Home / Privacy Policy

Privacy Policy

Brighton and Hove Albion Football Club Limited ("We") are committed to protecting and respecting your privacy. We will protect the rights of individuals (data subjects) when data is obtained, stored, processed or supplied to others.

This Privacy Policy (together with our Terms of Use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Please note that when you are using our website, we also use cookies to collect information about your use of our website, which is done in accordance with our Cookies Policy.

For the purpose of the Data Protection Act 1998 (the "Act"), the data controller (who controls the use of the personal data collected about you) is Brighton and Hove Albion Football Club Limited whose registered office is at Maria House, 35 Millers Road, Brighton BN1 5NP and whose contact address is at American Express Community Stadium, Village Way, Brighton, East Sussex BN1 9BL.

We are notified as a data controller with the UK Information Commissioner.

In relation to your personal data that We hold, We will comply with the eight Data Protection Principles contained in the Act, i.e.:

  1. Personal data shall be processed fairly and lawfully.
  2. Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or purpose.
  3. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
  4. Personal data shall be accurate and where necessary, kept up to date.
  5. Personal data processed for any purpose or purposes shall not be kept for longer than is necessary.
  6. Personal data shall be processed in accordance with the rights of data subjects under this Act.
  7. Security measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction or damage to personal data.
  8. Personal data shall not be transferred to a country or territory outside the European Economic Area, unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

Information We May Collect From You

We may collect and process the following data about you:

  1. Information that you provide by filling in forms contained on any of our websites www.seagulls.co.uk, www.seagullsdirect.co.uk, www.seagullslotto.co.uk, and/or www.youngseagulls.co.uk (our "website"). This includes information provided by you at the time you:
    1. register to use our website;
    2. subscribe to our services;
    3. post material to our website;
    4. request further services from us;
    5. purchase tickets through our website. We will add your details to our database;
    6. contact customer services. We will add your details to our database and we may keep a copy of the correspondence;
    7. sign up for the Young Seagulls, in accordance with our terms and conditions. We will add your details to our database;
    8. purchase merchandise through our online shop. Your information, including your payment card details is collected securely in order to take payments for the merchandise you purchase and to keep a record of orders fulfilled;
    9. enter the Seagull Lotto. Your information, including your payment card details is collected securely in order to take payment from you and to administer the lotto;
    10. purchase Stadium Tours. Your information, including your payment card details is collected securely in order to take payment from you. We will collect information from you which may include sensitive personal data (for example details of any disabilities you may have) which you agree We may store and use for the purposes of providing the tour to you and contacting you in relation to the tour;
    11. purchase catering services from us. The information we collect from you may include sensitive personal data (for example dietary requirements due to your racial or ethnic origin or your religious beliefs). You agree that We may store and use such information and pass the information to our relevant third party caterers for their use in providing catering services to you; and
    12. participate in corporate events, sponsorship and the 1901 Club. Any personal data collected will be held in our database for contacting you regarding promotional events that may be of interest to you.
  2. We may also ask you for information when you report a problem with our website.
  3. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
  4. We may keep details of your visits to our website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access. Please read our Cookie Policy for further information.
  5. We have Close Circuit Television ("CCTV") operating within the Stadium and notices are displayed in the Stadium to alert you to this. We may use such CCTV images captured for monitoring purposes including but not limited to activity within the Stadium and surrounding areas, safety and detection of crime.

Where We Store Your Personal Data

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by third parties or staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where We have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, We cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access.

Uses made of the Information

We use information held about you in the following ways:

  1. to ensure that content from our website is presented in the most effective manner for you and for your computer;
  2. to provide you with information, products or services that you request from us or which We feel may interest you, where you have consented to be contacted for such purposes;
  3. to carry out our obligations arising from any contracts entered into between you and us;
  4. to allow you to participate in interactive features of our service, when you choose to do so; and
  5. to notify you about changes to our service.

As part of offering these services we may at times be required to transfer some of your data to third parties for processing to enable fulfilment of product purchases or provision of services. This will be limited to that which they need to carry out their services and only in the way in which we instruct them as part of a contractual agreement. Your data will never be sold or shared with third parties for the purposes of marketing without seeking prior consent.

We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and We or they may contact you about these unless you opt out.

If you are an existing customer, We will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale to you.

If you are a new customer, subscriber or user of our services, and where We permit selected third parties to use your data, We (or they) will contact you by electronic means only if you have consented to this.

If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data.

Disclosure of Your Information

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

We may disclose your personal information to third parties:

  1. in the event that We sell or buy any business or assets, in which case We may disclose your personal data to the prospective seller or buyer of such business or assets.
  2. if Brighton and Hove Albion Football Club Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  3. if We are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use and other agreements; or to protect the rights, property, or safety of Brighton and Hove Albion Football Club Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction, as well as sharing your personal data with FL Interactive Ltd (c/o the Football League).

Your Rights

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if We intend to use your data for such purposes or if We intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing at any time by contacting us at dataprotection@bhafc.co.uk.

Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Access to Information

The Act gives you the right to access information held about you. Your right of access can be exercised by downloading the Subject Access Request form from our website. Any access request will be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.

Other relevant information

Where the information you are seeking is contained in files that are not appropriately structured or referenced, it may not be easy to locate and to identify whether personal information is held or being used. We keep as little 'unstructured' information as possible, since it is difficult to access and use.

If you require access to information held in these ‘unstructured’ manual files, you should describe the information in a way that would allow us to find it. It will help us to process your subject access request if you can be as specific as possible about what you want. Even if you describe the information, we are not obliged to provide you with access to unstructured manual data.

Changes to Our Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.


Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to the Data Protection Officer at Brighton & Hove Albion Football Club Ltd at American Express Community Stadium, Village Way, Brighton, East Sussex BN1 9BL, or at dataprotection@bhafc.co.uk.