Privacy Policy
Effective date: . This policy supplements any executed confidentiality deeds governing football estate mandates.
1. Controller
Whitestone Football Properties Ltd (“Whitestone”, “we”, “us”) incorporated in England & Wales (Company No. 10488391). Registered office: Aldgate Quarter House, Whitechapel High Street, London E1 7RA.
Queries about this Policy may be routed to [email protected] or in writing via the postal address above for the attention of the Data Stewardship Desk.
2. Scope
This Policy explains personal data gathered through whitestone‑fp.co.uk marketing microsites, telephone intake, WhatsApp routing numbers published for client convenience (where applicable), analogue correspondence, webinars, pitches, diligence rooms, onsite surveys, CCTV at managed estates (processed solely under delegated instructions), recruitment activity, investor relations mail, CRM workflows, newsletters, referral partner exchanges, procurement channels, safeguarding reports, and emergency broadcasts.
3. Personal data processed
Categories may comprise:
- Identification & contact data (given names, surname, role, affiliation, postal address, telephone, WhatsApp identifiers, fax if supplied, photographic ID hashed references for physical visits).
- Authentication tokens (cookies, bearer tokens tied to portals, cryptographic handshake metadata).
- Professional context (organisation type, pyramid tier, safeguarding responsibilities, capex horizons, board composition redacted dossiers furnished voluntarily).
- Financial intelligence limited to AML/KYC where legally requisite (bank mandates, PEP screening excerpts, sanctioned entity cross-check artefacts).
- Special category data surfaced only via explicit safeguarding or medical triage escalation with separate consent or vital interests justification recorded by our supervising officer.
4. Sources
- Individuals submitting web forms or dictating verbally to concierge assistants.
- Referral partners acting under reciprocal compliance obligations.
- Public statutory registers open to fiduciary analysts.
- Technical logs emanating from content delivery safeguards.
5. Purposes & lawful bases
| Purpose | Lawful bases (GDPR Articles) |
|---|---|
| Contract facilitation & service delivery | Art. 6(1)(b) performance of contract steps |
| Regulatory, league, municipal compliance | Art. 6(1)(c) legal obligation |
| Corporate security & incident response | Art. 6(1)(f) legitimate interests |
| Optional analytics/marketing artefacts | Art. 6(1)(a) consent (withdraw freely) |
Legitimate-interest balancing assessments are maintained internally; copies available subject to confidentiality redactions upon reasoned inquiry.
6. Disclosure & transfer
We collaborate with chartered agronomists, insured contractors, chartered surveyors, legal counsel bound by UK professional secrecy, safeguarding boards, auditors, catastrophe insurers, whistleblowing helplines, cloud processors subject to SCCs/TIA where necessary, HM Revenue & Customs, Serious Fraud Office if compelled through sealed orders, FA/EFL/EFL Trust regulatory arms when statutorily aligned, municipalities under memoranda governing PPP stadium refresh programmes, counterparties enforcing arbitral awards, successor entities under mergers, and philanthropic foundations hosting community pitch endowments.
Transfers outside the UK utilise adequacy findings, Approved IDTA/SCC overlays, supplementary technical measures (tokenisation plus split knowledge architecture), importer due diligence dossiers refreshed biannually.
7. Automated decision-making
We abstain from meaningful solely automated adjudications that produce legal/significant impacts. Telemetry models inform agronomic rotations but humans retain affirmative control.
8. Retention
Operational matter files ordinarily seven years aligned with HMRC corporate record guidance; safeguarding materials longer if league protocols demand; dormant marketing enquiries twenty-four months unless you re-engage; cookie preference logs twelve rolling months; anonymised benchmarking indefinitely.
9. Cookies & similar technologies
Essential cookies enable secure HTTPS transport affinity, intrusion detection correlation, fraudulent form throttling and CSRF token rotation. Analytics cookies (when enabled) summarise aggregate navigation heat without attempting device fingerprint escalation beyond proportionality evaluations. Manage via the site cookie banner overlay.
10. Individual rights
- Right of access, rectification, erasure subject to fiduciary retention carve-outs.
- Right to restriction & objection where lawful.
- Right to data portability structured as CSV/JSON handovers for comparable controller ingestion when systems permit programmatic extraction absent bespoke engineering outlays disproportionate under ICO cost-of-compliance guidance.
- Withdraw consent pertaining to discretionary processing without retrospective impairment of lawful bases.
- Right to escalate complaints to ICO (UK) — ico.org.uk.
Responses shall issue within statutory windows unless complexities with multi-club consortia require extension notifications citing Article 12(3) qualifiers.
11. Data security
Technical controls comprise TLS 1.2+ everywhere, ephemeral signing keys rotated weekly, biometric access tiering for London servers, segregation of staging vs production VLANs. Organisational measures include annual penetration tests, tabletop ransomware rehearsals, phishing simulations, segregation of duties for finance approvals exceeding £450k discretionary pitch refurbishments.
12. Children's data
Where academy engagements involve minors, parental/guardian authority is evidenced before dossier creation; medical metrics remain minimised strictly to concussion protocol necessity.
13. Automated marketing suppression
Each marketing outbound includes succinct opt-out choreography; suppressed identities propagate to allied marketing processors within seventy-two hours.
14. Modifications
Revision entries appear atop this Policy with conspicuous dating; materially adverse changes prompting fresh consent utilise registered email dissemination where contact information persists.
This document expresses operational intent and does not establish third-party beneficiaries; interpret concurrently with negotiated engagement letters prevailing where conflicts inadvertently arise.