Privacy and Cookies Policy

CUSTOMER PRIVACY POLICY

1. What's in this policy?

We are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect will be processed by us. Please read this privacy policy carefully to understand our views and practices and your rights regarding your personal data. By visiting our website https://phpstack-147804-425502.cloudwaysapps.com or by otherwise providing us with your personal information, it will be processed as described in this policy and as required by the Data Protection Act 2018 and UK GDPR (Data Protection legislation).

This policy tells you:

• what information we might collect about you;
• how we might use that information;
• when we might use your details to contact you;
• what information of yours we might share with others; and
• your choices about the personal information you give us.

2. What does this policy cover?

This policy covers the services that are offered by Beic Parcio Cymru Ltd (trading as BikePark Wales).

Our services sometimes link to services run by other organisations, like accommodation suggestions provided by Airbnb.  Those organisations have their own privacy and cookie policies, so remember that the information you give them will follow their policies and not ours.

3. How do you protect my personal information?

We're strongly committed to keeping your information safe.  We have policies in place which seek to protect your information and our staff receive training on information security and privacy.

At the same time, no service can be completely secure – if you have any concerns that your personal information has been put at risk, please contact us straight away.

4. How do we collect your information?

We collect information from you in a number of ways:

• when you visit our website and use your account to buy products and services, or redeem vouchers;
• when you attend one of our sites and interact with our staff,
• When you post information about the use of one our sites on social media, websites or apps (such as Strava)
• when you create an account with us;
• when you purchase a product or service in store or by phone but don’t have (or don’t use) an account;
• when you engage with us on social media;
• when you contact us by any means with queries or complaints;
• when you ask us to email you information about a product or service;
• when you book a service with us or book to attend an event;
• when you fill in any forms, for example if an accident happens, we may collect your personal data; and
• when you give a third party permission to share information they hold about you with us.

5. What types of personal information do we collect about you?

We collect a range of information from you, including:

• your name, gender, date of birth, address, orders and receipts, email address and telephone number.  For your security, we’ll also keep an encrypted record of your login password;
• details of your interactions with on site or online, for example, we collect notes from our conversations with you, details of any complaints or comments you make, details of purchases you made, items viewed or added to your basket, voucher redemptions, web pages you visit and how and when you contact us;
• details posted on social media, websites and apps regarding the use of our sites, such as your account information and location data
• copies of documents you provide to prove your age or identity (including your passport and driver's licence) – this will include details of your full name, address, date of birth and facial image and if you provide a passport, the data will include your place of birth, gender and nationality;
• information gathered by the use of cookies in your web browser – further details on how we use cookies and similar technologies is available in our Cookies policy
• payment card information;
• photographs of you on our site or using our services and/or products, or attending an event;
• your image may be recorded on CCTV when you visit a shop or car park; and
• your social media username where you interact with us through social media, to help us respond to your comments, questions or feedback.

6. How and why do we use your personal data?

We have to have a valid reason to use your personal information – a "lawful basis for processing".  Sometimes we might ask your permission to do things, like when you subscribe to our newsletter.  At other times we may use your information without asking for your permission when you would expect us to use your personal information, but only where the law says it is OK for us to use the information and where our use fits with your rights.

We also want to give you the best possible experiences.  If you choose not to share your personal information with us, or refuse certain contact permissions, we might not be able to provide some services you have asked for.

Here is how we will use your personal information and why:

• To process any orders that you make by using our websites or on site – if we do not collect your personal information during checkout, we will not be able to process your order and comply with our legal obligation. For example, your details are needed to deliver the product or service that you ordered and we may keep your details for a reasonable period afterwards in order to fulfil any contractual obligations such as refunds, guarantees and so on.
• To respond to your queries, refund requests and complaints – handling the information you sent enables us to respond.  We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout.  We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
• To protect our business and your account from fraud and other illegal activities – this includes using your personal information to maintain, update and safeguard your account.  We will do this as part of our legitimate interest.
• To protect our customers, premises and assets from crime, we operate CCTV systems on site which record images for security.  We do this on the basis of our legitimate business interests.
• To process payments and to prevent fraudulent transactions. We do this on the basis of our legitimate business interests. This also helps to protect our customers from fraud.
• If we discover any criminal activity or alleged criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing or detecting unlawful acts.  We aim to protect the individuals we interact with from criminal activities.
• If we discover that you are using our bike trails but have not paid the required access fee, we may use your personal data to deter you and others from engaging in such behaviour. This may include posting your personal data (including any photographs or CCTV footage taken by us) on social media or otherwise making it publicly available. We do this to protect our legitimate business interests.
• If we discover that you have breached any of the red lines set out by the Welsh Bike Parks Association which are as follows:
• Verbal abuse or threatening behaviour (including harassment and hate crimes) 
• Physical abuse
• Major breaches of park regulations (riding out of hours, not paying ride or uplift fees, riding closed trails). Then we may use your personal data to deter you and others from engaging in such behaviour. This may include posting your personal data (including any photographs or CCTV footage taken by us) on social media or otherwise making it publicly available and sharing your data with other members of the association. We do this to protect our legitimate business interests and protect our staff and customers.
• To comply with legal requirements relating to: data protection; health and safety; anti-money laundering; fraud investigations; assisting law enforcement; and any other legal obligations placed on us from time to time.
• With your consent, we will use your personal data, preferences and details of your transactions to keep you informed by email, text and telephone about relevant products and services including tailored special offers, discounts, promotions, events, competitions and so on.You are free to opt out of hearing from us by any of these channels at any time.
• To send you relevant, personalised communications by post in relation to updates, offers, services and products.  We will do this on the basis of our legitimate business interest.You are free to opt out of hearing from us by post at any time.
• To send you communications required by law or which are necessary to inform you about our changes to the services we provide you – for example, updates to this Privacy Policy and information relating to your orders that we are legally required to provide.  If we do not use your personal data for these purposes, we would be unable to comply with our legal obligations.
• To comply with our contractual or legal obligations to share data with law enforcement – for example, when a court order is submitted to share data with law enforcement agencies or a court of law.
• To process your booking requests.

7. How long will we keep your personal information?

In holding your information, we aim to meet the following principles:

• we hold information only for so long as we need it – either to complete the activities we have told you about or where we have another valid reason to keep it; and
• we think about the type of information, the amount collected, the sensitivity of the information and any legal requirements. As outlined below, you can also ask us to delete your personal data in certain situations.                 

8. When will we use your information to contact you?

We might use your information to contact you about different things, such as:

• updating you on any changes to our policies, practices and our website terms of use;
• checking with you about any service or activity you have signed up for;
• answering you when you have contacted us, or responding to a comment or complaint; and
• for marketing purposes.

We will only contact you when we need to or when you have given us permission.

We will never contact you to ask you for your account password.

9. Will I be contacted for marketing purposes?

We will only send you marketing emails or contact you about our services and your views on issues about our services if you have agreed to this.

10. When do we share your personal information with others?

We will never sell your personal information.  We do share it with others in these ways:

• When we use other organisations to provide services In order for us to give you quality experiences and to understand how you are using our services we sometimes use other organisations to process your personal information on our behalf. We make sure that your personal information is looked after as if we were handling it directly.  We carefully select these organisations, only share what that organisation needs to do the work we have asked for, and we make sure the organisation keeps your information secure.
• Sometimes the law requires us to pass on your information to other organisations. We might also share your information if we have to by law, or when we need to protect you or other people from harm
• Where we consider it necessary to protect our legitimate business interests, for the reasons explained above. 

11. What are your rights?

Data protection law means that you are in control of your personal information.  You have the right to:

• request a copy of your information;
• not let robots make big decisions about you;
• ask us to correct information that is wrong;
• ask us to delete your information or to request that we only use it for certain purposes;
• change your mind, and ask us to stop using your information, for example by unsubscribing from our newsletter.

In some cases we may not be able to meet these rights, such as where the law says we do not have to comply with a right.

Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, then please contact us at the address set out below. In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at any time. The ICO’s contact details are available here: https://ico.org.uk/concerns/. We ask that you raise any concerns with us first so that we can seek to resolve any issues you may have.

12. How do we use cookies and similar tracking?

Cookies are bits of data which are stored in your computer or mobile when you visit a website. 

There are some cookies from other organisations – these "third-party cookies" might track how you use different websites, including our website.  For example, you might get a cookie from a social media organisation when you see the option to share something.

13. How will we publish details of changes we make to this policy?

We will sometimes update this policy.  If we make important changes to the policy, like how we use your personal information, we will let you know – we may do this by sending you an email.

If you do not agree to any changes we have made, you can stop using our services, delete your account and stop giving us any further personal information.

14. How can you contact us?

For any questions or comments about this policy, please speak to Martin Astley.  You can contact us:

by email: info@bikeparkwales.com

by post: Gethin Woodland Centre, Abercanaid, Merthyr Tydfil, CF48 1YZ

 

COOKIE POLICY

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

We use the following cookies:

• Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
• Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

Name	Type	Purpose / Usage
CustomerID	Strictly Necessary	Required so we know who the customer is once they have logged into the site.
AuthenticationKey	Strictly Necessary	A Unique Identifier used to identify the cookie is for us.
CustomerID	Strictly Necessary	Used when a customer logs into the site so we can identify the customer.
FirstName	Strictly Necessary	Used to identify the customer after a customer has logged into the site.
VoucherCredit	Strictly Necessary	Used for the processing of gift vouchers.
VoucherDiscount	Strictly Necessary	Used for the processing of gift vouchers.
VoucherCode	Strictly Necessary	Used for the processing of gift vouchers.

 

The analytics services we use are Google Analytics, which uses cookies to help us analyse how our visitors use the site.  Find out more about how these cookies are used on the Google privacy site.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control.  These cookies are likely to be analytical/performance cookies or targeting cookies.

You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

You may also wish to visit www.aboutcookies.org, which contains comprehensive information on cookies on a wide variety of browsers.  You’ll also find details on how to delete cookies from your computer.  To learn about controlling cookies on the browser of your mobile device please refer to your handset manual.

All cookies expire when a session expires.  The default session expiry time on the site is 20 minutes.  When an order is successfully completed both the session and any cookies are automatically deleted, irrespective of whether the session has timed out.