Pirates Bay Adventure Golf Maldon is owned and operated by South West Adventure Golf Limited – UK Company No. 08354705. We are committed to protecting and respecting your personal data and privacy in accordance with the General Data Protection Regulation (GDPR). To comply with this regulation, personal information must be securely stored and not disclosed unlawfully. For more information, please visit: ICO Guide to GDPR
HOW THE LAW PROTECTS YOU
The General Data Protection Regulation (‘GDPR’) ensures that we use your personal information only if we have a proper reason to do so to fulfil a contract, we have with you to provide our services
- Where it is our legal duty
- When it is in our legitimate interest
- When you consent to the use of the data
A legitimate interest is when we have a business or commercial reason to use your information but must not unfairly go against what is right and best for you.
Under the GDPR your rights are:
- To be informed – we must make available this privacy notice with the emphasis on transparency over how we process your data.
- Access – you are entitled to find out what details we may hold about you and why.
- Rectification– we are obliged to correct or update your details.
- Erasure – this is also known as the right to be forgotten.
- Restrict processing – you have the right to ‘block’ or suppress the processing by us of your personal data.
- Data portability – you have the right to obtain and reuse your personal data that you have provided to us.
- Object – you have the right to object to us processing your data in relation to direct marketing and or profiling.
- Rights in relation to automated decision making and profiling – we do not use automatic decision making or processing.
To exercise these rights, contact us at [email protected] or through our postal address found on our webpage.
THE DATA WE COLLECT ABOUT YOU
We may collect the following information about you and utilize it for the specified purposes:
- Information provided through forms on the site, including your name, email address, postal address, and telephone number.
- Details of transactions made through the site or our authorised card verification providers (e.g., Paypal).
- Communications you send to us, such as problem reports or queries about our products, services, or site content.
- Details of your site visits, accessed resources, and downloaded data.
- Photographic images captured during your visit.
- Your IP address and website interaction details.
We do not collect sensitive information (special categories of information) about you. We may use your personal information for purposes including:
- Processing orders, providing services, goods, or online content, and dealing with requests and queries.
- Administration purposes related to goods or services ordered.
- Providing personalised communications.
- Improving the user experience for our services or products.
CONTACT & COMMUNICATION
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk.
Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998 and GDPR Legislation. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
SHARING YOUR INFORMATION WITH THIRD PARTIES
We may provide your personal information to third parties for delivering goods and services or when legally obliged. Third-party providers include payment processors, and card validation service providers. They process data on our behalf.
Images of you taken during product or service use may be used with your consent. By submitting photographs, you agree to their sharing on our website and social media. Our photographer will seek consent, and you can request not to be captured or shared publicly.
Google Maps: This website uses the product Google Maps from Google Inc. By using this website, you declare your agreement to the collection, processing and use of the automatically collected data by Google Inc., its representatives and third parties.
Instagram and Facebook: Plugins from the social network platforms are embedded on our homepage.
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.
When assessing what retention period is appropriate for your personal data, we take into consideration:
- the requirements of our business and the services provided;
- any statutory or legal obligations;
- the purposes for which we originally collected the personal data;
- the lawful grounds on which we based our processing;
- the types of personal data we have collected;
- the amount and categories of your personal data; and
- whether the purpose of the processing could reasonably be fulfilled by other means.
Under GDPR you have the right to erasure under specific circumstances. A request for your personal data to be deleted will be decided on a case-by-case basis and must be submitted in writing to the contact details provided in this policy.
We will correct or update your data at the earliest opportunity provided you make the request in writing to the contact details provided in this policy, clearly specifying which data is incorrect or out of date.
We have put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We strive to be as open as we can be in terms of giving people access to their personal data. A Subject Access Request under the GDPR is your right to request a copy of the information that we hold about you. Such requests must be in writing to the contact details provided in this policy. If we do hold your personal data we will respond in writing within one calendar month of your request (where that request was submitted in accordance with this policy).
The UK’s Information Commissioner’s Office (ICO) regulates and enforces data protection laws. You can raise concerns or complaints with the ICO via https://ico.org.uk/concerns