Adrenaline Alley ("We") are committed to protecting and respecting your privacy.
The Data Protection Act 1998 requires all Data Controllers who process personal data to notify the Information Commissioner unless they are exempt. Failure to notify is a criminal offence.
Organisations and people we hold information about are referred to in this policy as Data Subjects. Adrenaline Alley is the Data Controller. Mr Paul Young, Operations Director has been designated as the Data Protection Compliance Officer for the organisation.
We hold three types of information which are covered by this policy:
If an accident or incident occurs on our premises, then we will keep a record of this (which may include personal data and sensitive personal data).
We will not hold information about individuals without their knowledge and consent. It is a legal requirement that people know what we are doing with their information and who it will be shared with.
We will only hold information for specific purposes. We will inform data subjects what those purposes are. We will also inform them if those purposes change.
The Data Protection Act 1998 and the EU General Data Protection Regulation ensure that we comply with a series of data protection principles. Therefore, we may collect and process the following data about you:
With respect to visiting the Adrenaline Alley website, social media sites and app, data collection about your device information includes, but is not limited to, mobile and Wi-Fi network, battery status, device model and operating system.
Your location within the premises and any subsequent data may also be collected & monitored for security & safety purposes when visiting Adrenaline Alley.
Any data we keep will only be as accurate as the data submitted by any person, or persons, completing documents, forms, registrations and/or membership or other applications. We will not amend or remove any such data without obtaining consent from the individual(s) concerned.
We will only keep or erase data with consent of the Data Subjects and/or within the principles of the Data Protection Act 2018. However, we will endeavour to:
These principles also apply to any third-party involvement i.e. IT support & AA partners
We will use your personal data for a for the purpose or purposes it was collected for and within the rules set out in the Data Protection Act 1998, at all times.
We will only ever use your personal data with your consent, or where necessary, to:
We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these by post or telephone.
If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were available to you previously.
If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.
Your data will not be used in this way and we will not pass your details on to third parties for marketing purposes unless you tick/untick the relevant box located on the relevant registration screen.
Data that we collect from you may be transferred to, and/or stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or our suppliers. Such staff maybe engaged in, among other things, the processing of your registration details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. Adrenaline Alley will take all reasonable steps necessary to ensure that your data is treated securely and in accordance with this policy.
All information you provide is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Although transmission of information via the internet may not be completely secure we will endeavour to protect your personal data. However, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We will also store personal data on our internal systems, including membership, incident logging sections, etc., and including employees’ personal information on our CRM. Access to this information is restricted to relevant authorised personnel.
We will seek to maintain accurate information by creating ways in which data subjects can update the information held. Information about Data Subjects will not be disclosed to other organisations or to individuals who are not members of our organisation, staff or trustees except in circumstances where this is a legal requirement, where there is explicit or implied consent or where information is publicly available elsewhere.
Data Subjects have the option not to receive marketing mailing from us or other organisations. You are reminded, if you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the registration form on which we collect your data.
Data Subjects will be entitled to have access to information held about them by us and for what purpose within 28 days of submitting a written request.
There may be situations where we work in partnership with other organisations on projects which require data sharing. We will clarify which organisation is to be the Data Controller and will ensure that the Data Controller deals correctly with any data which we have collected.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes.
You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.
You can also exercise the right at any time by contacting us at enquiries@adrenalinealley.co.uk Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Right to withdraw your consent
If you no longer wish us to hold information on you, or no longer wish to receive communication from us, then you can request removal by contacting us at enquiries@adrenalinealley.co.uk. Please note: Personal data is collected as part of the membership and registration sign up process.
Requesting removal may result in your membership being cancelled and you will have to re-register to participate in activities at Adrenaline Alley if you wish to visit the premises in future.
Employees’ personal data will be kept safe, secure and up to date.
The data we will keep about an employee includes, but is not exhaustive to:
We will also keep details about an employee such as:
As an equal opportunity employer, we recognise an employee has a right to be told:
If an employee asks to find out what data is kept on them, we understand we are obliged to provide them with that data and we have up to 40 days to provide a copy of the information.
Adrenaline Alley and our partners have procedures for ensuring the security of all electronic personal data. Paper records containing confidential personnel data are disposed of securely. Project documents and staff records are all kept in locked filing cabinets, IT equipment containing personal information is kept in a looked room or cupboard when not in use. PC’s and computers used for public use are password protected and have sufficient security protocols in place.
All passwords should contain upper and lower-case letters, a number and ideally a symbol. This will help to keep information secure.
We will ensure all portable devices such as memory sticks, laptops & android devices used to store personal information are encrypted.
Payment security ensures all electronic forms that request financial data use Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers.
If a credit card is used, your credit card details are passed securely to our payment provider. Other payment methods are handled in a similar manner. Adrenaline Alley complies with the payment card industry data security standard (PCI-DSS) published by the PCI Security Standards Council.
Our premises have CCTV and will be recording when you visit site. CCTV will only be viewed when necessary (i.e. to detect or prevent crime). Footage is stored temporarily and unless it is flagged for review, CCTV recordings will be recorded over. Adrenaline Alley complies with the Information Commissioner’s Office CCTV Code of Practice, and notices indicating CCTV is in use are on display in and around the facility.
Our employees are made aware of their obligations to data protection and security measures at induction and during training events. Any breaches of confidentiality or misjudgements may be subject to disciplinary action.
Our cookie & privacy policies are available to view or download on the Adrenaline Alley website:
Adrenaline Alley has a set of procedures covering all areas of our work which is followed to ensure the aims set out above are achieved.
A Privacy Impact Assessment will be carried out regularly and made available upon request.
Adrenaline Alley has an established back-up/disaster recovery plan and regular back-ups of computer data files are stored away from the office at a safe cloud location.
All new staff will receive instruction on data protection policy and procedures. Relevant members of staff are informed on how personal information is stored and handled. Refresher training will be provided for existing staff.
We will carry out an annual review of the data protection policy and procedures and make relevant changes.
A copy of this policy is available to view or download on our website
Questions, comments and requests regarding this cookie policy are welcomed and should be addressed to enquiries@adrenalinealley.co.uk
Or in writing to:
The DCPO
Adrenaline Alley Head Office,
6 Priors Haw Road,
Weldon Industrial Estate,
Corby,
Northamptonshire,
NN17 5JG
The Data Protection Principles defined by the Information Commissioners Office (ICO)
Whenever collecting information about people Adrenaline Alley agrees to apply the Eight Data Protection Principles:
Personal data shall not be transferred outside the EEA unless that country or territory ensures an adequate level of data protection.
This policy is reviewed annualy by the Data Protection Compliance Officer for the organisation.
Review date:
26th February 2018
16th May 2018
Your login details have been used by another user or machine. Login details can only be used once at any one time so you have therefore automatically been logged out. Please contact your sites administrator if you believe this other user or machine has unauthorised access.