www.beechdown.co.uk (Website) is brought to you by Crocodile Leisure Limited, trading as The Beechdown Club (‘we’ or ‘us’) whose registered address is Beechdown Park, Winchester Road, Basingstoke, Hampshire, RG22 4ES and company number 02708521.
Why you should read this policy
For the purposes of the Data Protection Act 1998, the General Data Protection Regulation (GDPR), the Data Protection Bill when in force and all other relevant legislation, Crocodile Leisure Limited is the ‘data controller’ (is responsible for, and controls the processing of, your personal data).
Personal data we may collect about you
Information that you provide
Personal information about you (such as your name, email address, phone number, bank details) will be obtained, whenever you provide this information by completing forms on the Website.
We will also obtain personal information when you fill in any membership, application or booking forms we provide to you, send feedback, post material, contact us for any reason and by any medium, sign up to a service, make purchases, share information via the Website’s social media functions, enter a competition, complete a survey or report a problem with the Website.
We may need to ask you for sensitive information or ‘special categories of data’ such as information about your health if you become a member. We will always ask for your consent to process this information.
We may retain a record of any contact you make with us.
We use CCTV on our premises for the prevention and detection of crime or disorder and to protect both our and your interests. We regularly assess our CCTV use to ensure that it is controlled, justified and proportionate.
Personal Information about other individuals
If you give us information on behalf of your child or someone else, you confirm that you are their guardian (if they are under the age of 16) or the other person has appointed you to act on his/her behalf and has agreed that you can:
- give consent on his/her behalf to the processing of his/her data;
- receive on his/her behalf and data protection notices;
- give consent to any transfer of his/her data;
Information from third parties
Occasionally we may receive information about you from other sources (such as credit reference agencies) which will be added to the information already held about you in order for us to help supply our services and treatments to you.
Information that will be collected automatically
Device information: We may also collect information about your device each time you use the Website. For example, we may collect information on the type of mobile device that you are using and its unique device identifier (for example, the IMEI number, the device’s mobile phone number, or the MAC address of the device’s wireless network interface), the type of mobile browser that you are using, the mobile operating system that you are using, mobile network information and the time zone setting.
Information on your device: We may also collect information which is stored on your device each time you use the Website. For example, we may collect contact information, login information, friends lists, photos, videos and other digital content with your prior consent.
Location data: We may also collect information to determine your location using GPS technology or such other location tracking software we may use from time to time. Some of the features of the Website may require access to such location data to work. If you would like to use any such feature, you will be asked to consent to provide such location information. You can withdraw your consent to providing this information at any time by emailing firstname.lastname@example.org or contacting us via the contact details at the bottom of this policy.
How your personal data will be used
We will use your personal data for the following purposes:
- to provide our services and treatments to you;
- to help identify you and any accounts you hold with us;
- to contact you via phone or email to confirm your appointments or space in a class;
- research, statistical analysis and behavioural analysis;
- customer profiling and analysing your purchasing preferences;
- marketing—see 'Marketing and opting out';
- fraud prevention and detection;
- billing and order fulfilment for purchases made through the Website;
- credit scoring and credit checking;
- customising the Website and its content to your particular preferences;
- to notify you of any changes to the Website or to our services or products that may affect you;
- improving our services and products.
Our lawful basis for processing your personal information
Under laws that are designed to protect your personal data, we need to have what is called a lawful basis or ground each time we use, share or otherwise process your personal data.
We will always ask for your consent to process any information about your health and will also ask for your consent to market to you.
We may also need to process your personal data to comply with any legal obligations which may be applicable. Likewise, we may process your personal data where this is in the public interest or it is to protect your vital interests, but this will only be in rare circumstances.
In most cases, our processing of your personal data is necessary for the performance of our services to you.
Certain uses of your personal data, or other processing activities, may not be strictly necessary to perform our services to you, however, they may be necessary for the purposes of our legitimate interests or the legitimate interests of a third party. They may also be in your interests.
When we say “legitimate interests”, we mean our (or a third party’s) interests in enabling us to provide our services to you as efficiently and securely as possible. For example, we may choose to use a third party to store your personal data; we may do this in part because our use of that service means that your personal data is more secure.
Marketing and opting out
If you give your consent, we may share your personal data with organisations who are our business partners and we or they may contact you (unless you have asked us or them not to do so) by mail, telephone, sms, text/picture/video message, email, about products, services, promotions, special offers and charitable causes that may be of interest to you. If you prefer not to receive any further direct marketing communications from us or our business partners, you can opt out at any time. See further 'Your rights,' below.
If you choose to opt out of marketing, we will still send you communications confirming your appointments or other booked services, though if you do not wish to receive communications via certain channels such as sms, you can request this of us. Please see ‘Consent and your Rights of Access’ for further information.
Disclosure of your personal data
We may disclose your personal data to:
- a third party who acquires substantially all of Crocodile Leisure Limited’s assets, in which case the personal data shall be one of the acquired assets;
- law enforcement and regulatory agencies in connection with any investigation to help prevent unlawful activity or as otherwise required by applicable law
Keeping your data secure
We will use technical and organisational measures to safeguard your personal data, for example:
- where you create an account on the website, this will be controlled by a password and username that are unique to you;
- We will store your personal data on secure servers;
- payment details are encrypted using SSL technology.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet.
Transfers of data out of the EEA
We will make reasonable efforts to ensure that your data is not transferred outside the European Economic Area (EEA). Where we use data servers that may transfer data out of the EEA we will take steps to ensure adequate protections are in place to ensure the security of your information and give you remedies in the unlikely event of a security breach.
All information you provide to us is stored with secure data processors for the purposes of storing your data, accounting purposes and social media purposes for example. A copy of your information is also stored securely on our internal server and computers where access is restricted.
Please note that ant processors we utilise that may transfer your data to the US, comply with the EU-US Privacy Shield Framework, which is a mechanism that ensures compliance with EU data protection requirements when transferring personal data from the European Union to the United States. You can learn more about Privacy Shield here: https://www.privacyshield.gov/welcome
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us using our contact details at the bottom of this policy.
What you can do to keep your information safe
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit . Get Safe Online is supported by HM Government and leading businesses.
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.
Your Consent and Rights of Access
You can change your mind or remove or amend your consent at any time.
- You have the right of access to your personal records or other information that we hold about you. There is no administrative charge for this service.
- You have the right to rectify any errors in the data we hold about you. If any data or information we hold about you is inaccurate, or out of date, please contact us and we will correct this immediately.
- You have the right to have the data we hold about you erased.
- If you wish us to continue to store your information but wish us to keep your data separate and not process it in any way, please let us know and we will do so.
- You have the right to ask us to stop processing your personal data for direct marketing purposes. You may also specify that you object to direct marketing by particular channels such as by email of telephone. If this is the case, please specify the channels you are objecting to in your communications with us.
- You have the right to data portability. If you wish to obtain your data for your own purposes across different services, we will provide this information to you in a CSV file. There is no administrative charge for this service.
- You have the right to object to any direct marketing.
To revise your consent, access, amend or remove your records or assert any of your rights set out above, you should send your request in writing to us at email@example.com.
You will need to provide proof of identity and address (eg a copy of your driving licence or passport, and a recent utility or credit card bill); and specify the personal data you want access to, amended or removed.
How long we will store your data
We will store your data for as long as necessary for the purpose of processing. The data will be deleted in the following circumstances:
- You have withdrawn your consent to data processing
- The original purpose for processing the data is no longer relevant or cannot be performed any more.
- The data is no longer up to date or accurate.
- keep track of the items stored in your shopping basket and take you through the checkout process;
- recognise you whenever you visit the Website (this speeds up your access to the Website as you do not have to log on each time);
- carry out research and statistical analysis to help improve the Website content, products and services and to help us better understand our visitor and customer requirements and interests;
- target our marketing and advertising campaigns and those of our partners more effectively by providing interest-based advertisements that are personalised to your interests; and
- make your online experience more efficient and enjoyable.
Consent (notification on home page)
Third party cookies
We work with third-party suppliers who may also set cookies on the Website which, for example, we may use to display video content. These third-party suppliers are responsible for the cookies they set on our Website. If you want further information, please go to the website for the relevant third party. You will find additional information in the table below.
Description of cookies and similar technologies
The cookies that we utilise on our Website are placed to fulfil such functions as allowing visitors to share content with a range of networking and sharing platforms, analyzing how you use the Website and giving you a better more personalized experience.
Our Website uses the following cookies:
- Session cookies expire at the end of your browser session and allow us to link your actions during that particular browser session.
- Persistent cookies are stored on your device in between browser sessions, allowing us to remember your preferences or actions across multiple sites.
This HTTP cookie is a session secure cookie used to assess website traffic.
Duration: End of browser session.
This is a Google Analytics cookie that allows Google to track any call conversions on mobile devices. For example if you click on a phone number on one of our web pages to dial from your mobile device.
Duration: 3 months.
How to turn off cookies
If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of the Website. For further information about cookies and how to disable them please go to: www.aboutcookies.org or www.allaboutcookies.org.
Our contact details
We welcome your feedback and questions. If you wish to contact us, please send us an email to firstname.lastname@example.org. You can also write to us at Beechdown Park, Winchester Road, Basingstoke, Hampshire, RG22 4ES or call us on 01256 362222.
We may change this Policy from time to time. You should check this policy frequently to ensure you are aware of the most recent version that will apply each time you use the Website.
Data Protection Supervisory Authority
The Data Protection Supervisory Authority in the UK is the Information Commissioners Office. Should you have any complaints about the way we handle your data, you may direct them to the ICO. More information on the ICO can be found on their website here: https://ico.org.uk