For clarity, Whitlingham Adventure is part of Norfolk County Council. Norfolk County Council is the ‘controller’ for your personal information.
By ‘use’ we mean the various ways your personal information may be processed including storing and sharing the information
By ‘you’ we mean you as an individual and/or those whom you are booking a session on behalf of (for example if you are a school, club or organisation).
If you have previously consented to us using photos and/or videos of you for promotional purposes, you can withdraw this consent by contacting us at: email@example.com or 01603 632307.
We provide the following further details in our general privacy notice, available at: www.norfolk.gov.uk/privacy
The type of personal information we use
The type of information we may collect and use includes:
We may also collect and use information about:
This information is classed as “special category data” under the UK GDPR. We may only collect these data when it is relevant and for the purposes described above.
We do not collect information concerning criminal convictions and offences.
The UK GDPR includes safeguards to protect the use of your special category data. Further details can be found on our website in the document named ‘Special category data and criminal offences data policy’ which sets out our procedures for compliance with the principles of the UK GDPR and the retention and erasure of this information.
What we use your information for
We use the personal information that you give to us to:
We also use this information to assess the quality of our services and evaluate and improve our policies and procedures.
We may also use information in other ways compatible with the above.
Who Provides this Information
We receive your personal information from you meaning; you as an individual and/or those whom you are booking a session on behalf of (for example if you are a school, club or organisation).
The Lawful Basis for Using your Information
For ordinary personal information (that is, all your information which is not special category data we have legal grounds to process this information where it is necessary:
For special category, we have legal grounds to process this information where:
Who we share your information with
We may need to share your information with:
Any information which is shared will only be shared on a need-to-know basis, with appropriate individuals. Only the minimum information for the purpose will be shared.
Your personal information may also be given to third parties contracted by the County Council to provide a service to the County Council. These service providers are known as data processors and have a legal obligation under UK GDPR and to the County Council to look after your personal information and only use it for providing that service. In particular, this includes Cinolla, who provides this website for the County Council.
Sending your personal information to other countries
We do not transfer your personal information outside of the UK and the European Economic Area.
Where we store your information
When you make a booking or buy a product or service from us via our website, we will store your information in the systems that we use to process those bookings and provide services and in our customer relationship management system.
When you sign up to receive marketing communications from us your email address or postal address and preferences are stored in our website database and the email system that we use to send email communications. You can unsubscribe from these emails at any time by emailing firstname.lastname@example.org
How long will we keep your information for
When the information is no longer needed for the above purposes, it will be securely deleted.
If we need to use your information for research or reports, your information will be anonymised and any information taken from notes (handwritten or typed) during any consultation sessions will be securely destroyed. The information will continue to be used in a summarised and anonymised form in any research reports or papers that are published. The anonymised information in the papers may be of historic interest and may be held in public archives indefinitely.
How we keep your information
All information is stored on secure servers and temporary paper copies are kept securely until digitised and then destroyed.
Apart from as explained below regarding cookies provided by Google, we do not process your information outside of the UK and European Economic Area.
Automated Decision Making
We do not make automated decisions about you.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use the following cookies:
Please note, the cookies, _ga, _gid, and _gat are provided by Google. Google may send the information from Cookies (such as; make and model of device, access time and location), to the United States of America. If/when this happens we are not able to guarantee that your information will have the same level of protection as it would within the UK/EEA. This is as it may be intercepted by United States Government agencies. Please take this into consideration when deciding whether to provide consent for these cookies.
You can find more information about the individual cookies we use and the purposes for which we use them below:
_ga – Installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site’s analytics report. This is retained for 2 years from use of site.
_gid – Installed by Google Analytics. Determines how you use the website, while also creating an analytics report of the website’s performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. This is retained for 1 day from use of the site.
_gat – Installed by Google Universal Analytics. Limits requests to access the website, to help prevent website crashes. This is retained for 1 minute from use of website.
JSESSIONID. Used by New Relic. Stores a session identifier so that New Relic can monitor session counts for an application. This is retained only whilst you access the website.
You can manage the cookies being used by selecting the relevant option within the cookie banner. Please note, if you reject all cookies, some aspects of the website may not function properly.
You can also adjust the settings on your computer to decline any cookies. This can be done within the “settings” section of your computer. For more information, please read the advice at AboutCookies.org.
Links to third party websites
If you have any questions about this privacy notice or how we handle your personal information, please do not hesitate to contact us regarding any matter relating to this privacy notice via email at email@example.com
Changes to this privacy notice
We keep this privacy notice under regular review and may amend it from time to time. the date below will be amended each time this notice is updated.
This notice was last updated in February 2023.