Summary of our Privacy Statement

Long Mountain Paddleboarding are committed to protecting your privacy and personal information. We want to share how we use your information for any of the services that we provide. 

This policy (together with our terms of website use, and any other documents referred to in them) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. 

Please read the following carefully to understand our practices regarding your personal data and how we will process it. 

By using our services (including visiting this website) you are accepting and consenting to the practices described in this policy.

For the purposes of the Data Protection Act 1998 and the General Data Protection Regulation ((EU) 2016/679) (GDPR), the data controller is Mr Richard JM Brook, Long Mountain Paddleboarding, Quabbs Farm, Blackmore, Shrewsbury, Shropshire, SY5 9RL, Registration Number: ZB164809

 

How we use your information?

Long Mountain Paddleboarding uses your personal information differently based on how we work with you. You can find out more about how we use your information in each situation below.

Long Mountain Paddleboarding DATA PROTECTION PRINCIPLES

This privacy notice applies to:

  • Individuals participates in a course or activity;
  • Individuals who use our website;
  • Individuals who purchase goods via our website;
  • Individuals who feature in our articles and/or newsletters;
  • Individuals who contact us with an enquiry or complaint;
  • Individuals captured on our CCTV system;
  • Individuals who subscribe to our newsletters/updates;
  • Individuals who engage with us on social media;
  • Individuals who participate in one of our surveys or questionnaires;

In the sections below, when referring to the individuals listed above, we use the terms “you” or “your”.

 

OUR APPROACH TO PRIVACY

We take your privacy extremely seriously and want you to feel confident that your personal information is safe in our hands.

We will only use your personal information in accordance with data protection law applicable to England and Wales from time to time.

Under data protection law, when we use your personal information, we will be acting as a data controller. Essentially, this means that we will be making decisions about how we want to use your personal information and why.

Below ,we summarise the main rules that apply to us under data protection law when we use your personal information:

 

1. We must be upfront about how we intend to use your personal information and must use your personal information fairly. Providing privacy information to individuals (such as in this privacy notice) is one aspect of using personal information fairly.

 

2. We must only use your personal information if we have a legal basis to do so under data protection law. These legal bases include:

  • That you have consented to our use of your personal information;
  • That we need to use your personal information to perform a contract between us (or to take steps at your request prior to entering into a contract);
  • That we (or someone else) has a legitimate reason for needing to use your personal information and those legitimate interests are not outweighed by your rights or interests. We must balance our respective rights and interests before we can rely upon this legal basis;
  • We need to use your personal information to comply with laws we are subject to.

 

3. We must only use certain types of sensitive personal information (such as information relating to your health), if we can also satisfy one of the conditions for processing this type of information set out in data protection law. These conditions include:

  • That you have given us your explicit consent to use the information; and
  • That the processing is necessary for reasons of substantial public interest.

 

4. We are only permitted to share your personal information with others in certain circumstances and if we take steps to ensure that your personal information will be secure.

 

5. Generally speaking, we must only use your personal information for the specific purposes we have told you about. If we want to use your personal information for other purposes, we need to contact you again to tell you about this.

 

6. We must not hold more personal information than we need for the purposes we have told you about and must not retain your personal information for longer than is necessary for those purposes (this is known as the “retention period”). We must also dispose of any information that we no longer need securely.

 

7. We must ensure that we have appropriate security measures in place to protect your personal information.

 

8. We must act in accordance with your rights under data protection law.

 

9. We must not transfer your personal information outside the European Economic Area (“EEA”) unless certain safeguards are in place. One such safeguard is that the personal data is only transferred to a country that has been approved by the European Commission as having an acceptable level of data protection law.

 

ENGAGING WITH US ON SOCIAL MEDIA

Any social media posts or comments you send to us (on the Sport Wales Facebook page, for instance) will be shared under the terms of the relevant social media platform (e.g.Facebook, Twitter, Instagram) on which they're written and could be made public. Other people, not us, control these platforms. We are not responsible for this kind of sharing. 

Before you make any remarks or observations about anything, you should review the terms and conditions and privacy policies of the social media platforms you use. That way, you'll understand how they will use your information, what information relating to you they will place in the public domain, and how you can stop them from doing so if you're unhappy about it.

When will we share your information with others?

Sometimes, we will need to share your personal information with others. This section sets out details of who we will share your personal information with and why. It also tells you about our legal basis for doing so under data protection law and steps we will take to protect your personal information.

We will never sell your personal information on to third parties.

 

OUR SERVICE PARTNERS

Who are our service partners?

Our service partners include:

Providers of card payment systems;

Couriers and other suppliers of delivery services.

We haven’t included the names of our service partners in this privacy notice because their identity will change from time to time. However, if you would like further information about any of our current service providers, please contact us using the details set out on page 34 of this document.

Why we need to share your personal information with them?

We use the service partners described above to enable us to perform our contracts with you.

The legal bases we rely upon when sharing your personal information.

The sharing of your personal data with suppliers and sub-contractors is necessary for the performance of our contract with you.

What precautions do we take?

We enter into contracts with our service providers which require them to put appropriate security measures in place and which restrict their use of your personal information.

 

OUR MARKETING PARTNERS

Who are our marketing partners?

Our marketing partners are marketing agencies that we use to create and/or deliver advertising and other promotional material on our behalf.

We haven’t included the names of our marketing partners in this privacy notice because their identity will change from time to time. However, if you would like further information about any of our current marketing partners, please contact us.

Why we need to share your personal information with them?

We may need to share your personal information with our marketing partners if we ask them to create marketing materials addressed to you or to contact you with direct marketing on our behalf.

The legal bases we rely upon when sharing your personal information.

We will either be relying on your express consent or our legitimate interests in developing and expanding our business.

What precautions do we take?

We enter into contracts with our marketing partners providers which require them to put appropriate security measures in place and which restrict their use of your personal information.

 

PROVIDERS OF INFORMATION TECHNOLOGY SERVICES

Who will we be sharing your personal information with?

Suppliers of information technology products and services such as Computer Software Suppliers Cloud Storage providers (including hosted application providers, and Software as a Service providers

We haven’t included the names of our IT/Cloud Service providers in this privacy notice because their identity will change from time to time.

Why we need to share your personal information with such providers?

We use suppliers of information technology products and services in connection with the supply, maintenance and/or improvement of our IT network and the creation, development hosting and maintenance of our website;

We use cloud storage providers to provide a secure method of storing electronic data;

We use analytics and search engine providers to assist us to improve our website.

The legal bases we rely upon when sharing your personal information.

We rely upon our legitimate interests in ensuring that our business can function properly and efficiently and that our IT network is secure;

The sharing of your personal data with analytics and search engine providers is based on our legitimate interests in having an efficient and user-friendly website.

What precautions do we take?

We enter into contracts and Data Processing Agreements with our IT providers/cloud storage providers which require them to put appropriate security measures in place and which restrict their use of your personal information.

Why we need to share your personal information with such providers?

We use suppliers of information technology products and services in connection with the supply, maintenance and/or improvement of our IT network and the creation, development hosting and maintenance of our website;

We use cloud storage providers to provide a secure method of storing electronic data;

We use analytics and search engine providers to assist us to improve our website.

The legal bases we rely upon when sharing your personal information.

We rely upon our legitimate interests in ensuring that our business can function properly and efficiently and that our IT network is secure;

The sharing of your personal data with analytics and search engine providers is based on our legitimate interests in having an efficient and user-friendly website.

What precautions do we take?

We enter into contracts and Data Processing Agreements with our IT providers/cloud storage providers which require them to put appropriate security measures in place and which restrict their use of your personal information.

 

OTHER THIRD PARTIES

We may also need to share your personal information with others in the following circumstances:

Legal or regulatory requirements - On occasion, we may be required to disclose your personal information to organisations such as the courts or the police to comply with legal obligations we are subject to and/or to prevent fraud or crime.

Protecting our business - From time to time we may need to disclose your personal information in connection with steps we need to take to protect our business interests or property. For example, if you default with payment, we may disclose your personal information to credit reference agencies or debt collection or tracing agents.

Professional advice and legal action - We may need to disclose your personal information to our professional advisers (for example, our lawyers and accountants) in connection with the provision by them of professional advice and/or the establishment or defence of legal claims.

 

INDIVIDUALS WHO PARTICIPATE IN A COURSE OR ACTIVITY

What personal information we will use?

  • Your name;
  • Your address;
  • Your contact details (such as your telephone number and/or email address);
  • Your car registration number;
  • Emergency contact details;
  • Dates of your course;
  • Details of course or activity undertaken;
  • Payment details (debit or credit card).
  • Information about any medical or health conditions declared;

How we will obtain the personal information?      

The information we use is provided by you when you make a reservation and/or register for a course or activity.

 

What purposes we will use the personal information for?

We will use the personal information to contact you regarding your course/activity and for administration purposes;

We will use the emergency contact details to contact your emergency contact in the event of an incident, illness or injury;

We will use the payment details provided to take payment for the course/activity.

The legal bases we rely upon:          

Our use of your personal information for administration purposes and to take payment is necessary for the performance of the contract between us.

Our use of your emergency contact details and any health issues you’ve shared with us is based on the need to keep you safe and ensuring that we can obtain instruction from the people nominated by you in the even of an illness or injury. 

How long we retain the personal information and why?

We will not store your credit/debit card details, we will only use the information to obtain payment.

We usually keep records relating to your course/activity for a period of six years after your visit in case any contractual disputes or claims.

Consequences of not providing/permitting us to obtain personal information

Without your name, contact details and payment information you will not be able to take part in the activity/course you are interested in.