At the Bird and Deer Park we are committed to protecting your personal information and being transparent about what we do with it, however you interact with us. We are therefore committed to using your personal information in accordance with our responsibilities. As part of this, we are required to provide you with the information in this Privacy Notice under applicable law which includes:
- The General Data Protection Regulation (EU) 2016/679, 25 May 2018
- the Privacy and Electronic Communications (EC Directive) Regulations 2003.
We won’t do anything with your information you wouldn’t reasonably expect, and this policy explains how and what we do with your data and why we use and store it.
The Bird and Deer Park is based at Cranham, Glos, GL4 8EX.
- How we collect information about you
- What personal information we collect
- Why we collect your personal information and how it is stored
- How long we store your personal information
- When we share your personal information
- Collecting your consent
- Protecting your data
- Your rights for your personal data
- How we use legitimate interest
- Our policy for under 16s
- External websites and social media platforms
- How to make a complaint or raise a concern
1. How and when we collect information about you
We may collect and store information about you whenever you interact with us. Examples of this include:
- When you sign up for our newsletter
- When you buy tickets online or items from our online shop
- When you book one of our events
- When you contact us with a query
- When you enter one of our competitions
- When you send us a direct message on a social media platform (e.g. Facebook, Twitter, Instagram)
- When you post or comment on a post on one of our social media groups or pages.
- If you apply for a job with us.
2. What personal information we collect
The types of personal information we collect will be based on the way in which you interact with us. The majority of this information will be personal information, including your name, email address, postal address and telephone number. The nature of the personal information collected will be based on how you interact with us, which is detailed in the following section. In all cases we only collect information that we need.
None of the information collected will be data that is deemed ‘sensitive’ or ‘special category’ data.
3. Why we collect your personal information and how it is stored
In almost all cases we will only ever contact you following initial contact by you or following provision of personal information by you. We use and store your personal information in the following ways:
- When you book an event, your personal details are collected and stored in a bookings diary. The information collected and stored includes your name, email address, postal address and telephone number. Payment may be made by credit/debit card using Worldpay, but card details will not be stored by us. Your personal information held in the events diary is kept securely for six years from the event in which you participated.
- We have event photographers at some of our events who may take photos with your consent. If your photograph is taken, you will be asked whether you give consent to any photos of you being used for 1) Our website; 2) Our newsletters; 3) The Bird Parks social media (Facebook, Twitter and Instagram); 4) Our marketing and publicity. You can choose which of these options you give consent to.
- When you buy any tickets online or items from our online shop we need to collect your personal details (name, email address, postal address, telephone number) and credit/debit card information, to take payment for your tickets or goods and to deliver the goods to you. These personal details are held within our website on the eCommerce platforms, Mijoshop or Ohanah and transactions are processed using PayPal. The Bird Park never has access to your credit/debit card details when payment is taken in this way. Financial transaction data, excluding credit/debit card details, is held for as long as the law requires us to for tax or accounting purposes, which may be up to six years from the transaction date.
- When you contact us with a query of any kind by email (e.g. regarding our newsletter, an event, our website or our online shop) we use the information you have provided to respond to your initial message.
- When you send us a direct message on a social media platform (e.g. Facebook, Twitter or Instagram) we use any personal information provided to respond to your message. We may also, on occasion, contact you first via direct message on a social media platform for such means as notifying you that you have won a competition, to ask whether we can use a photo you have uploaded to the page or group, or because we are interested in a story you have posted. Following the resolution of any such correspondence, whether initiated by you or by us, we will then delete the messages both parties have sent.
- We may use your personal information to record and deal with a complaint, to record a request not to receive further information and for other essential, internal record keeping purposes. Following completion of any such tasks your personal details will be removed from the records.
- When you use our website anonymous user details will be collected to enable development of the website and for usage tracking, which is undertaken by Google Analytics. Further details of this type of data collection can be found in our Cookies section below.
- We may use your personal information to prevent crime and to keep our team and the public safe.
- We may use your personal information where we reasonably think that there is a risk of serious harm or abuse to you or someone else.
- We may be required to process your personal information to fulfil a legal, regulatory or tax obligation.
4. How long we store your information
We will keep your personal information collected for financial transactions, excluding your credit/debit card details, for as long as the law requires us to for tax or accounting purposes (which may be up to six years after a particular transaction).
When you unsubscribe from our newsletter your personal information will automatically be deleted through our mailing list database software, Mailchimp. If you wish to rejoin the mailing list at any point you will need to do this via our website.
In respect of any other personal information, we will retain it for no longer than necessary for the purposes for which it was collected, taking into account guidance issued by the Information Commissioner’s Office.
5. When we share your personal information
We will always only use your information for the purposes for which it was obtained. We will not, under any circumstances, sell or share your personal information with any third party for their own purposes, and you will not receive marketing from any other companies, charities or other organisations as a result of giving your details to us unless you explicitly consent to receive communication from them.
We may need to share your information with data hosting providers or service providers, such as our website developer, who help us to deliver our services. These providers will only act under our instruction and are subject to pre-contract scrutiny and contractual obligations containing strict data protection clauses.
We will also comply with requests where disclosure is required by law, for example, we may disclose your personal information to the government for tax investigation purposes, or to law enforcement agencies for the prevention and detection of crime. We may also share your information with the emergency services if we reasonably think there is a risk of serious harm or abuse to you or someone else.
6. Collecting your consent
If you change your mind in regards to whether you receive such communications please follow the unsubscribe link.
7. Protecting your personal information
Your information is only accessible by appropriately trained staff.
If you use your credit or debit card to buy something online this transaction is handled by Mijoshop or Ohanah with the payment through Paypal and we never have direct access to your payment information. If you make a booking by phone or in person, the transaction is dealt with immediately by a member of staff through Worldpay and no credit or debit card details are stored.
Whilst we take all possible precautions to ensure your personal data is safe, there are always inherent risks in sending information by public networks or using public computers and we cannot 100% guarantee the security of data (including personal information) disclosed or transmitted over public networks.
8. Your rights to your personal information
We will respond within 28 days, on receipt of your written request and copies of your identification documents. We reserve the right to charge a fee to process the request.
9. How we use Legitimate Interest
If we want to contact you on the basis of legitimate interest, The Bird Park will always create an legitimate interest impact assessment (LIA) prior to contacting you. Legitimate interest is the use of personal data by a data controller (in this case, us) that are deemed necessary (e.g. to provide the product or service) or reasonably to be expected by you. Some of the examples of why we would contact you on the basis of legitimate interest are:
- To confirm that you are on our mailing list
- To confirm you have purchased a ticket.
- To notify you that you have been removed from our mailing list
- For upgrades of our terms and conditions, this policy or any other agreements that we have between you and us.
10. Our policy for Under 18s
To register for our website need to be over 18 years old. If you are under the age of 18 you must have the consent of your parent or legal guardian to register for any of our services.
11. External websites and social media platforms
We have strict security measures in place to attempt to protect against the loss, misuse and alteration of personal information under our control. Whilst we can’t ensure or guarantee that loss, misuse or alteration of information won’t occur, we will always use standard industry methods to prevent this.
The transmission of information across the internet is never completely secure, and whilst we will always do our best to protect the security of your information, we cannot ensure or guarantee that loss, misuse or alteration of information won’t occur whilst you or we are transferring this information.
You can switch cookies off by adjusting your browser settings to stop it from accepting cookies. Doing this is likely to limit the functionality of ours and a large proportion of the world’s websites as cookies are a standard part of most modern websites.
14. How to make a complaint or raise a concern
If you would like to make a complaint in relation to how we have handled your personal information, please follow our complaints procedure. If you are not happy with the response you receive, then you can raise your concern with the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF or you can visit their website.
(Last updated: 29th May 2018)