We collect different personal information on different occasions you have contact with us.
What is personal information?
By personal information, or data, we mean any information that might allow you to be identified, such as your name, address, date of birth, credit card details, I.P. address, photo or video image or voice recording, information regarding what activity or event you have shown interest in or the pages you have accessed on our website.
How do we collect personal information from you?
• Through meeting face-to-face or over the telephone
• When you send us an online form or an email
• When you register to take part in one of our events
• From the public domain;
Even if you have not directly given us your information we might already know something about you because you have engaged with one of our events or activities via social media, including (but not limited to) Facebook, Twitter, Instagram, YouTube or Linked In.
Why do we collect personal information?
• To process your registration in one of our events and provide you with information about the event.
• To process any payment for our goods and services
• To keep you informed of other events and services we provide or are involved with
• To comply with legislation as required by the Government.
How will you use the information I provide?
• To process your registration for an event or activity and provide you with operational information about that event.
• To process any orders you have submitted for merchandise or other items we sell
• To carry out our obligations arising from any contracts entered into by you and us
• To provide appropriate support if you are participating in an event (e.g. contacting your next of kin if we have permission to do so)
• To send communications you have requested.
Who do we share your information with?
We do not sell any data to any third party.
We may share data you provide with trusted third parties, including our charity partners for Bubble Rush events where Extreme Adventure is the event organiser, subcontractors, our regulators, and with law enforcement authorities.
We only share the personal information necessary to deliver the event or service, and we have contracts in place that require third parties to keep your personal information secure and not to use it for anything else.
Secure payment providers collect personal financial information if you use credit or debit cards for registering for events. This personal financial information is not shared with us or retained on our database.
We will tell you how we collected any personal information about you and you have the right to see what personal information we have and the right to tell us not to keep it. You can do this using the contact details on this website.
For direct marketing communications we collect data only with your explicit consent, which you may withdraw at any time. We will enable you to record your preferences using tick boxes at various points when we communicate with you.
Using our website
If you use our website, we will store data about your internet browser, I.P. address, the timings of your visits, and a record of which pages you looked at.
Use of 'cookies'
Like many other websites, our websites use 'cookies'.
Cookies are small files stored on your computer that allow websites to recognise you when you visit. They store data about your browsing history but will not identify you as an individual. This helps us to improve our website and deliver a better more personalised service.
We collect information that enables us to manage and secure technology and provide insight about its use as follows:
• Cookies that analyse visitors to our website and social media pages.
• Cookies that provide social media adverts tailored to you.
• Social media advertising programmes e.g. Facebook
Details on how you can manage your cookie settings can be found at http://www.youronlinechoices.com/uk/.
What is the legal basis for you processing personal information?
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
We have a contractual obligation when processing data relating to any purchases and events you have booked with us.
We have a legitimate interest when balancing the interests of our charity partners need to fundraise against your rights and freedoms and considering your reasonable expectations about how your personal information is used, including:
If you have taken part in an event we believe you have the reasonable right to be thanked by us and /or the charity and updated on how funds raised were used and the impact that has made.
However, you are in control of your information and the information we send you and can make changes at any time. Every time you hear from us we will give you the chance to change the information you want to receive from us.
What about sensitive information?
Data protection law recognises ‘sensitive personal data’ or ‘special categories of data’ covering health information, race and ethnicity, religious or philosophical beliefs and political opinions, among other things.
We do not collect these types of information unless there is a clear reason to do so. For example when we have to collect health information to ensure we can care appropriately for participants in an event or activity. In such cases health information will only be held for the duration of the event and destroyed immediately after the event.
If we collect these types of information we will make it clear to you what our our legitimate interest is and any other legal grounds for processing this information.
We take your security and privacy seriously. When we collect your personal information we use a variety of technical processes to prevent unauthorised access including firewalls, digital surveillance, and encryption.
Any sensitive information you send to us either directly or via a third party (e.g. a ticketing website) will be encrypted.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Under data protection law you have rights including:
Your right of access: You have the right to ask us for copies of your personal information. For Subject Access requests relating to your personal information please email us.
Your right to rectification: You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. If you just want to change the personal information you have provided to us at any time then please email us or call our office.
Your right to erasure: You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing: You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing: You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability: You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please contact us if you wish to make a request.
By using our website and services you agree to be bound by the terms of this statement.
Review of this policy:
This policy was reviewed on 1st November 2019
This statement may change from time to time, for example, if the law around information changes or for operational purposes. We advise you to visit this page regularly to keep up to date with any changes.