Privacy policy

Whitlingham Adventure Privacy, Website and Cookies Notice

This privacy notice provides details about how we, Norfolk County Council, collect and use personal information from you whilst you visit our web site or otherwise interact with us  (including when you use our facilities). At the bottom of this privacy notice we also explain how and when we use cookies on this website.

For clarity, Whitlingham Adventure is part of Norfolk County Council. Norfolk County Council is the ‘controller’ for your personal information.

By ‘use’ we mean the various ways your personal information may be processed including storing and sharing the information

By ‘you’ we mean you as an individual and/or those whom you are booking a session on behalf of (for example if you are a school, club or organisation).

If you have previously consented to us using photos and/or videos of you for promotional purposes, you can withdraw this consent by contacting us at: whitlingham@norfolk.gov.uk or 01603 632307.

Further Details

We provide the following further details in our general privacy notice, available at: www.norfolk.gov.uk/privacy

• who we are
• how long we use your information for
• your rights under the UK GDPR and how to exercise them

The type of personal information we use

The type of information we may collect and use includes:

• Contact details;
• Date of birth
• Emergency Contact Details (and their relationship to you)
• Payment Details (these might be the payment details of your school, club or organisation);
• Information you provide when making an enquiry or otherwise communicating with us;
• Photographs of you (for accreditation purposes and promotional material);

We may also collect and use information about:

• Gender
• Disabilities and Additional Support Needs
• Religion or Philosophical Belief (indirectly if/when you request catering)

This information is classed as “special category data” under the UK GDPR. We may only collect these data when it is relevant and for the purposes described above.

We do not collect information concerning criminal convictions and offences.

The UK GDPR includes safeguards to protect the use of your special category data. Further details can be found on our website in the document named ‘Special category data and criminal offences data policy’ which sets out our procedures for compliance with the principles of the UK GDPR and the retention and erasure of this information.

What we use your information for

We use the personal information that you give to us to:

• provide our services to you;
• respond to any queries you make to us;
• inform you of any changes to services, goods or products that you have purchased from us;
• provide information to you relating to other products that may be of interest to you. Such additional information will only be provided where you have consented to receive such information;
• use your information in certain ways for promotional activity which may include use of photos. Your consent will always be obtained if we want to use your information in this way;
• To provide and manage this website.

We also use this information to assess the quality of our services and evaluate and improve our policies and procedures.

We may also use information in other ways compatible with the above.

Who Provides this Information

We receive your personal information from you meaning; you as an individual and/or those whom you are booking a session on behalf of (for example if you are a school, club or organisation).

The Lawful Basis for Using your Information

For ordinary personal information (that is, all your information which is not special category data we have legal grounds to process this information where it is necessary:

• to fulfil a contract to provide a service to you;
• when you consent to it.

For special category, we have legal grounds to process this information where:

• we have obtained your consent to do so (for example photos and videos)
• To comply with legal obligations including:
  • Equality Act 2010 (providing reasonable adjustments)
  • The Activity Centres (Young Person’s Safety) Act 1995 and the Adventure Activities Licensing Regulations 2004 (providing a suitably safe environment)

Who we share your information with

We may need to share your information with:

• Certification bodies (in order to process any qualifications, you are applying for);

Any information which is shared will only be shared on a need-to-know basis, with appropriate individuals. Only the minimum information for the purpose will be shared.

Your personal information may also be given to third parties contracted by the County Council to provide a service to the County Council. These service providers are known as data processors and have a legal obligation under UK GDPR and to the County Council to look after your personal information and only use it for providing that service. In particular, this includes Cinolla, who provides this website for the County Council.

Sending your personal information to other countries

We do not transfer your personal information outside of the UK and the European Economic Area.

Where we store your information

When you make a booking or buy a product or service from us via our website, we will store your information in the systems that we use to process those bookings and provide services and in our customer relationship management system.

When you sign up to receive marketing communications from us your email address or postal address and preferences are stored in our website database and the email system that we use to send email communications. You can unsubscribe from these emails at any time by emailing whitlingham@norfolk.gov.uk

How long will we keep your information for

When the information is no longer needed for the above purposes, it will be securely deleted.

If we need to use your information for research or reports, your information will be anonymised and any information taken from notes (handwritten or typed) during any consultation sessions will be securely destroyed. The information will continue to be used in a summarised and anonymised form in any research reports or papers that are published. The anonymised information in the papers may be of historic interest and may be held in public archives indefinitely.

How we keep your information

All information is stored on secure servers and temporary paper copies are kept securely until digitised and then destroyed.

Apart from as explained below regarding cookies provided by Google, we do not process your information outside of the UK and European Economic Area.

Automated Decision Making

We do not make automated decisions about you.

 

 

Our use of Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

We use the following cookies:

• Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
• Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
• Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
• Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests.

Please note, the cookies, _ga, _gid, and _gat are provided by Google. Google may send the information from Cookies (such as; make and model of device, access time and location), to the United States of America. If/when this happens we are not able to guarantee that your information will have the same level of protection as it would within the UK/EEA. This is as it may be intercepted by United States Government agencies. Please take this into consideration when deciding whether to provide consent for these cookies.

You can find more information about the individual cookies we use and the purposes for which we use them below:

_ga – Installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site’s analytics report. This is retained for 2 years from use of site.

_gid – Installed by Google Analytics. Determines how you use the website, while also creating an analytics report of the website’s performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. This is retained for 1 day from use of the site.

_gat – Installed by Google Universal Analytics.  Limits requests to access the website, to help prevent website crashes. This is retained for 1 minute from use of website.

JSESSIONID.  Used by New Relic. Stores a session identifier so that New Relic can monitor session counts for an application. This is retained only whilst you access the website.

You can manage the cookies being used by selecting the relevant option within the cookie banner. Please note, if you reject all cookies, some aspects of the website may not function properly.

You can also adjust the settings on your computer to decline any cookies. This can be done within the “settings” section of your computer. For more information, please read the advice at AboutCookies.org.

Links to third party websites

On occasion we include links to third parties on this website. Where we provide a link, it does not mean that we endorse or approve that site’s policy towards visitor privacy. You should review their privacy policy before sending them any personal data.

Contacting Us

If you have any questions about this privacy notice or how we handle your personal information, please do not hesitate to contact us regarding any matter relating to this privacy notice via email at information.management@norfolk.gov.uk

Changes to this privacy notice

We keep this privacy notice under regular review and may amend it from time to time. the date below will be amended each time this notice is updated.

This notice was last updated in February 2023.