactional emails (booking confirmations, cancellations, reminders, and payout notifications).
• Display field listings and availability to Customers.
• Generate statements and payout records for Field Owners.
• Improve and maintain the Platform.
• Prevent fraud and ensure security.
• Send marketing communications (only with your consent, and you can opt out at any time via your notification settings).

4. Legal Basis for Processing

We process your personal data on the following legal bases:

• Contract: processing necessary to fulfil bookings and provide the Platform services.
• Legitimate interest: improving the Platform, preventing fraud, and ensuring security.
• Consent: marketing communications and optional cookies.
• Legal obligation: complying with tax, accounting, and regulatory requirements.

5. Data Sharing

We share your personal data only in the following circumstances:

• Between Customers and Field Owners: when a booking is made, the Field Owner receives the Customer's name and booking details. Customers receive the field location and access instructions.
• Payment processor: Stripe processes all payments and receives necessary transaction data.
• Email provider: we use a transactional email service to send booking-related communications.
• Hosting provider: our Platform is hosted on infrastructure that stores your data securely.
• Legal requirements: we may disclose data if required by law, regulation, or legal process.

We do not sell your personal data to third parties.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. Specifically:

• Account data: retained until you request deletion of your account.
• Booking and payment records: retained for 7 years to comply with tax and accounting obligations.
• Marketing preferences: retained until you withdraw consent.

7. Your Rights

Under the UK GDPR, you have the right to:

• Access: request a copy of the personal data we hold about you.
• Rectification: request correction of inaccurate or incomplete data.
• Erasure: request deletion of your personal data (subject to legal retention requirements).
• Restriction: request that we limit how we use your data.
• Portability: request your data in a structured, commonly used format.
• Objection: object to processing based on legitimate interests or for marketing purposes.

To exercise any of these rights, please contact us at support@freedomfieldfinder.co.uk. We will respond within 30 days.

8. Cookies

We use essential cookies to keep you signed in and to ensure the Platform functions correctly. These cookies are strictly necessary and do not require your consent. We do not use third-party tracking or advertising cookies.

For more information, see our Cookie Policy.

9. Data Security

We take reasonable technical and organisational measures to protect your personal data, including:

• Encryption of data in transit (HTTPS/TLS).
• Secure authentication via Supabase Auth.
• Rate limiting to prevent abuse.
• Regular security reviews of our codebase and infrastructure.

No system is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Children's Privacy

The Platform is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the Platform. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us at support@freedomfieldfinder.co.uk.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated.