Teamzum← Back to home

Privacy Policy

Last updated: 2 June 2026

This Privacy Policy explains how EFG Group Ltd ("we", "us", "our"), trading as Teamzum, collects, uses, shares and protects personal data when you use the Teamzum platform. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

EFG Group Ltd is the data controller for personal data of account holders (e.g. club administrators, parents, coaches signing up to Teamzum). For personal data of a Club's players and members uploaded by the Club, the Club is the data controller and Teamzum is the data processor.

Registered office: Ground Floor, 5 North Court, Armstrong Road, Maidstone, Kent, ME15 6JZ. Contact: support@teamzum.com.

2. Data we collect

  • Account data: name, email address, phone number, role, password (hashed).
  • Club data: club name, address, branding, staff list.
  • Player and parent data: name, date of birth, contact details, team, attendance, availability, photo, safeguarding consents and (where the Club chooses to record it) medical or dietary information.
  • Payment data: subscription mandates, payment status, transaction amounts. Bank account details are collected and held by GoCardless — we do not store them on our servers.
  • Communications: announcements, direct messages, fixture and training notifications, support tickets.
  • Technical data: IP address, device type, browser, log data, cookies and similar technologies.

3. How we use your data

  • To provide and operate the Service (contract).
  • To send transactional emails such as fixture notifications, payment receipts and security alerts (contract / legitimate interests).
  • To process payments through GoCardless and Stripe (contract).
  • To improve the Service, troubleshoot and detect fraud (legitimate interests).
  • To comply with legal obligations (legal obligation).
  • With your consent, to send optional marketing or product updates (consent — you can opt out at any time).

4. Children's data

Teamzum is designed to manage grassroots sports clubs, including junior teams. Children under 18 do not register directly. A parent or guardian registers and is responsible for the player profile, including consenting to any medical and photographic information being held.

5. Sharing your data

We share personal data with carefully selected service providers, including:

  • GoCardless — Direct Debit collection.
  • Stripe — card payments for the club shop.
  • Resend — transactional email delivery.
  • Cloud infrastructure providers — hosting, database and storage (primarily in the EU/UK).
  • Other Club users — for example, your team's coach can see your child's availability and attendance.

We do not sell personal data. We may disclose information where required by law, court order or regulatory request.

6. International transfers

Some of our providers process data outside the UK/EEA. Where this happens we rely on appropriate safeguards such as the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or adequacy regulations.

7. Retention

We retain personal data for as long as is necessary to provide the Service and to meet legal, accounting and reporting requirements. Player profiles are retained while a player is registered with the Club, and typically for up to 12 months after they leave so the Club can restore records if needed. Financial records are retained for at least 6 years.

8. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data ("right to be forgotten") in certain circumstances.
  • Object to or restrict processing.
  • Request portability of your data.
  • Withdraw consent at any time (where processing is based on consent).
  • Complain to the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, email support@teamzum.com. We aim to respond within one month.

9. Security

We use industry-standard measures to protect personal data, including TLS encryption in transit, encryption at rest, role-based access control, audit logging and regular backups. No system is 100% secure, but we work hard to minimise risk and to notify users promptly in the unlikely event of a personal data breach.

10. Cookies

We use essential cookies and similar technologies to keep you logged in and to remember your preferences. We use a minimal amount of analytics to understand how the Service is used. We do not run third-party advertising cookies.

11. Email notifications

Transactional emails (payment receipts, fixture notifications, security alerts) are sent as part of providing the Service. You can manage your in-app and email notification preferences in your account settings.

12. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be notified by email or in-app.

13. Contact

For any privacy questions or to exercise your data protection rights, contact us at support@teamzum.com or by post at EFG Group Ltd, Ground Floor, 5 North Court, Armstrong Road, Maidstone, Kent, ME15 6JZ.