Document last updated : 6 January 2021
Effective date : 5 February 2021
Privacy Policy
1. INTRODUCTION
-
We, Horizon Gymnastics (HG), are the ‘controllers’ of the information we collect about you (‘personal data’).
Our contact details are;
Data Controller Horizon Gymnastics 1st Floor U12 Compass Point Ensign Way, Hamble Southampton SO31 4RA
As controllers of your personal data, we are responsible for how your data is processed. The word ‘process’ covers most things that can be done with personal data such as the collection, use, storage, sharing and erasure of that data. We are committed to complying with data protection legislation in our handing of your personal data.
This Privacy Policy informs our customers and users about why and how we process your personal data including how we look after it and with whom we may share it. It covers data we collect from or about you via our website (see links below), our App, at our centres, venues and through the various services we offer.
- https://horizon-gymnastics.co.uk
You have certain rights in relation to your personal data including the right to object to the processing of your information in certain circumstances. Further information about your rights is included in section 13 of this policy.
- 2. PERSONAL DATA
‘Personal data’ is any information that relates to a living, identifiable person. This data can include your name, contact details, and other information we gather as part of our relationship with you.
It can also include ‘special categories’ of data, which is information about a person’s race or ethnic origin, religious, political or other beliefs, physical or mental health, trade union membership, genetic or biometric data, sex life or sexual orientation. The collect and use of this type of data is subject to strict controls. Similarly, information about criminal convictions and offences is also limited in the way it can be processed. HG PRIVACY POLICY v1.1 – 06.01.21.docx
We will collect your personal data mostly through our contact with you and the data is usually provided by you but in some instances, we may receive data about you from other people or organisations. We will explain when this might happen in this policy.
- 3. WHAT INFORMATION DO WE COLLECT AND WHY?
We are committed to protecting your personal data and will only process the data if we need to for a specific purpose and providing we have a legal basis, as explained below.
There are various legal bases on which we may collect and process your data. We may have your consent, for example, you have informed us that you are happy for us to process your information for a specific purpose such as providing a service to you or receiving further information about what we do. Sometimes there is a contractual reason such as being able to process a monthly direct debit payment and deliver our services to you. If so, we will not be able to enter into a contract with you in the absence of the data. Occasionally there may be a legal reason for collecting or sharing data, such as for employees when we have to collect the information for the HMRC, or, should you have an accident, we may need to provide details of this to the relevant health and safety authorities. We may also process your data based on our legitimate business interests, for example, in order to operate and improve our business.
Personal Data Description
Purpose(s) for Processing
Any personal details you give us or we obtain from third parties
Information you type into our websites or provide to one of our colleagues such as when you become a member, create your profile, update your member profile, provide activity data from other devices, make a booking, sign up as a volunteer, visit one of our centres. This information may include your personal contact data, fitness-related data which has been obtained in order to create personalised fitness workouts for you or health related data.
We use this data to provide you with the services you request, tell you about services you are eligible for, to keep in contact with you, manage your account and the services we provide. If you contact us by email, via the website, in person or by telephone we may keep a record of your contact information and enquiry and may subsequently use your contact details to respond to your enquiry.Information which allows us to recognise you.
Such as a unique ID number; storing this data saves you from re-entering your details again when you return to the website.
Horizon Gymnastics can recognise you by your photograph as well, which also allows us to identify you to ensure we support you on your activity journey. For services paid for in advance, we require your photo to be stored in our systems for identification purposes.
Details of your transactions
We collect data for any transactions you carry out through our websites and services, so that we can administer the services you have with us. Please note that we never store your payment details on our website.
Sensitive health data
We collect any personal health data you provide to us when registering and signing up for our health services.
We collect this information to ensure we are offering you the right services and so your progress can be tracked by yourself and us. We may ask you for information about your health in order to recommend appropriate exercise regimes or offer our other services.
Banking data
We will store your bank account number and sort code data where you have a Direct Debit mandate in place. When the Direct Debit mandate finishes we will remove this data from our operational systems within 30 working days. We comply with BACS regulations for the processing of this data.
We process bank card information at the time we take payment in order to administer our services.
This data is not stored on our systems and is processed on Payment Card Industry Data Security Standard compliant banking systems.
Customer feedback
We will record customer comments and surveys about how we are performing.
Other Sensitive data
We are sometimes required to collect information about your ethnicity and other sensitive data in order to provide aggregated reports to your local authority or commissioning group. This information is used only for statistical purposes and is always kept secure. If you prefer not to provide us with this data, we will not hold this data.
Information about website visits including IP address
We use your IP address to capture information about website visits, so we can learn more about how our customers use the website in order to find ways to improve the website and our products and services for your benefit.
Your communication preferences
We keep a record of any permissions and preferences you give us about what types of communication you are happy to receive from us.
CCTV
CCTV is used at several locations that we hire and is used for Health & Safety monitoring and your security. CCTV footage maybe shared with the Police or other statutory bodies in the event of an incident. This is managed by 3rd parties whom we hire facilities from. - 4. COOKIES
When you visit one of our websites, we collect standard internet log information for statistical purposes.
- We use cookies to collect information in an anonymous way, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
- We do not make any attempt to identify visitors to our websites. We do not associate information gathered from our sites with personally identifying information from any source.
- When we collect personal information, for example via an online form, we will explain what we intend to do with it.
Using cookies helps us to improve our site and to deliver a better and more personalised service.
Our websites contain links to various third party websites. We are not responsible for the content or privacy practices of any external websites that are linked from our sites.
- 5. DATA RELATING TO CHILDREN
Our services are used by people of all ages. HG may accept website registrations and collect personal information from individuals under the age of 16. If you are under 16 we do not allow you to post information about yourself in any HG forums or community areas. HG accepts no liability if this instruction is ignored.
Children aged under 16 years must have a parent or guardian’s consent before providing personal information to us. We do not wish to collect any personal information without this consent.
HG will not knowingly market to children aged under 16 years.
Proof of age maybe required and retained for access to some services.
- 6. HOW DO WE STORE AND PROTECT YOUR PERSONAL INFORMATION?
These are the basic guidelines we use to look after your personal data.
- We maintain secure systems to protect your personal information
- We respect your wishes about how we contact you, whether by post, telephone, email or text message
- We will update your information or preferences promptly when you ask us to
- We will respond fully to requests from you to see the information that we hold on you.
- We will not hold your personal information for longer than is necessary for our legitimate business purposes.
- We follow strict procedures when storing or handling information that you have given us. Some information is encrypted, such as payment transactions and password.
- We will never sell your personal information to a third party.
SLM reserves the right to store and process information securely outside of the European Union (“EU”)
- 7. RETENTION POLICY
We retain personal information as long as we consider it useful to contact you, or as needed to comply with our legal obligations. Where data is not needed for legal or statutory purposes we will delete this information if you request. See the contacts section to request your data to be deleted.
- 8. SERVICES PROVIDED BY THIRD PARTIES
HG may share information with third party organisations that provide specific services on our behalf which enhance our products and your experience with us. These organisations act as a Data Processor under our instructions. They may process data securely outside of the EU. There is a contract in place with each third party which includes strict terms and conditions to protect your privacy.
Our current processing partners include Class Manager, GoCardless, Stripe.
Please note: Use of services provided by Class Manager, GoCardless, Stripe will be subject to the terms and conditions and/or Privacy Policies of these third-party organisations.
Please see the links to these third party terms that also apply above and beyond these here:
- Class Manager – Privacy
- GoCardless – Privacy for Payers
- Stripe – Security
- 9. MARKETING PARTNERS
HG will never sell your personal information to any third party for marketing or other purposes.
In some cases, HG will work in partnership with another organisation to provide services to you. In these cases, the partner may contact you for marketing purposes if you have given the partner organisation your permission to do so.
- 10. HOW DO WE USE YOUR INFORMATION?
We use your information to help us provide and improve our services for you. We may use your information in the following ways.
- to provide you with any services that you have purchased or receive free as part of a health or other scheme
- to check your identity
- to check your eligibility where appropriate
- to update our records with any new information you give us
- to notify you if we will be unable to provide a service you have booked before
- to provide marketing communications (if you have given us your permission)
- for research and analysis so we can develop and improve our services for your benefit
- to tailor our communications to you to ensure relevance (if you do not want us to do this please contact us using the details below)
- to comply with legal requirements.
- to safeguard users of our services
Withdrawing consent
If we are relying on consent to process your data, you may withdraw your consent at any time by contacting us.
To exercise any of the above rights please write to us using the details set out in section 1.
Complaints about how we manage your data
If you are not happy about the way we manage your data please contact us as quickly as possible by contacting your centre or usual contacts for providing our service. You may also write to the Data Controller – who will investigate your complaint and get back to you as soon as possible. Information Commissioner’s Office (ICO)
The ICO is the UK’s independent authority set up to uphold information rights. You have the right to contact them should you wish. Details can be found on their website: https://ico.org.uk/
- 11. LINKS TO OTHER WEBSITES
Our websites may contain links to and from external websites, advertisers and affiliates. If you follow a link to other sites please note that these will be governed by their own privacy policies. We cannot accept liability for data use on those websites.
- 12. CHANGES TO THIS PRIVACY POLICY
This policy may be updated from time to time on this page. If you have any questions or comments about our Privacy Policy or how we use your personal information please contact us using the details below.
- 13. CONTACTING US
In most instances it is best to contact us locally where you take part in our services such as the Leisure Centre or School you normally attend. We can usually deal with most of your queries here.
You can also contact us through our contacts pages on our website such as https://horizon-gymnastics.co.uk
Alternatively, you can write or email our Data Controller – hello@horizon-gymnastics.co.uk
Data Controller
Horizon Gymnastics
1st Floor U12 Compass Point
Ensign Way,
Hamble
Southampton
SO31 4RA