Privacy Policy

Overview

As of 25th May 2018, a new data protection law is being introduced in the UK. As a result, SUP Active Yorkshire is in the process of ensuring that our data protection practices comply to the new regulations. In this document is all you need to know about how and why SUP Active Yorkshire process your personal data, how we keep your personal data secure and what your now enhanced rights are in relation to your personal data.

Please do make sure you take the time to read this document carefully so that you are fully informed of the new regulations and what SUP Active Yorkshire is doing about them.

Definitions

Here are some important definitions relating to the new data protection law:

GDPR – General Data Protection Regulation (the new legislation which comes into law in May 2018)

Data Protection – The process of protecting personal data from unauthorised or unlawful disclosure, access, alteration, processing, transfer or deletion

Personal Data – Any information relating to an identified or identifiable natural person

Identifiable Natural Person – A living individual who can be identified from one or more pieces of data which is in possession of the data controller, is likely to come into the possession of the data controller or could be obtained by without too much effort

Data Controller – An organisation or individual which is responsible for determining the purposes and means of processing personal data

Data Processor – An organisation or individual which processes data on behalf of a data controller

Data Subject – The natural person to whom the data relates

Supervisory Authority – The Information Commissioner’s Office (ICO) is the data protection supervisory authority in the UK

Consent – Any freely given, specific, informed and unambiguous indication that the data subject agrees to the processing of his or her personal data by means of clear, affirmative action

Subject Access Request – Request to access personal data held by data controller if the data subject has any doubts concerning the accuracy or lawfulness of the processing of that personal data

Purposes of Data Processing

SUP Active Yorkshire will ensure that all personal data is processed lawfully, fairly and in a transparent manner. We only collect and store contact details provided by yourself for our own records, and for sending out news updates, upcoming events and direct marketing campaigns. This means that only personal data which is relevant for these purposes will be processed, and we will not collect or store any personal data which is not strictly required. All data will be given freely and with your expressed consent, and will be accurate to our knowledge.

Data Security

SUP Active Yorkshire will do everything in our power to ensure that personal data is appropriately secure and protected from unauthorised or unlawful processing, and against accidental loss, damage or deletion.

Your personal data is stored on a password protected database which will only be accessible by the SUP Active Yorkshire’s director. This database is also backed up on another password protected external hard drive and is only accessible by the aforementioned authorised SUP Active Yorkshire staff. We will continue to review and upgrade our security measures in accordance with technological development.

The personal data you provide will be stored in this manner indefinitely, unless you instruct us otherwise.

Transfer of Data to Third Parties

SUP Active Yorkshire will never pass your personal data on to any third party except in the case of medical emergency when under the supervision of SUP Active Yorkshire staff, when we may need to pass information from your medical form on to a medical professional. Medical forms will be destroyed 4 weeks after staying at SUP Active Yorkshire, unless there has been a reportable accident, in which case medical forms may again have to be passed on to the relevant authorities and then archived.

Your Rights

Under Article 15 of GDPR (2018), the data subject has the right to:

• Be informed how and why personal data is being processed

• To access any personal data relating to you which is stored by the data controller

• To rectify any personal data which is found to be inaccurate or incomplete

• To request deletion or removal of personal data

• To restrict the processing of your personal data if inaccurate or in certain other circumstances

• To data portability (to move, copy or transfer personal data easily from one IT environment to another)

• To object to the processing of personal data for direct marketing purposes

• Not to be subjected to automated decision making/profiling (not used at all by SUP Active Yorkshire)

Subject Access Requests

Following any subject access request, SUP Active Yorkshire shall provide, without charge and without undue delay, the following: confirmation that personal data is being processed, a copy of the personal data that is being processed, and all information essentially equivalent to our Privacy Policy.

For further copies, or if the request is manifestly unfounded or excessive, a reasonable fee may be charged to cover administrative costs. When the subject access request is made electronically, this information will be provided in a commonly used electronic format, unless otherwise requested by the data subject.

SUP Active Yorkshire Data Controller

The data controller is Daniel Godridge SUP Active Yorkshire and can be contacted using the following:

Telephone – 07984247519

Email – supactiveyorkshire@btinternet.com

Postal Address –

Daniel Godridge 

1 Birch close

Scotton

Catterick Garrison

North Yorkshire

DL9 3RG