Privacy Notice

GDPR PRINCIPLES

The following principles are complied with when processing personal data:

  • Data is processed fairly and lawfully
  • Data is processed only for specified and lawful purposes
  • Processed data is adequate, relevant and not excessive
  • Processed data is accurate and, where necessary, kept up to date
  • Data is not kept longer than necessary
  • Data is processed in accordance with an individual’s consent and rights
  • Data is kept secure
  • Data is not transferred to countries outside of the European Economic Area (EEA) without adequate protection

LAWFUL BASIS OF PROCESSING DATA

The lawful basis of processing of data will always be determined prior to any data being processed. The laws for processing personal data under the GDPR are as follows:

  • Consent – the individual has given their Consent to the processing of their personal data
  • Contractual – processing of personal data is necessary for the performance of a contract to which the individual is a party, or for Pendle Leisure Trust to take pre-contractual steps at the request of the individual
  • Legal Obligation – processing of personal data is necessary for compliance with a legal obligation to which Pendle Leisure Trust is subject
  • Legitimate Interests – processing of personal data is necessary under the Legitimate Interests of Pende Leisure Trust, unless these interests are overridden by the individual’s interest or fundamental rights
  • Public Task – processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority
  • Vital Interests – processing of personal data is necessary to protect the vital interests of the individual or another individual

Pendle Leisure Trust processes personal data under one, or more, of the following Lawful Bases:

  • Consent
  • Contractual
  • Legal Obligation
  • Legitimate Interest

LEGITIMATE INTEREST EXAMPLES

Required: To capture the activities and performances throughout Pendle Leisure Trust as it is important that PLT is able to publicise its work and attract audiences to future activities and events so, occasionally, photographic, audio or video recordings may be made during activities or performances, and these materials may be used in marketing materials that are designed to promote PLT.

Lawful basis: Article 6(1)(f) UK GDPR (legitimate interests), the legitimate interest being the promotion of the activities and performances within PLT.

Personal data processed: Still images, motion video and audio recordings including persons present at activities and events.

Retention: Not possible to specify, as may be used online or in printed materials.

TYPE OF PERSONAL DATA BEING PROCESSED

The type of personal data being processed may include:

  • Name
  • Address
  • Email Address
  • Job Title
  • Telephone Number
  • Business Name
  • Demographic information such as postcode

HOW PERSONAL DATA IS COLLECTED

Personal data is obtained from one or more of the following:

  • Visits and use of our websites, and Company Portals
  • Use of PLT social media
  • Use of Google Analytics
  • Attendees of corporate seminars hosted by PLT
  • Subscribers to PLT Company updates
  • Parties entering into agreements with PLT
  • Requests for information about products and services offered by PLT and/or quotes
  • Employment enquiries

WHY PERSONAL DATA IS COLLECTED

Personal data is collected to provide legitimate business services which include:

  • For Marketing purposes
  • For us to review and reply to your enquiry
  • To provide an opinion for a service you have requested
  • To meet our statutory monitoring and reporting responsibilities
  • To handle and communicate orders, billings and payment, delivery of products and services
  • To improve PLT ‘s services and product offering

Where indicated, however, some of the information is optional and you can choose not to complete.

HOW PERSONAL DATA IS USED

Personal data may be used to:

  • Process orders, process a request for further information, to maintain records and to provide pre and after-sales service
  • Carry out our obligations arising from any contracts entered into by you and us
  • Carry out security checks (this may involve passing your details to our Identity Verification partners, who will check details we give them against public and private databases – this helps to protect us from credit risk and both you and us from fraudulent transactions)
  • Comply with legal requirements
  • We may need to pass the information we collect to other Departments within Pendle Leisure Trust for administrative purposes
  • Seek your views or comments on the services we provide
  • Notify you of changes to our services
  • Send you communications which you have requested and that may be of interest to you. These may include information about product updates, newsletters, events, seminars
  • To inform you of various promotions, goods and services that may be of interest to you. You may be contacted by post, email, telephone, SMS or such other means with carefully selected marketing communications we deem relevant to send to you in the legitimate interests of Pendle Leisure Trust. Each marketing communication sent to you by Pendle Leisure Trust will provide you with the option to unsubscribe and manage your data profile and communication preferences from Pendle Leisure trust at any time
  • Process a job application
  • Create a profile of your interests and preferences so that we can contact you with information relevant to you.

WHERE PERSONAL DATA IS STORED

Information collected is stored on the Pendle Leisure Trust’s CRM Platform and EPOS Platform.

HOW LONG PERSONAL DATA IS STORED

We review our retention periods for personal data on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will not hold personal data on our systems for any longer than is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.

WHO HAS ACCESS TO PERSONAL DATA

Only Pendle Leisure Trust employees are granted access to customer information. This is ensured by the use of strict operational processes and procedures.

Staff are trained on security systems and relevant processes and procedures which are reviewed regularly for ongoing effectiveness and suitability for purpose. All employees are kept up-to-date on Pendle Leisure Trust’s security and privacy practices. Employees are notified and/or reminded about the importance we place on privacy, and what they can do to ensure that customer information is protected.

Personal information provided via the Company’s portals is secured using Secure Socket Layer (SSL) server and is encrypted before being transmitted. Secure pages have a lock icon or key on the bottom of web browsers such as Microsoft Internet Explorer, information supplied by you on these webpages is securely stored and can only be accessed for the purposes for which it was provided.

All IT systems are kept in a secure environment with appropriate access control. We are audited on a regular basis by independent security companies, plus internal audits by our Local Authority Partner.

Non-sensitive details (your email address and other requested information) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Third-Party Service Providers working on our behalf:

When we use third party service providers, we have a contract in place that requires them to keep your information secure and Assurances of GDPR Compliance.

Third-Party Product Providers we work in association with:

We work closely with various third-party product providers to bring you a range of quality and reliable services designed to meet your needs. In some cases, they will be acting as a data controller of your information and, therefore, we advise you to read their Privacy Policy. These third-party product providers will NOT share your information with anyone.

We may also further transfer data if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to law enforcement. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.

INDIVIDUALS’ RIGHTS

Different rules apply depending on the type of Lawful Processing being undertaken. Many of the following individuals’ rights apply :

  • The right to be informed how personal data is processed
  • The right of access to their personal data
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

The accuracy of personal data is imperative. We aim to keep it updated at all times. The personal data we hold on you is available upon request. You can request that your data is updated and/or deleted at any time, unless Pendle Leisure Trust can justify that it is retained for legitimate business or legal purpose. When updating your personal data, you may be asked to verify your identity before your request can be actioned.

You can change your marketing preferences at any time by clicking on the “Unsubscribe” link at the bottom of any of Pendle Leisure trust’s campaigns or contacting us

LINKS TO OTHER WEBSITES/FROM OTHER WEBSITES

Pendle Leisure trust’s websites may contain links to other websites run by other organisations. PLT Privacy Policy only applies to PLT’ websites and you are encouraged to read the Privacy Statements on the third party websites that you visit . PLT is not responsible for the Privacy Policies and practices of other websites even if they were accessed via a PLT website. Equally, if you link to a PLT website from a third-party site, PLT is not responsible for the Privacy Policies and practices of that third-party site.

16 OR UNDER

We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.

COOKIES

WHAT ARE COOKIES?

A cookie is a text file containing small amounts of information which a server downloads to your personal computer (PC) or mobile device when you visit a website. The server then sends a cookie back to the originating website each time you subsequently visit it, or if you visit another website which recognises that cookie.

WHY DO WEBSITES USE COOKIES?

Web pages have no memory. If you are surfing from page to page within a website, you will not be recognised as the same user across pages. Cookies enable your browser to be recognised by the website. So, cookies are mainly used to remember the choices you have made – choices such as the language you prefer and the currency you use. They will also make sure you are recognised when you return to a website.

DO ALL COOKIES DO THE SAME THING?

No, there are different types of cookies and different ways of using them. Cookies can be categorised according to their function, their lifespan and according to who places them on a website.

HOW DOES PLT USE COOKIES?

Our website uses the following types of cookie:

Technical cookies: We try to give our visitors an advanced and user-friendly website that adapts automatically to their needs and wishes. To achieve this, we use technical cookies to show you our website, to make it function correctly. These technical cookies are absolutely necessary for our website to function properly.

Functional cookies: We also use functional cookies to remember your preferences and to help you to use our website efficiently and effectively, for example by remembering your preferred currency and language that you viewed earlier. These functional cookies are not strictly necessary for the functioning of our website, but they add functionality for you and enhance your experience.

Analytics cookies: We use these cookies to gain insight into how our visitors use the website, to find out what works and what doesn’t, to optimise and improve our website and to ensure we continue to be interesting and relevant. The data we gather includes which web pages you have viewed, which referring/exit pages you have entered and left from, which platform type you have used, date and time stamp information and details such as the number of clicks you make on a given page, your mouse movements and scrolling activity, the search words you use and the text you type while using our website.

HOW LONG DO PLT COOKIES STAY ACTIVE?

The cookies we use have varying lifespans. The maximum lifespan we set on some of them is five years from your last visit to our website. You can erase all cookies from your browser any time you want to.

HOW CAN YOU RECOGNISE PLT COOKIES?

You can find our cookies in your browser settings.

HOW CAN YOU MANAGE YOUR COOKIE PREFERENCES?

Using your browser settings in, for example, Internet Explorer, Safari, Firefox or Chrome, you can set which cookies to accept and which to reject. Where you find these settings depends on which browser you use. Use the “Help” function in your browser to locate the settings you need.

If you choose not to accept certain cookies, you may not be able to use some functions on our website.

QUESTIONS, COMPLAINTS AND SUBJECT ACCESS REQUESTS (SARS)

Any questions or Subject Access Requests (SARs) should be sent to us via the contact us

You have a right to lodge a complaint in the event that you believe that Pendle Leisure Trust has not upheld the rights, obligations and responsibilities set out in this Privacy Policy. Please send any complaints to: gdpr@pendleleisuretrust.co.uk

REVIEW OF THIS POLICY

This Policy is reviewed on a regular basis. It was last updated Oct 2024.