The Service is a data controller under under the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). We have a legal duty to protect any information we collect from you and to prevent any unauthorised access to or use of that information. We do not pass your details to any third party unless you give us permission to do so.
Please note that this data policy only applies to the websites of the service below and not any external websites that we link to:
If you follow a link to a third party website, the data protection statement on that site should be consulted.
What information do we collect?
We collect information from you when you subscribe to our e-newsletter or fill out a form to make an enquiry or booking. We also collect information when you voluntarily complete surveys for us, provide feedback and participate in any competitions we run. Website usage information is collected using cookies.
Why do we ask for personal information?
We ask for personal written information on individuals when participating in our adventurous activity courses. We ask for informed consent, name of participant and may ask for the following: medical issues, dietary details and next of kin/parental contact address and emergency phone number. We do this to inform our instructors of details that may affect how they risk assess the activities for each individual and prepare them if a medical emergency is more likely to occur, also the emergency contact enables parents/guardians and next of kin to be informed if any issue arises that may require them to be contacted.
Access to your information and correction
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of this information please email us or write to us at the address at the bottom of this page. You may ask us to correct or remove information you think is inaccurate.
What do we use your information for?
Any of the information we collect from you may be used in the following ways:
To process bookings
Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the service requested.
To send periodic emails
We will only send updates about service news, events or related activities if you have signed up and opted-in to receive e-newsletters from us either via a sign-up sheet at an event, via a link from our websites or a request via social media or email from yourself. We won’t subscribe you to any e-newsletter contact lists if you have simply made an enquiry or booking with the service. If at any time you would like to unsubscribe from receiving future e-newsletters, we include a simple unsubscribe link at the bottom of each one.
To improve customer service
Your information helps us to more effectively respond to your customer service requests and support needs.
Who do we share information with?
Your information will only be shared internally with Derbyshire County Council staff, unless in an emergency when we are required to share personal data with the emergency services.
In other circumstances personal information will only be shared if legal requirement enforces sharing of data such as a police investigation or a negligence claim.
We will not share information about you with third parties for marketing or sales purposes.
Will we keep your data safe?
Data is kept securely in line with Derbyshire County Council’s Information Governance procedures and the General Data Protection Regulation.
How long will we keep personal data for?
This will depend on whether a major incident has or hasn’t occurred. A child has three years beyond the age of 18 to claim for negligence and up to the age of 25 for additional needs young people. Adults have 3 years to file a claim. In the event of a major incident we will keep personal data until the individual reaches the age of 25 years.
Claims for negligence have been filed where there is no Outdoor Education Service record of a ‘major incident’ occurring, to be prepared for this situation, we consider 7 years as a ‘reasonable’ time to keep personal data.
For further information please view: Derbyshire County Council Outdoor Education Service Retention of Documents Policy 23052018
What do we do in the event of a data breach?
In the event of a data breach (whether accidental or deliberate) we will follow GDPR compliance and report a breach to the relevant supervisory authority within 72 hours of becoming aware of it, where feasible. If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, we will also inform those individuals without undue delay. Our staff know how to escalate a security incident to the appropriate person within our Service and the County Council to determine whether a breach has occurred.
Yes, cookies are small files that a website or its service provider transfers to your computer’s hard drive through your web browser (if you allow) that enables the website or service provider systems to recognize your browser and capture and remember certain information.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most websites, if you turn your cookies off, some of our services may not function properly. However, you can still make bookings over the telephone.
Find out more about cookies: www.aboutcookies.org or www.allaboutcookies.org
Our websites use Google Analytics, a digital analytics service provided by Google. This helps us to analyse how our visitors use our websites so that we can improve them for future visitors.
This information is collected from your computer regardless of whether or not you register any data with us or sign up to receive e-newsletters and is not personal to you.
This includes the following:
- operating system (eg Microsoft Windows 7)
- browser software (eg Google Chrome)
- your browser’s custom settings (eg the presence of a Macromedia Flash plug-in)
- your IP address (the unique Internet network address of your machine)
- your geographic location (or that of your Internet service provider)
- access times (the time spent on our website you have accessed)
- referring domain (the website you were browsing prior to your visit to our website).
Terms and Conditions
Please also visit our Terms and Conditions page here establishing the use, disclaimers and limitations of liability governing the use of our websites.
Data Controller for Derbyshire County Council