Adrenaline New Banners Home 01 new

Our Policies

Adrenaline New Banners Home 02 new

Our Policies

Adrenaline New Banners Home 03 new

Our Policies

Adrenaline New Banners Home 04 new

Our Policies

Adrenaline New Banners Home 05 new

Our Policies

Data Protection Policy


Adrenaline Alley ("We") are committed to protecting and respecting your privacy.

The Data Protection Act 1998 requires all Data Controllers who process personal data to notify the Information Commissioner unless they are exempt. Failure to notify is a criminal offence.

Organisations and people we hold information about are referred to in this policy as Data Subjects. Adrenaline Alley is the Data Controller. Mr Paul Young, Operations Director has been designated as the Data Protection Compliance Officer for the organisation.

We hold three types of information which are covered by this policy:

  • Organisational information – publicly available information about organisations and some confidential information
  • Personal information – information about individual members such as names, addresses, Date of Birth, age, gender, ethnicity and/or details about a respective individuals’ medical condition and/or disability and emergency contact details
  • Sensitive personal information – in general this kind of information is only held about employees, volunteers and work experience personnel (with consent from suppliers)
  • although we may collect and store sensitive personal data (such as information relating to health) regarding some of our customers We will take extra care to ensure these privacy rights are protected.

If an accident or incident occurs on our premises, then we will keep a record of this (which may include personal data and sensitive personal data).

We will not hold information about individuals without their knowledge and consent. It is a legal requirement that people know what we are doing with their information and who it will be shared with.

We will only hold information for specific purposes. We will inform data subjects what those purposes are. We will also inform them if those purposes change.

The Data Protection Act 1998 and the EU General Data Protection Regulation ensure that we comply with a series of data protection principles. Therefore, we may collect and process the following data about you:

  • Information that you provide by filling in registration or booking forms on our website or visiting our social media sites. This includes information provided at the time of registering to use our sites, subscribing to our services, posting material or requesting further services
  • We may also ask you for information if you report a problem with our sites. If you contact us, we may keep a record of that correspondence
  • Details of your visits to our sites include, but are not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own purposes, or otherwise, and the resources that you access
  • We will not store any of your financial details (credit/debit card information) for any purchases made online from our website
  • If you contact us, we may keep a record of that correspondence
  • We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them
  • Your name, address, telephone number and/or email address in order to contact you with details of your booking or in the unlikely event that we need to contact you urgently about your booking

With respect to visiting the Adrenaline Alley website, social media sites and app, data collection about your device information includes, but is not limited to, mobile and Wi-Fi network, battery status, device model and operating system.

Your location within the premises and any subsequent data may also be collected & monitored for security & safety purposes when visiting Adrenaline Alley.

Any data we keep will only be as accurate as the data submitted by any person, or persons, completing documents, forms, registrations and/or membership or other applications. We will not amend or remove any such data without obtaining consent from the individual(s) concerned.

We will only keep or erase data with consent of the Data Subjects and/or within the principles of the Data Protection Act 2018. However, we will endeavour to:

  • review the length of time we keep personal data
  • update, archive or securely delete information if it goes out of date
  • consider the purpose or purposes we hold the information for in deciding whether to retain it
    • securely delete information that is no longer needed for this purpose and/or these purposes

These principles also apply to any third-party involvement i.e. IT support & AA partners

We will use your personal data for a for the purpose or purposes it was collected for and within the rules set out in the Data Protection Act 1998, at all times.
We will only ever use your personal data with your consent, or where necessary, to:

  • engage in, or perform, any agreement with you
  • comply with legal duties
  • protect your vital interests
  • perpetrate our own (or 3rd party) lawful interests, provided your rights are not overridden
  • ensure that content from our site is presented in the most effective manner for you & your devices
  • provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes
  • carry out our obligations arising from any contracts entered between ourselves
  • allow you to participate in interactive features of our service(s), when you choose to do so
  • notify you about changes to our service
  • or, where otherwise permitted under the Data Protection Act 1998

We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these by post or telephone.

If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were available to you previously.

If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.
Your data will not be used in this way and we will not pass your details on to third parties for marketing purposes unless you tick/untick the relevant box located on the relevant registration screen.

Data that we collect from you may be transferred to, and/or stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or our suppliers. Such staff maybe engaged in, among other things, the processing of your registration details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. Adrenaline Alley will take all reasonable steps necessary to ensure that your data is treated securely and in accordance with this policy.

All information you provide is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Although transmission of information via the internet may not be completely secure we will endeavour to protect your personal data. However, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

We will also store personal data on our internal systems, including membership, incident logging sections, etc., and including employees’ personal information on our CRM. Access to this information is restricted to relevant authorised personnel.

We will seek to maintain accurate information by creating ways in which data subjects can update the information held. Information about Data Subjects will not be disclosed to other organisations or to individuals who are not members of our organisation, staff or trustees except in circumstances where this is a legal requirement, where there is explicit or implied consent or where information is publicly available elsewhere.

Data Subjects have the option not to receive marketing mailing from us or other organisations. You are reminded, if you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the registration form on which we collect your data.
Data Subjects will be entitled to have access to information held about them by us and for what purpose within 28 days of submitting a written request.

There may be situations where we work in partnership with other organisations on projects which require data sharing. We will clarify which organisation is to be the Data Controller and will ensure that the Data Controller deals correctly with any data which we have collected.

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes.

You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.

You can also exercise the right at any time by contacting us at [email protected] Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Right to withdraw your consent
If you no longer wish us to hold information on you, or no longer wish to receive communication from us, then you can request removal by contacting us at [email protected]. Please note: Personal data is collected as part of the membership and registration sign up process.

Requesting removal may result in your membership being cancelled and you will have to re-register to participate in activities at Adrenaline Alley if you wish to visit the premises in future.

Employees’ personal data will be kept safe, secure and up to date.

The data we will keep about an employee includes, but is not exhaustive to:

  • Name
  • Address
  • Date of birth
  • Gender
  • Education and qualifications
  • Work experience
  • National Insurance number
  • Tax code
  • Details of any known disability
  • Emergency contact details

We will also keep details about an employee such as:

  • Employment history with the organisation
  • Employment terms and conditions (e.g. pay, hours of work, holidays, benefits, absence)
  • Any accidents connected with work
  • Any training undertaken
  • Any disciplinary action taken

As an equal opportunity employer, we recognise an employee has a right to be told:

  • what records are kept and how they’re used
  • the confidentiality of the records
  • how these records can help with their training and development at work

If an employee asks to find out what data is kept on them, we understand we are obliged to provide them with that data and we have up to 40 days to provide a copy of the information.

Adrenaline Alley and our partners have procedures for ensuring the security of all electronic personal data. Paper records containing confidential personnel data are disposed of securely. Project documents and staff records are all kept in locked filing cabinets, IT equipment containing personal information is kept in a looked room or cupboard when not in use. PC’s and computers used for public use are password protected and have sufficient security protocols in place.

All passwords should contain upper and lower-case letters, a number and ideally a symbol. This will help to keep information secure.

We will ensure all portable devices such as memory sticks, laptops & android devices used to store personal information are encrypted.

Payment security ensures all electronic forms that request financial data use Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers.

If a credit card is used, your credit card details are passed securely to our payment provider. Other payment methods are handled in a similar manner. Adrenaline Alley complies with the payment card industry data security standard (PCI-DSS) published by the PCI Security Standards Council.

Our premises have CCTV and will be recording when you visit site. CCTV will only be viewed when necessary (i.e. to detect or prevent crime). Footage is stored temporarily and unless it is flagged for review, CCTV recordings will be recorded over. Adrenaline Alley complies with the Information Commissioner’s Office CCTV Code of Practice, and notices indicating CCTV is in use are on display in and around the facility.

Our employees are made aware of their obligations to data protection and security measures at induction and during training events. Any breaches of confidentiality or misjudgements may be subject to disciplinary action.

Our cookie & privacy policies are available to view or download on the Adrenaline Alley website:

Cookie Policy

Privacy Policy

Adrenaline Alley has a set of procedures covering all areas of our work which is followed to ensure the aims set out above are achieved.

A Privacy Impact Assessment will be carried out regularly and made available upon request.

Adrenaline Alley has an established back-up/disaster recovery plan and regular back-ups of computer data files are stored away from the office at a safe cloud location.

All new staff will receive instruction on data protection policy and procedures. Relevant members of staff are informed on how personal information is stored and handled. Refresher training will be provided for existing staff.

We will carry out an annual review of the data protection policy and procedures and make relevant changes.

A copy of this policy is available to view or download on our website

Questions, comments and requests regarding this cookie policy are welcomed and should be addressed to [email protected]

Or in writing to:

Adrenaline Alley Head Office,
6 Priors Haw Road,
Weldon Industrial Estate,
NN17 5JG

The Data Protection Principles defined by the Information Commissioners Office (ICO)

Whenever collecting information about people Adrenaline Alley agrees to apply the Eight Data Protection Principles:

  1. Personal data should be processed fairly and lawfully
  2. Personal data should be obtained only for the purpose specified
  3. Data should be adequate, relevant and not excessive for the purposes required
  4. Data should be accurate and kept up-to-date
  5. Data should not be kept for longer than is necessary for purpose
  6. Data processed in accordance with the rights of data subjects under this act
  7. Security: appropriate technical and organizational measures should be taken unauthorized or unlawful processing of personal data and against accidental loss or
  8. destruction or damage to personal data

Personal data shall not be transferred outside the EEA unless that country or territory ensures an adequate level of data protection.

This policy is reviewed annualy by the Data Protection Compliance Officer for the organisation.

Review date:

26th February 2018
16th May 2018


Your login details have been used by another user or machine. Login details can only be used once at any one time so you have therefore automatically been logged out. Please contact your sites administrator if you believe this other user or machine has unauthorised access.