Last Updated On: 01/04/2021
Our Commitment to GDPR
The GDPR imposes requirements upon organisations to strengthen the security and enhance the protection of personal data of EU residents. We are firmly committed to GDPR compliance.
Definition of Data Controller and Data Processor
A data controller is the person or organisation that decides the purpose for which and the way in which any personal data is processed. A Data processor refers to the person or organisation which processes personal data on behalf of the controller.
The data controller and data protection officer for Hedsor Field Camping is Philip Pitcher, contactable at: email@example.com
This Privacy Notice is meant to help you understand what Personal Data we collect, why we collect it, and what we do with it. It also describes the choices available to you with regard to the use of your Personal Data and how you can access and update this information.
We are committed to protecting the privacy of individuals and businesses that purchase or make a contribution towards our services and individuals who register with our website.
We have adopted the following principles to govern the use, collection, and transmittal of Personal Data, except as specifically provided by this Policy or as required by applicable laws:
Personal data will only be processed fairly and lawfully
We do not collect any more personal data than is necessary to provide the services
We only use your personal data for the purposes specified in this Privacy Notice, unless you agree otherwise
We do not keep your personal information if it is no longer needed
We do not sell, distribute or share your personal information with third parties
You can have your data updated at any time
You can remove your data at any time
You can request a copy of the data we store on you at any time
Personal data is securely stored and managed.
What is personal data?
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, can also constitute personal data.
Personal data is subject to the protection requirements set out in the GDPR.
Examples of data considered as personal data:
Name and surname
Email address such as YourName@company.com
Location data (for example the location data function on a mobile phone)
What and How We Collect and Maintain Information
We collect and maintain information that may include:
First and last name
Any specific requests you make when booking with us
In order to communicate with us, you may be prompted to provide certain personal data in the following ways:
By filling in forms (i.e. a “Contact Us” form or “Live Chat”) on our website
Contact directly (i.e. by email)
When we enter into a relationship for the intended services we will require your name, address, email address and contact numbers. This information is generally exchanged through email or through our website and forms part of a business record for maintaining contact and accounts.
By corresponding with us by e-mail or otherwise using our contact details.
Typically, the personal data you provide may include name and email address, and any personal details required to resolve any enquiries or complaints.
How We Use Personal Data
We use personal data provided by you to provide services and for business purposes such as delivering services, marketing, billing and for other general purposes.
We will never share your personal data, or otherwise make your personal data available to any third parties for the purposes of marketing or targeting you. We will not sell, rent, or exchange your personal data with any third-parties.
We use your personal data to:
Engage and educate you about our services.
Provide you with documentation or communications that you have requested, such as invoicing/billing.
Correspond with you to resolve your queries or complaints.
Send you marketing communications.
How We Protect Your Personal Data
All of your Personal Data remains private and confidential. The security of your Personal Data is extremely important to us. We follow generally accepted standards to protect personal data submitted to us, both during transmission and once it is received.
Our email communications are sent over, and received from, an encrypted connection to the mail systems. Provided you ensure your email communications settings in your email application are also configured to use security you should be assured of the secure communications between us.
Location of Personal Data
Systems we use that contain data may be stored in one of the following locations:
On a local encrypted drive attached to a computer system.
On a portable encrypted device.
Cookies are small text files that are placed on your computer by websites that you visit. These text files can be read by these websites and help to identify you when you return to a website. Cookies can be “persistent” or “session ID” cookies. Persistent cookies remain on your computer when you have gone offline, while session ID cookies are deleted as soon as you close your web browser.
Our website and the associated plugins and theme use both session and persistent cookies.
In general, cookies are used to retain user preferences, store information, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser.
We do not use any hidden marketing or targeted advertising on our website, All of the cookies that are used are legitimate for the delivery of the service.
Your Rights under the Personal Data Protection Laws
As our customer you have the right to:
Request access to your personal data (known as a data access request). This enables you to receive details of the personal data we hold about you and to check that we are lawfully processing it.
Request Correction of the personal data that we hold about you.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us to continue processing it.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this basis. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want to establish its accuracy or the reason for processing it.
Request the transfer of your personal data to you or another data controller if the processing is based on consent, carried out by automated means and this is technically feasible. We do not believe that any circumstances exist where this right would be exercised due to the very small amount of data held.
Your Responsibilities under the Personal Data Protection Laws
Within your rights under privacy laws you are entitled to ask for a copy of the data (access request) that we hold in our systems. We will follow a process to make sure that before any personal data is transmitted to the requester, that they are legitimately entitled to receive it.
If you do not co-operate in this process to establish the legitimacy of the request, the information will not be released. Any requests on my part to verify your request will be undertaken solely to protect us both against a breach of your personal information.
Should this situation occur and not be resolved to your satisfaction, you should write or contact the ICO office to escalate the matter.
You may withdraw your consent at any time by contacting us at firstname.lastname@example.org
Automated Decision Making
We do not carry out any Automated Decision Making based on the data we hold about you.
Data Retention Period
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.
Data retention periods will depend upon a number of factors such as:
The requirements of our business relationship and services provided.
Relevant statutory or legal obligations.
The purposes for which the data was originally collected.
The lawful grounds upon which we based the processing.
They types of personal data collected.
The amount and categories of your personal data.
Whether the purpose of the processing could be achieved by other means.
Our normal data retention period for data received in connection with our operations and services will be 7 years in line with regulatory requirements unless there is a legitimate interest for retaining that data for a longer period.
Subscribers wishing to unsubscribe themselves from our newsletter will be unsubscribed within seven days of an email request to email@example.com.
Example of long-term data retention
We are required by law to be able to record sales and tax information for up to 7 years. In this case we must retain any pertinent information on these transactions.
Changes to this Privacy Notice
We may change this Privacy Notice from time to time by updating this page in order to reflect changes in the law and/or my privacy practices. We encourage you to check this Privacy Notice for changes whenever you visit one of my websites. Each privacy notice will note the date it has been released, we will also inform you of changes through our newsletter.
How to Contact Us
You also have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s contact details are as follows:
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Chesire, SK9 5AF
Telephone 0303 123 1113 (local rate) or 01625 545 745 (national rate).
Website – https://ico.org.uk/concerns