This privacy notice provides you with details of how we collect and process your personal data through your use of our site https://www.atnaturespace.co.uk By providing us with your data, you confirm you are over 13 years of age.
2. What personal data we collect, and why we collect it
We may collect the following personal information about you when you contact us via our website or purchase an Adventure or Escape or other event:
- Email address
- Telephone number
- Emergency contact name and telephone number
- We also ask all participants to disclose legally required medical information for attending our Adventures or Escapes or events.
This information is used:
- To respond to requests, including refunds and complaints
- For payment processing and fraud prevention
- To comply with any legal obligations, such as insurance policy and the calculation of taxes
- To send you marketing messages if you choose to receive
What is a cookie
A cookie is a small text file which is placed onto your computer or electronic device when you access our website. It is used to identify your computer and how you move about our website.
Content for cookies
You may choose to reject our cookies by disabling them in the cookie banner.
We work with third party suppliers who may also set cookies on our website. These cookies and their third-party supplier are listed below. By consenting to the use of these cookies on our site you will be consenting to the use of these cookies.
We use Google Analytics to obtain information about your computer and any other electronic device which you use to access our website: such as your IP address, browser, and/or referral path.
We use the Monster Insights / JetPack plugin which works with Google to keep track of customer user of our website. This includes data about the use of our website and online services such as IP address, login data, details about your browser, page views, length of time of individual pages, number of times you listed our website and time zone settings.
3. Who we share your personal data with
We may have to share your data with the parties below:
- Other companies in our group who provide services to us
- Service providers who provide IT and administration services
- Professional advisers including lawyers, bankers and accountants
- Government bodies where required to report processing activities
4. International Transfer
Some of our third-party service providers are based outside the European Economic Area (EEA). Therefore their processing of your data will involve a transfer outside the EEA. We only use third parties who are deemed to provide the same level of security within the EEA; as approved by the European Commission or the EU-US Privacy Shield in the United States.
5. About this website’s server
This website is hosted by Kualo, whose UK based services are housed in our UK datacenter which is operated by Gyron Internet, and is audited to ISO 27001 standards:
Their external Certifications include:
- ISO 27001: Information Security Management System
- ISO 14001: Environment Management System
- ISO 9001: Quality Management System
6. How long we retain your data
We only retain data for as long as is necessary to fulfil the purpose we collected it for (analytics) and to satisfy any legal or accounting requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
7. What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
8. Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our website, you should note that we do not have any control over other websites. We cannot accept responsibility for the protection and privacy of any information which you provide whilst visiting such sites, which are not governed by this policy. You should exercise caution and look at the privacy statement applicable to the website in question.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
9. Payment information
Payment information is never taken by us or transferred to us either through our website or otherwise. Our employees and contractors never have access to it. At the point of payment, you are transferred to a secure page on the website of Paypal or some other reputable payment service provider. That page may be branded to look like a page on our website, but it is not controlled by us.
We accept payments through Stripe. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information.
10. Contact Information (including Data Protection Officer if required)
Contact Details: firstname.lastname@example.org
Our full details are:
at nature’s pace
4 Dover Mew
Cumbria, CA10 3LJ
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at email@example.com
11. Additional information
How we protect your data
We use Mailchimp to collect data. This data is protected through Mailchimp’s secure data system and US Privacy Shield. Where data is stored on computers, it is password protected, and phones on which data is stored are encrypted.
We have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online and we fully respect the confidentiality of any information we hold.
What data breach procedures we have in place
Where we become aware of a data breach, we will contact the individual or organisation concerned to inform them of the breach, as soon as practicable.
What third parties we receive data from
Almost all data collected is via our website, but where data is conveyed to us via email by a third party, this is protected, as detailed above under How We Protect Your Data.
We shall update this privacy notice from time to time as necessary.