Privacy notice for Unexplored Scotland
Unexplored Scotland takes your privacy seriously. We are a “controller” of the personal information that you provide to us and this privacy notice sets out how, why and for how long we will use your personal data, as well as who it is shared with. It also explains your legal rights as a data subject and how to exercise them.
What we need from you
When you book a tour or course with Unexplored Scotland (including if you are booking on behalf of a young person aged 16 or under), we may ask you for some or all of the following personal information:
If you do not provide us with all of the personal information that we need this may affect our ability to provide an effective service at our courses and tours.
Why we need your personal information – contractual purposes
We need to collect our customers’ personal information so that we can manage your relationship with us. We may use our members’ personal information to:
Why we need your personal information – legitimate purposes
We also process your personal information in pursuit of our legitimate interests to:
Why we need your personal information – legal obligations
We are under a legal obligation to process certain personal information relating to our members for the purposes of complying with obligations under:
Why we need your personal information – equality monitoring
We use aggregated and anonymised reports of our members’ personal information for equality monitoring purposes, enabling us to evaluate and promote equality of opportunity within our sport.
Other uses of your personal information
We may ask you if we can process your personal information for other purposes. Where we do so, we will provide you with an additional privacy notice explaining how we will use your information for these purposes.
Who we share your personal information with
We may be required to share personal information with statutory or regulatory authorities to comply with statutory obligations. Such organisations include the Health & Safety Executive, Disclosure Scotland, and Police Scotland for the purposes of safeguarding children. We may also share personal information with professional and legal advisors for the purpose of obtaining advice.
Third party suppliers with access to members’ personal data
In the event that we share personal information with external third parties, we only share such information strictly required for the specific purposes and take reasonable steps to ensure recipients shall only process the disclosed personal information in accordance with those purposes.
How we protect your personal information
Your personal information is accessed by our staff only for the purposes set out above. It is stored by us on a TCL encrypted server on the internet and a password protected personal computer behind a firewall and protected by AntiVirus software. All data on the personal computer is backed up regularly.
How long we keep your personal information
We only keep your personal information for as long as necessary to provide you with our services. Unless you ask us not to, we will review and delete your age, participation details, personal measurements, safety and emergency details after 2 years and contact and payment details after 7 years.
You have a right to:
You can contact us at firstname.lastname@example.org
If you are dissatisfied, you have a right to raise a complaint with the Information Commissioner’s Office at www.ico.org.uk