We are Black Mountains Cycle Centre Ltd. This policy sets out how we handle your personal information which is provided to us when you book a product via our website Blackmountainscyclecentre.com .
The type of personal information we collect
When a booking is made we may collect certain personal information from users. This includes information such as Full names, email address, phone numbers and addresses.
How we collect personal information
We collect your personal information when you provide it to us when you purchase an uplift or push and ride ticket or subscribe to the newsletter on our website.
We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information.
It is mandatory that all riders sign a waiver before they ride. On these forms we will collect your first name, last name, car registration details and your signature. These forms will be stored securely no less than 6 years. We will only disclose the contents of the waiver if we are required to do so by law or in the event of legal proceedings.
All accident report forms will be stored securely for no less than 6 years. We will only disclose the information within these forms to our insurance company and if we are required to do so by law.
How we will use your personal information
To process transactions that take place on our website, for example where you purchase an uplift ticket or push and ride pass.
Where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests include:
Updating you with operational news and information about Black Mountains Cycle Centre or any promotions that we are running.
Managing our relationship with you, e.g. by responding to your comments or queries submitted to us on the website or asking for your feedback or whether you want to participate in a survey;
Improving our products and services.
providing you with marketing information about products and services which we feel may interest you; and
For purposes which are required by law.
For the purpose of responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.
When we disclose your personal information
We will disclose personal information to the following recipients:
Our professional advisers (lawyers, accountants, financial advisers etc.) which are located in UK
Regulators and government authorities in connection with our compliance procedures and obligations;
A purchaser or prospective purchaser of all or part of our assets or our business, and their professional advisers, in connection with the purchase;
a third party to respond to requests relating to a criminal investigation or alleged or suspected illegal activity;
a third party, in order to enforce or defend our rights, or to address financial or reputational risks;
a rights holder in relation to an allegation of intellectual property infringement or any other infringement; and
other recipients where we are authorised or required by law to do so.
Where we transfer and/or store your personal information
In order to protect your information, we take care where possible to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.’
How we keep your personal information secure
We store personal information on secure servers that are managed by us and our service providers.
How you can access your personal information
You have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data. To make an access or correction request, contact our privacy coordinator using the contact details at the end of this policy.
Marketing Choices regarding your personal information
Where we have your consent to do so (e.g. if you have subscribed to one of our e-mail lists or have indicated that you are interested in receiving offers or information from us), we send you marketing communications by email about products and services that we feel may be of interest to you. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.
You also have choices about cookies, as described below. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies some parts of our Sites may not work properly in your case.
Cookies and web analytics
When you visit our Sites, there’s certain information that’s recorded which is generally anonymous information and does not reveal your identity. If you’re logged into your account some of this information could be associated with your account. We’re talking about the following kinds of details:
your IP address or proxy server IP address’;
the name of your internet service provider is sometimes captured depending on the configuration of your ISP connection;
Information about children
If you are under 16 we ask that you do not give us your personal information. Under 16’s are able to ride at Black Mountains Cycle Centre however they require parental consent and supervision when riding at the centre. It’s the responsibility of parents or guardian to monitor their children’s use on our website.
Information you make public or give to others
How long we keep your personal information
When we need to update this policy
We will need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.
How you can contact us
If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact our privacy coordinator Sian Morgan through bl[email protected]
For the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.
How you can access your personal information
You are also entitled to ask us to port your personal information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing. You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent as more fully described below.
These rights are limited in some situations – for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data even if you withdraw your consent.
Where we require your personal information to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In all other cases, provision of requested personal information is optional.
If you have unresolved concerns you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.