PRIVACY Policy
Last Updated: May 7, 2026
1. Introduction
This Privacy Policy describes how WM Phoenix Open – Coors Light Birds Nest (“we,” “us,” or “our”) collects, uses, stores, and discloses personal data when you visit or use our website located at www.coorslightbirdsnest.com (the “Website”). We are committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable data protection laws.
By accessing or using the Website, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please do not use the Website.
2. Data Controller
For the purposes of the GDPR, the data controller responsible for your personal data is:
Coors Light Birds Nest, 7226 N. 16th Street, Suite 100, Phoenix, Arizona 85020, 602-870-0163
If you have any questions about this Privacy Policy or our data processing practices, you may contact our Data Protection Officer at info@wmphoenixopen.com.
3. Personal Data We Collect
We may collect and process the following categories of personal data:
Data you provide directly. This includes information you voluntarily submit through the Website, such as your name, email address, postal address, telephone number, and any other information you provide when you fill out forms, create an account, subscribe to newsletters, or communicate with us.
Data collected automatically. When you visit the Website, we automatically collect certain technical information, including your IP address, browser type and version, operating system, referring URLs, pages visited, time and date of access, and other diagnostic data. We may collect this information through cookies, web beacons, and similar tracking technologies as described in Section 9 below.
Data from third parties. We may receive personal data about you from third-party sources, including analytics providers, advertising networks, and publicly available sources, to the extent permitted by applicable law.
4. Legal Bases for Processing
We process your personal data only where we have a valid legal basis under Article 6 of the GDPR. The legal bases upon which we rely include:
Consent (Article 6(1)(a)). Where you have given clear, informed, and unambiguous consent to the processing of your personal data for one or more specific purposes. You may withdraw your consent at any time by contacting us at info@wmphoenixopen.com, without affecting the lawfulness of processing based on consent before its withdrawal.
Performance of a contract (Article 6(1)(b)). Where the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.
Legal obligation (Article 6(1)(c)). Where the processing is necessary for compliance with a legal obligation to which we are subject.
Legitimate interests (Article 6(1)(f)). Where the processing is necessary for the purposes of our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. Our legitimate interests include operating, maintaining, and improving the Website, preventing fraud, and ensuring network and information security.
5. How We Use Your Personal Data
We use the personal data we collect for the following purposes: to provide, operate, and maintain the Website and our services; to process transactions and send related information, including confirmations and invoices; to communicate with you, including responding to your inquiries, providing customer support, and sending administrative messages; to send promotional communications, such as newsletters and marketing materials, where you have consented to receive such communications or where we are otherwise permitted to do so; to monitor and analyze usage trends and preferences to improve the Website and user experience; to detect, prevent, and address technical issues, fraud, and security concerns; and to comply with applicable legal obligations, regulations, and enforceable governmental requests.
6. Data Sharing and Disclosure
We do not sell your personal data to third parties. We may share your personal data with the following categories of recipients:
Service providers. We engage third-party companies and individuals to perform services on our behalf, such as hosting, analytics, payment processing, email delivery, and customer support. These service providers have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. Where required, we enter into data processing agreements with such providers in accordance with Article 28 of the GDPR.
Business transfers. In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal data may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal data.
Legal requirements. We may disclose your personal data if required to do so by law or in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
With your consent. We may share your personal data with third parties when we have your explicit consent to do so.
7. International Data Transfers
Your personal data may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. Where we transfer personal data outside the European Economic Area (“EEA”), we ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR, including Standard Contractual Clauses approved by the European Commission, binding corporate rules, or reliance on an adequacy decision by the European Commission.
8. Data Retention
We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, whether we can achieve those purposes through other means, and applicable legal requirements. When we no longer need your personal data, we will securely delete or anonymize it in accordance with applicable law.
9. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to collect and track information about your activity on the Website. Cookies are small data files placed on your device. We use the following types of cookies:
Strictly necessary cookies. These cookies are essential for the Website to function and cannot be switched off in our systems. They are usually set in response to actions you take, such as setting your privacy preferences, logging in, or filling in forms.
Performance and analytics cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of the Website. They help us understand which pages are most and least popular and how visitors move around the Website.
Functional cookies. These cookies enable the Website to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages.
Targeting and advertising cookies. These cookies may be set through the Website by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites.
You can manage your cookie preferences through your browser settings or through our cookie consent mechanism presented upon your first visit to the Website. Please note that disabling certain cookies may affect the functionality of the Website.
10. Your Rights Under the GDPR
Under the GDPR, you have the following rights with respect to your personal data:
Right of access (Article 15). You have the right to request confirmation as to whether we process your personal data and, if so, to obtain access to that data and certain related information.
Right to rectification (Article 16). You have the right to request the correction of inaccurate personal data and, taking into account the purposes of the processing, to have incomplete personal data completed.
Right to erasure (Article 17). You have the right to request the deletion of your personal data in certain circumstances, such as where the data is no longer necessary for the purposes for which it was collected.
Right to restriction of processing (Article 18). You have the right to request the restriction of processing of your personal data in certain circumstances, such as where you contest the accuracy of the data.
Right to data portability (Article 20). You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller without hindrance.
Right to object (Article 21). You have the right to object to the processing of your personal data on grounds relating to your particular situation, where the processing is based on our legitimate interests. You also have the right to object at any time to the processing of your personal data for direct marketing purposes.
Right not to be subject to automated decision-making (Article 22). You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except in certain limited circumstances.
To exercise any of these rights, please contact us at info@wmphoenixopen.com. We will respond to your request within one month of receipt, in accordance with Article 12 of the GDPR. If we require an extension of time, we will inform you within the initial one-month period.
If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.
11. Security of Personal Data
We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage, in accordance with Article 32 of the GDPR. These measures include, as appropriate, encryption of data in transit and at rest, access controls, regular security assessments, and staff training on data protection. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.
12. Children’s Privacy
The Website is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly. If you believe that we may have collected personal data from a child, please contact us at info@wmphoenixopen.com.
13. Cloudflare Turnstile
This Website uses Cloudflare Turnstile, a privacy-focused bot detection and security service provided by Cloudflare, Inc. Turnstile processes certain client-side signals — including IP address, TLS fingerprint, User-Agent header, and site key — solely to distinguish human users from bots and to protect the Website from malicious automated traffic.
Cloudflare acts as a data processor when handling this data to deliver the Turnstile service on our behalf, and as a data controller when using it to improve Turnstile’s bot detection capabilities. Cloudflare does not use these signals to identify, profile, or target individual users.
For more information, please refer to the Cloudflare Turnstile Privacy Addendum and Cloudflare’s main Privacy Policy. For privacy concerns related to Turnstile data processing, you may also contact Cloudflare’s Data Protection Officer at dpo@cloudflare.com.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will notify you of any material changes by posting the updated Privacy Policy on the Website with a revised “Last Updated” date. We encourage you to review this Privacy Policy periodically. Your continued use of the Website after any changes constitutes your acceptance of the updated Privacy Policy.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:
WM Phoenix Open – Coors Light Birds Nest, Attn: Data Protection Officer, 7226 N. 16th Street, Suite 100, Phoenix, Arizona, info@wmphoenixopen.com, 602-870-0163.