Política de privacidad

Política de privacidad

We collect and process personal information relating to you to ensure we deliver a personalised experience. We are committed to being transparent about how we collect and use data to meet our data protection obligations in accordance with the General Data Protection Regulations (GDPR) and the latest data protection and privacy laws. We’ve detailed all this information in this privacy notice (the “Privacy Policy”).

About this notice

This Privacy Policy applies to all users and customers of all products and services under PSA Group (“PSA”). PSA is made up of different legal entities, details of which can be found here. When we mention World Squash Officiating (“WSO”), we are referring to the relevant company in the PSA Group responsible for processing your data which will be clear to you when you use our website. WSO is the controller responsible for this website including but not limited to the PSA World Tour website (www.psaworldtour.com), SQUASHTV (www.squash.tv), World Squash Officiating (worldsquashofficiating.com) and the PSA Foundation (psafoundation.com)

We have appointed a data protection officer (DPO). If you have any questions about this privacy notice or our data protection practices please contact the DPO at office@psaworldtour.com

In this notice, ‘We’, ‘Us’, ‘Our’ and ‘WSO’ means WSO and all of the services provided by WSO. ‘You’ and ‘Your’ are users and customers. WSO is the data controller and responsible for your personal data.

This Privacy Policy was last updated July 18, 2023.

The GDPR Principles

We will comply with GDPR using these principles:

• To process data lawfully, fairly and in a transparent manner
• To collect data for specified, explicit and legitimate purposes, and only process it in a manner that is compatible with these purposes
• To ensure data is adequate, relevant and limited to what is necessary in relation to the purpose for which it is processed
• To ensure that data is accurate and kept up-to-date
• To ensure that data is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed
• To ensure data is processed in a manner that ensures appropriate security of the data, including protection against authorised or unlawful processing and accidental loss, destruction, and damage.

What personal information do we collect and when?

We collect and process a range of information about you.

This includes:

• Nombre
• Email address
• Address
• Gender
• Date of birth
• Payment details and your billing address
• Information about your use of our services including cookie data
• Relevant National Squash Federation membership numbers, (for example, your WSF Spin number)
• Performance related information, for example, appraisals and activity logs, that you upload to your profile
• Your internet protocol (IP) address

We collect this information in a variety of ways. For example, personal information is collected through sign-up forms on the website.

We collect this personal information when:

• You sign up for newsletters
• You register for an account on WSO
• You purchase a paid WSO membership
• You donate to the PSA Foundation
• You use the WSO website
• When you contact PSA/WSO customer services
• You interact with any other WSO or PSA activities.

 We will seek personal information about you from third parties such as analytic platforms and provider of payment services.

How long do we keep your personal information?

We keep your personal information for only as long as necessary, which is longer in some cases than others. The length is determined on the purpose for which the personal information was obtained. For example:

• We may need to keep some personal information so we can deal with any complaints regarding the services we provide
• If you ask us to stop processing your personal data for direct marketing, we need to retain enough information about you to enable us to ensure we stop including you in those direct marketing activities
• We may have a legal duty to keep certain information for us and authorised third parties to abide by other laws including Payment Card Industry Data Security Standard. Unless there’s some other reason for keeping your personal information, your personal information will be deleted when it is no longer required, for example, if you have not opened any of our marketing email in two years, you will be removed from our mailing list.

How will we use your personal information?

We and our authorised third parties may use your information in a variety of ways, to:

• Monitor, develop and improve our services and/or your experience (this may include personalising the advertising content you see)
• Provide you with access to products and services
• Provide you with product and service recommendations
• Process payments from you to us
• Deal with complaints and enquiries made by you
• Contact you with essential information about our services (like account updates)
• Manage our relationship with you including monitoring compliance with our relevant terms and conditions, policies and terms in connection with the services we provide and you use
• Send you marketing material depending on your preferences and consent
• Geo-restrict or regionalise our services to ensure we comply with our legal obligations.

We only process your personal information when we have legal grounds to do so. Generally, we only process it on the grounds:

• You have given us consent for the processing: please note you will always have the right to withdraw this consent at any time
• The processing is necessary for the performance of a contract to which you are party (for example, the terms and conditions of one of our services)
• The processing is necessary in order to take steps at your request prior to entering a contract
• The processing is necessary for the purposes of the legitimate interests pursued by us or a third party we deem of interest (for example, we have a legitimate interest in understanding how people use our services)

Do we share your personal information?

We may pass your personal information onto third parties, for these reasons:

• To third parties authorised by us and acting on our behalf such as our employees, contractors, suppliers and/or agents to administer services provided to you. These third parties are only allowed access to your information as needed to perform functions of the services or to provide services to us. They’re not allowed to use it for any other purpose.
• We may need to share your details with National Squash federations. We would request they respect and adhere to our Data Protection Policy, together with any geographical statutes on Data Protection eg: GDPR, Privacy Shield.

For marketing communications, where we have your consent to do so (see section below ‘We will send you marketing messages?’)

We will disclose your data where legally required to, for example in the event of a subpoena or if we believe such action is necessary

The only other time we will share your personal information is in order to protect the rights, property or personal safety of the WSO or our users.

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance to our instructions.

How do we protect your personal information?

We take the security of your personal information seriously. We have internal policies and controls in place to ensure, as far as we can, that your personal information is not lost, accidentally destroyed, misused or disclosed, and is not accessed by anyone who is not authorised to do so.

As stated above, if an authorised third party uses your personal information while acting on our behalf, they do so in a professional and lawful manner. We expect them to abide by the same rules we do.

We encrypt your personal information and use two-step authentication techniques wherever possible. We also use secure, purpose-built platforms to manage your personal information.

Please note it is your responsibility to keep your login details a secret and sharing of this information is against the WSO’s Terms and Conditions.

Will we send you marketing communications?

We only send you marketing communications if you provide your consent, for example by signing up for a subscription with the perks of newsletters.

Where we have your consent we may:

• Send you information about existing and new services including special offers
• Send you information about what’s going on in the squash industry. This includes the PSA World Tour and events we broadcast
• Send you information about related products or selected third parties we think may be of interest to you.

You can unsubscribe from these marketing communications at any time. The easiest way to do this is to click the ‘unsubscribe’ link at the bottom of any of our marketing emails. Alternatively, you can email info@worldsquashofficiating.com and ask to be removed from our marketing lists at anytime.

Do we use cookies?

We, and our authorised third parties, may use cookies and/or other tools to store and sometimes track information about you. Please see our Cookie Policy.

International transfers

WSO is an organisation with global reach and as such, your personal information may be transferred outside the European Economic Area (EEA). Many of our external third parties are based outside the EEA so their processing of your personal information will involve a transfer of data outside the EEA. Whenever we transfer your personal information out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that where we use providers based in the US, we may transfer personal information to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between the EEA and the US.

Your rights

Any personal information you supply will be treated in accordance with applicable data protection laws including GDPR and any other superseding legislation. We are committed to delivering the rights that individuals are entitled to under data protection laws.

These are:

• The right to request a copy of the information we hold on you. To do this, please email info@worldsquashofficiating.com making it clear you are requesting a copy of your personal information and including the full details of what you require. You may be required to submit proof of your identity. We try to respond to all legitimate requests within one month, but, if your request is complex, it could take us longer, we will keep you updated throughout the process. You will not have to pay a fee to access your personal information however, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. We may also refuse to comply with your request in these circumstances
• The right to object to your personal information being used for direct marketing. We will obtain your consent before undertaking marketing and you always have the ability to opt out
• The right to object to your personal information being processed where the legal basis for the processing is our own legitimate interests as a business. We will comply with this request unless there’s a lawful reason not to
• The right to correct any details about yourself that are incorrect, ensuring our data records are accurate
• The right to withdraw consent when we are processing your personal information on the basis that you have given us your consent to do so. You can withdraw consent at any time
• The right of erasure, you may request your personal information be erased. We will comply unless there’s a lawful reason for not doing so – for example if there are overriding lawful reasons or legitimate ground for retaining your personal information (keeping payment details to comply with HMRC rules)
• The right to lodge a complaint with the supervisory authority. Please contact us on info@worldsquashofficiating.com about any questions or if you have any complaints about how we process your personal information
• The right to request a transfer of your personal information to you or a third party. Your personal information will be provided in a structured, commonly used, machine readable format
• The right to request restriction of the processing of your personal information. You may request this if for example, our use of the personal information is unlawful, but you do not want us to erase it, or if you have objected to our use of your personal information but we need to verify whether we have overriding legitimate grounds to use it.

Change of business

If we become involved in a merger, acquisition, restructuring, reorganisation, or other transaction involving the sale of some or all of our group company’s assets, then your information may be included in the assets that are transferred to the new owner and maybe provided to the entities and advisors involved. Such a transaction may involve us:

Retaining the right to continue to use transferred personal information in addition to the right of the new owner to use such information and engaging in additional transfers of personal information with the new owner from time to time following such a transaction.

If there are changes to our business such as a re-organisation or restructuring, your personal information will remain subject to this privacy notice. However, where your personal information is transferred to a new owner following a merger or acquisition it may be subject to a different Privacy Notice.

Data Controller

Professional Squash Association (“PSA”) incorporated and registered in the United Kingdom with Company number 02748136 whose registered office is at Top Floor West, 46 The Calls, Leeds, LS2 7EY, England

The Information Commissioner’s Office (ICO) regulates our processing of your personal information, you have the right to lodge a complaint with the ICO.

If you wish to contact us about our Privacy Notice, please email info@worldsquashofficiating.com

Who we are

Our website address is: https://worldsquashofficiating.com.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.

This site uses the Geo Controller (known as CF Geo Plugin) to display public visitor information based on IP addresses that can then be collected or used for various purposes depending on the settings of the plugin.

Geo Controller is a Geomarketing tool that allows you to have full geo control of your WordPress. Geo Controller gives you the ability to attach content, geographic information, geo tags, Google Maps to posts, pages, widgets and custom templates by using simple options, shortcodes, PHP code or JavaScript. It also lets you specify a default geographic location for your entire WordPress blog, do SEO redirection, spam protection, WooCommerce control and many more. Geo Controller help you to increase conversion, do better SEO, capture leads on your blog or landing pages.

This website uses API services, technology and goods from the Geo Controller and that part belongs to the Geo Controller Privacy Policy.

What we collect and store

When you purchase from us, we’ll ask you to provide email address. We’ll use this information for purposes, such as, to:

–Send you information about your account and order

–Create your account for our LMS

If you register a free account then we will store your email address.

We store information about you for as long as your account exists.

We store course progress, including completion status, quiz scores, assignments and/or essay submissions (if applicable).

We will also store comments on courses, lessons, topics, assignments, and essays if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Group Leaders can access:

— Order information such as your enrolled courses, course progress and username / email address.

Any additional information added in your WordPress User Profile can also be visible to the administrator(s).

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics/reporting tools, marketing services (such as email services like MailChimp), payment gateways, gamification programs, and third party embeds.

Payments

In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal below as an example, but you should remove any of these if they are not in use on your site.

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

Please see the PayPal Privacy Policy for more details.

PRIVACY POLICY

Last Updated: 16 February 2026

Names/s

• Professional Squash Association
• Squash Media & Marketing Limited
• Squash United Foundation

Address:

• Top Floor West
• 46 The Calls
• Leeds, England
• LS2 7EY

Email: dataprotection@psasquashtour.com

Introduction

Thank you for visiting our website, mobile application, or event. Your privacy is important to us, and this privacy policy (“Privacy Policy”) explains how the PSA Group (“we“, “us“, or “our“) collects, processes and protects your personal information across our family of organisations and services.

We provide this Privacy Policy explaining our practices as a controller and the choices you can make about the way we collect and use your personal information to provide our products and services, including any and all websites, mobile applications, our events or other entertainment experiences, or any other electronic and/or digital products and/or services that are made available by us (each a “Service” and together the “Services”).

“Users” are persons, including you, that use or attend the Services. Please take the time to read the full Privacy Policy.

We are committed to handling personal data of Users in accordance with the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and, where applicable, the EU General Data Protection Regulation (“EU GDPR”).

If you are located in the European Economic Area (EEA), references to UK GDPR should be read as EU GDPR where applicable.

1.1 Who We Are

The PSA Group consists of:

• Professional Squash Association (“PSA”) – our membership organisation responsible for running the PSA Squash Tour, publishing the weekly PSA World Rankings and operating World Squash Officiating (“WSO”).
• Squash Media & Marketing Limited – our commercial trading entity operating PSA events, SQUASHTV, PSA Website & App, Squash Player Magazine, PSA Squash Store, event ticketing platforms and other activities.
• Squash United Foundation – our charitable foundation.

For the purposes of data protection law, these entities may act as independent controllers or joint controllers depending on the processing activity involved.

Data Protection Officer (DPO):

• Responsible person: Julie Shimmin
• Advisors: Data Protection People
• Email: dataprotection@psasquashtour.com

1.2 Joint Controller Arrangement

Where we jointly determine the purposes and means of processing personal data of Users, for the purpose of the creation of a Fan Profile (“Single Fan View”), we act as joint controllers under Article 26 UK GDPR.

We have entered into a joint controller arrangement which allocates responsibilities for:

• Responding to data subject rights requests
• Providing transparency information
• Maintaining data security
• Managing personal data breaches
• Ensuring lawful processing

You may exercise your data protection rights with any of our entities, and we will coordinate internally to ensure your request is handled appropriately.

Information We Collect 

2.1 Information You Provide Directly

We collect personal data when you:

• Create an account or membership
• Subscribe to Services or purchase products (including but not limited to SQUASHTV subscriptions, WSO courses, merchandise, and event tickets)
• Use SQUASHTV or our digital platforms
• Register for our events
• Contact customer support
• Sign up for newsletters or marketing
• Participate in surveys or promotions

This may include:

• Name, email address, postal address, telephone number
• Payment and billing information
• Username and password
• Demographic information (such as age and gender)
• Communication preferences
• Member or subscriber ID
• Purchase history
• Viewing history and content interactions

2.2 Information from Third Parties

We may receive personal data from:

• Analytics providers such as Google Analytics and Data Talks
• Marketing platforms such as Meta Ads and Google Ads
• Social media platforms (where you connect accounts)
• Publicly available sources

2.3 Obligation to Provide Personal Data and Consequences of Not Providing It

You are not under a statutory obligation to provide us with your personal data. However, in certain circumstances, you may be under a contractual obligation to provide personal data in order for us to fulfil our contract with you. For example:

• To create an account, subscribe to services, or purchase tickets or merchandise, we require certain information (such as your name, email address, payment details, and delivery address where applicable). Without this information, we will be unable to process your order or provide you with the requested service.
• To access SQUASHTV or other subscription-based services, we require account registration details. Without this information, we cannot grant you access to these services.
• To attend PSA events, we may require certain information for ticketing, security, or event management purposes. Without this information, we may be unable to admit you to the event.

Where the provision of personal data is marked as mandatory (for example, with an asterisk (*) in our forms), failure to provide such data will mean we cannot fulfil the relevant contract or provide the service you have requested. Where the provision of personal data is optional, you are free not to provide it, but this may limit the personalization or functionality of our services. You may also exercise your right to erasure (deletion) at any time (see Section 7), though this may similarly affect our ability to continue providing services to you.

How We Use Your Information

We only process your personal data where we have a lawful basis to do so.

3.1 Service Delivery (Contract Performance)

We process your personal data to:

• Provide subscriptions and memberships
• Deliver digital and physical products
• Process payments
• Provide customer support
• Send essential service communications

Legal basis: Article 6(1)(b) UK GDPR – Contract performance.

3.2 Unified Profile (“Single Fan View”) and Profiling

We create a unified profile combining your interactions across our platforms and entities to:

• Provide seamless cross-platform access
• Personalise your experience
• Recommend relevant content
• Improve our Services
• Analyse engagement trends

This involves analysing data such as:

• Viewing history
• Purchase history
• Event participation
• Marketing preferences
• Platform interactions

Legal basis:

• Legitimate interests (Article 6(1)(f)) — to improve and personalise services
• Consent — where required for personalised marketing

Where we rely on legitimate interests, we have conducted a Legitimate Interests Assessment (“LIA”) to ensure our interests are not overridden by your rights and freedoms.

3.3 Marketing Communications

We will only send you marketing communications where:

• You have given consent; or
• We are permitted to do so under applicable electronic marketing laws (such as the Privacy and Electronic Communications Regulations (“PECR”)).

You can manage your preferences at any time by:

• Clicking “unsubscribe” in any marketing email
• Updating your account settings
• Contacting customerservices@psasquashtour.com

Withdrawing consent does not affect prior lawful processing.

3.4 Legitimate Interests Processing

We rely on legitimate interests for:

• Service improvement
• Analytics
• Fraud prevention
• Security monitoring
• Business administration

We ensure such processing is necessary and proportionate.

3.5 Automated Decision-Making

We do not make automated decisions about you. This means we do not use computer systems to make decisions about you without any human involvement that would legally affect you or have a significant impact on you.

While we use technology for everyday tasks — such as sending emails, processing payments, or suggesting content you might enjoy on SQUASHTV — these are not decisions that affect your rights or access to our services.

If this ever changes, we will update this Privacy Policy and seek your permission where required by law.

How We Share Your Information

We may share your personal data with:

• PSA Group entities (under our joint controller arrangement)
• Service providers acting as data processors
• Legal authorities (where required by law)
• Third parties and partners where you have explicitly consented

All processors are subject to Data Processing Agreements compliant with Article 28 UK GDPR.

4.1 Service Providers

We share information with trusted third parties who provide services on our behalf, including:

• Payment processing: Stripe
• Customer Data Platform and email delivery: Data Talks
• Cloud hosting: Amazon Web Services (AWS), Fly.io, Data Talks
• Analytics: Google Analytics
• Customer support: Zendesk
• Website and app development: PT Sport Suite
• Fulfilment and shipping: Source Lab
• Video streaming: Dailymotion

These providers are contractually obligated to protect your data and use it only for specified purposes.

International Data Transfers

Your personal data may be transferred outside the United Kingdom (“UK”) or European Economic Area (“EEA”).

Where this occurs, we rely on appropriate safeguards, including:

• The UK International Data Transfer Agreement (“IDTA”)
• The UK Addendum to EU Standard Contractual Clauses
• EU Standard Contractual Clauses (where applicable)
• UK adequacy regulations
• The UK–US Data Bridge (where applicable)

We ensure transferred data is protected by appropriate technical and organisational measures.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for legal, accounting, or reporting requirements.

Once retention periods expire, data is securely deleted or anonymised.

Your Rights

Under UK GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request erasure
• Restrict processing
• Data portability
• Object to legitimate interest processing
• Withdraw consent
• Not be subject to solely automated decision-making

To exercise your rights, contact: dataprotection@psasquashtour.com. We will respond within one month.

You also have the right to lodge a complaint with the Information Commissioner’s Office.

Data Security

We implement appropriate technical and organisational measures, including:

• Encryption in transit and at rest
• Access controls
• Security monitoring
• Staff confidentiality obligations
• PCI-DSS compliant payment processing
• Regular security assessments

Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Essential functionality
• Performance analytics
• Functional enhancements
• Personalised advertising

Except for strictly necessary cookies, we will not place cookies on your device unless you provide consent via our Cookie Preference Centre.

You may withdraw consent at any time by revisiting the Cookie Preference Centre.

Analytics and advertising cookies are activated only after consent.

Third-Party Links

Our Services may contain links to third-party websites. We are not responsible for the privacy practices of those websites and encourage you to review their privacy policies.

Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated by:

• Updating the “Last Updated” date
• Posting prominent notices on our websites
• Sending email notification where appropriate

Contáctenos

Data Protection Officer

dataprotection@psasquashtour.com

You may lodge complaints with: Information Commissioner’s Office

Website: https://ico.org.uk

Appendix A: Legal Bases for Processing

Appendix B: Data Sharing Summary 

End of Privacy Policy

© 2026 PSA Group. All rights reserved.