We at Off Grid Adventures Ltd take your privacy seriously and respect your personal data. This Privacy Policy and Notice has been drafted in accordance with the requirements of the General Data Protection Regulations (“GDPR”).
This privacy notice explains how we look after your personal data (in all situations where we collect your data) and sets out your privacy rights and also explains how the law and our approach to privacy and personal data protects you.
For the purpose of GDPR we are the data controller and any enquiry regarding the collection or processing of your data should be addressed to Fidelma O’Neill using the contact details below:
29 Kathdene Gardens, Bristol BS7 9BN, info@well-grounded.org
By using the Website you consent to this policy.
Information that we collect from you
We will collect, process and store personal data only if it is directly provided to us by you. You may do this in your capacity as the user of this Website, by enquiring in relation to our services, becoming a customer or supplier, or potential supplier.
Personal information covers any information which relates to you as an identifiable person. Below are examples of the type of data that this may include:
- Identity Data including forenames, last name, maiden name, date of birth, gender, marital status, and username or similar identifier.
- Contact Data may include invoicing; purchase order; home or work address, email address and telephone numbers, personal or job title and position.
- Financial Data may include bank account and payment card details.
- Special Category Data for example health or medical data, details about your race, religion, sex and political opinions.
- Transaction Data may include payments made for services you have purchased from us, or in relation to payments that we have made to you.
- Technical Data may include internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices used to access this Website.
- Profile and Usage Data may include enquiries submitted by you, purchases information, feedback and survey responses, and how you use our website, products and services.
- Marketing Data may include details of any preference that you have advised us of in relation to marketing communications from us.
We may also collect non-personal data such as Aggregated Data, which is data that may be obtained from your personal data, but which does not directly or indirectly identify you. This may include Usage Data detailing how you use our Website and the features and areas that you have interacted with.
How do we collect personal data?
A range of different methods may be used to collect data which may include the following methods:
- Direct interactions with us in person, by post, phone, email or otherwise. You may give us your Identity, Contact and Financial Information.
- Automated technologies or interactions with our website, by using the web enquiry form. You may give us Identity, Contact and Financial Information.
- Third parties or publicly available sources (third parties may be used in processing Identity, Contact and Financial categories of personal data).
Data Accuracy
It is important that the data that we hold about you is accurate and up to date. In the event that your data changes please notify us so that we can update our records.
How we use information collected
We may hold and process personal data that you provide to us in accordance with the GDPR.
The information that we collect and store relating to you is primarily used:
- To enable us to provide our services to you, to communicate with you and to meet our contractual commitments to you. This may include Identity, Contact, Financial and Transactional data.
- To notify you about any changes to our business, such as improvements to our Website or service changes, that may affect our service or relationship with you. This may include Identity and Contact data.
- If you are an existing customer, we may contact you with information about goods and services similar to those that were the subject of a previous sale to you. This may include Identity and Contact data.
- Where you have consented to receive such information, to provide information on other parties’ products or services that we feel may be of interest to you. This may include Identity, Contact and Marketing data.
- Where we need to comply with a legal obligation. This may include Identity, Contact and Transactional data.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. This may include all types of data.
Where we collect your data for marketing purposes we will always request your consent, at the point the data is collected, to use your data for that purpose.
We will always obtain your prior consent to sharing your personal data with any third party for their marketing purposes. This may be to enable relevant third parties to advise you of products or services that may be of interest to you.
We will only use your personal data for a reason other than the purpose for which it was originally obtained if we consider that we need to use it for that other purpose and have a legitimate interest in doing so.
Disclosure of your information
There are a range of circumstances where we may disclose your data to third parties which include:
- Regulatory bodies. We may disclose your data to regulatory bodies to enable us to comply with the law and to assist fraud protection and minimise credit risk. This may include Identity, Contact and Transactional data.
- Our Suppliers. We may disclose your data to third parties that are involved in the fulfilment of our services to you. This may include Identity, Contact and Transactional data.
- Business sale. We may disclose your personal data outside of our organisation: (a) in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; and (b) if Off Grid Adventures Ltd’s business is bought by a third party, in which case personal data held by it about its customers will be one of the assets to transfer to the buyer. However, any such transfer will only be on terms that the confidentiality of your personal data is protected and that the terms of this privacy policy will continue to be complied with by the recipient.
If you do not want us to share your data with third parties you will have the opportunity to withhold your consent to this when you provide your details to us on the form on which we collect your data, or you can do so by writing to us at the address detailed above or sending us an email to info@well-grounded.org at any time.
Controlling the use of your data
Where we rely on consent as the lawful basis for processing your data you can revoke or vary that consent at any time. If you do not want us to use your data or want to vary the consent that you have provided you can write to us at the address above or email us at info@well-grounded.org at any time.
Data storage and transfer
As part of the services offered to you, for example through our Website, the information you provide to us may be transferred to and stored in countries outside of the European Economic Area (EEA) as we use remote website server hosts to provide the website and some aspects of our service, which may be based outside of the EEA, or use servers based outside of the EEA – this is generally the nature of data stored in “the Cloud”. It may also be processed by staff operating outside the EEA who work for one of our suppliers, e.g. our website server host. A transfer of your personal data may happen if any of our servers are located in a country outside of the EEA or one of our service providers is located in a country outside of the EEA.
If we transfer or store your personal data outside the EEA in this way, we will take steps with the aim of ensuring that your privacy rights continue to be protected, as outlined in this privacy policy.
Security
The transmission of information via the Internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data while you are transmitting it to our site; any such transmission is at your own risk.
We have put in place security measures to prevent your data from accidental, loss or disclosure. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
Where we have given you (or where you have chosen) a password so that you can access certain parts of our site, you are responsible for keeping this password confidential. You should choose a password it is not easy for someone to guess.
In the event of a data breach we will notify the ICO and you in the event that the breach results in any likelihood of loss or damage to you.
Data retention
The length of time that we retain, and store data depends on the purpose for which it was collected. We will only store data for as long as is required to fulfil that purpose, or for the purpose of satisfying legal requirements.
It is a legal requirement that we keep certain data about our customers and suppliers for at least six years. The type of data includes Contact, Identity, Financial and Transaction Data.
Where you have requested that we provide you with marketing materials we will retain your data until such time as consent is withdrawn by you.
Use of Cookies
Cookies are sometimes used to improve the website experience of a visitor to a website. We may sometimes use cookies on this website to record aggregate statistical information about the visitors to our site and the use that our visitors make of the website. When collected this information is used by us to improve our website and further enhance the visitor experience and, may be shared with advertisers. Please note that no personally identifiable information is recorded.
We may also use the cookies to gather information about your general internet use to further assist us in developing our website. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive and then stored there and transferred to us where appropriate to help us to improve our website and the service that we provide to you.
All computers have the ability to decline cookies. You can easily decline or remove cookies from your computer using the settings within the Internet Options section in your computer control panel.
Our advertisers may also use cookies on their website. We have no control over this and you should review the privacy policy of any advertiser that you visit as a result of an advert or link on this website.
Your rights
GDPR compliance gives all individuals the right to access personal information that is held about them. You can request a copy of any information that we hold about you. Please note that any request for this information may be subject to a payment of £10 which covers our administrative costs. Please contact us if you want to make a request. The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
You can find out more about your individual rights regarding data protection by going to: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
Third party links
You might find links to third party websites on our website. These websites will have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever.
Complaints
If you wish to raise a complaint regarding our use of your personal data then please contact us at info@well-grounded.org and we will respond within 28 days. You can also contact the Information Commissioner’s Office (ICO), who are the UK supervisory authority for data protection issues. (www.ico.org.uk).
We regularly review this policy to reflect in changes in government legislation and to the website itself.
Contact us
Please contact us at info@well-grounded.org if you have any queries regarding our Privacy Policy.