Privacy Policy
Privacy and data protection
Any information you give to us while using our website will be held securely and in accordance with the data protection principles. We will treat personal details as private and confidential and safeguard them. We will not disclose them to anyone unconnected with the Convention Centre unless you have consented to their release, or in certain circumstances where:
- we are legally obliged to do so;
- disclosure is necessary for the proper discharge of our statutory functions;
- disclosure is necessary to enable us to provide you with a requested service or deal with your enquiry;
- we are under a duty to protect public funds.
We may use the information you have provided for the prevention and detection of fraud.
You have the right to request a copy of all the personal information that we hold about you, and to have inaccuracies corrected.
Cookies
Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improve the user experience.
Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive. We use "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Content Management System (CMS)
Our website is built in a CMS, cookies are essential to determine whether a user is a guest, or, an admin. Cookies set by our CMS: CRAFT_CSRF_TOKEN, HCCSESH.
Google Analytics
We use Google Analytics to analyse the use of this website. It helps us see how many people are using our site, and helps us improve the site by analysing the way people navigate through it.
Google will store this information, Google's privacy policy.
We want to provide online services that are easy to use, useful and reliable. This can involve placing cookies on your computer or other device. Google Cookies cannot be used to identify you personally.
These pieces of information are used to improve services for you through, for example:
- enabling a service to recognise your device so you don't have to give the same information several times during one task
- recognising that you may already have given a username and password so you don't need to do it for every web page requested
- measuring how many people are using services, so they can be made easier to use and there's enough capacity to ensure they are fast
Privacy Notice (GDPR)
This privacy notice lets you know how we
promise to look after your personal information, explains how we do
this and tells you about your privacy rights and how the law protects you.
Who
are we
Harrogate Convention Centre is owned by Harrogate Borough Council and complies with Data Protection Legislation and
is a registered ‘Data Controller’ with the Information Commissioner’s Office
(ICO) – reference Z6341522.
Our
Privacy Promise
We
promise
- to keep your personal information safe and private
- not to sell your personal information
- to give you ways to manage and review your marketing choices, if applicable at any time
How we collect your personal data
We collect information about you in order to provide services, comply with regulations, and to build stronger relationships. We may collect information on paper or online forms, by telephone, email or a member of our team may collect information from you in person.
Information about you may be collected on our behalf by one of our partners.
We need to collect and use information about you to:
deliver services;
confirm your identity to provide some services;
contact you by post, email or telephone;
understand your needs to provide the services that you ask for or need;
understand what we can do for you and inform you of other relevant services and benefits;
ask your opinion about our services;
update your customer record;
help us to build up a picture of how we are performing at delivering services to you and what services may need;
prevent and detect fraud and corruption and crime;
allow us to undertake statutory functions efficiently and effectively;
make sure we meet our legal obligations including those that relate to equality and diversity
We may need to pass your information to other people and organisations that provide a service on our behalf. These providers are obliged to keep your details securely, and use them only to provide the service to you in accordance with our instructions.
Personal Information you give to us:
You give us your personal information
when you apply for our products and services
when you talk to us on the phone or at one of our reception areas
when you use our websites, mobile device apps
in emails and letters
In customer surveys
if you take part in our consultations, questionaires or promotions
How we share your information
We may be
required or permitted, under the Data Protection legislation, to disclose your
personal information without your explicit consent, e.g. if we have a legal
obligation and/or basis to do so, namely:
law enforcement
regulation
criminal prosecutions
court proceedings
Emails
Emails that we send to you or you send to us, may be retained as a record of contact and your email address stored for future use in accordance with our record retention schedules. If we need to email sensitive or confidential information to you, we may perform checks to verify the correct email address and may take additional security measures.
Using our website
The harrogateconventioncentre.co.uk website is solely owned by Harrogate Convention Centre and does not store or capture personal information about you when you use our website unless you decide to provide it to:
- subscribe to or apply for services that require personal information
,
- contact us for whatever reason and provide us with your contact details so that we can respond to you
.
You can read more on how we use cookies in the section above
Sending data outside of the EEA
We will only send your data outside of the European Economic Area (‘EEA’) :
if you instruct us to do so.
to comply with a legal obligation.
if we work with our suppliers, agents , partners and advisers who we use to help run your accounts and our services.
If we do transfer information to our suppliers, agents, partners or advisers outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. We’ll use one of these safeguards:
transfer it to a non-EEA country with privacy laws that give the same protection as the EEA.
put in place a contract with the recipient that means they must protect it to the same standards as the EEA.
transfer it to organisations that are part of the Privacy Shield. This is a framework that sets privacy standards for data sent between countries that are not part of the EU and EU countries. It makes sure those standards are similar to what is used within the EEA.
If you choose not to give personal information
If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform services needed to run your accounts or the services provided to you.
We may need to collect personal information
by law, or under the terms of a contract we have with you.
Any information collected which is optional will be made clear at the point of collection.
Consent and how we record consent
Why is Consent important?
Consent is one lawful basis for processing, and explicit consent can also legitimise use of special category data. Consent may also be relevant where the individual has exercised their right to restriction, and explicit consent can legitimise automated decision-making and overseas transfers of data.
Genuine consent should put individuals in control, build trust and engagement, and enhance your reputation.
Relying on inappropriate or invalid consent could destroy trust and harm your reputation – and may leave you open to large fines.
Recording Consent
we keep a record of when and how we obtained your consent.
we keep a record of exactly what you were told at the time.
Managing the Consent you give to us
we regularly review the consent you have provided to check that our relationship with you, the reasons for processing your personal information and the purposes have not changed.
we have implemented processes to refresh consent at appropriate intervals, including any parental consent required.
we make it easy for you to withdraw your consent at any time, and publicise on our website how to do so.
we act on withdrawals of consent as soon as we can.
we will not penalise you if you withdraw your consent.
Legitimate Interest
If you are a business to business user of venues and venue event services we have a legitimate interest in communicating our products services to you from time to time by phone and email. You can request a copy of our Legitimate Interest policy by calling 01423 537434 or emailing sales@harrogateconventioncentre.co.uk.
Under these circumstances we will only contact you via a business telephone number or business email address and never by a personal number or personal email address, unless you have asked us to do so.
We will also make it easy for you to opt out of our communications at any time should you wish to do so.
Marketing
We may use your personal information to tell you about relevant products, news, consultation, market research, events updates and offers. This is what we mean when we talk about ‘marketing’.
The personal information we have for you is made up of what you tell us, and data we collect when you use our services, or from third parties we work with.
We can only use your personal information to send you marketing messages if we have either your consent or there is a ‘legitimate interest' to do so. At times, we may have a business or commercial reason to use your personal information. If we process your personal information on this basis, we will ensure that it does not unfairly go against what is right and best for you.
You can ask us to stop sending you marketing messages by contacting us at any time.
How long we keep your personal information
Personal information will not be kept longer than is necessary for its purpose. This means that data will be destroyed or erased from our systems when it is no longer required. Please contact the Council’s Data Protection Officer at the address below for further information on data retention periods. You also have the right to request that your personal information is erased in certain circumstances.
How to get a copy of your personal information
A request for information that we hold about you should be made in writing but requests made verbally depending on the circumstances are also accepted (as long as you can prove your identity).
Under the Right of Access we as a Council will provide a copy of your information free of charge. However, we can charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive. We may also charge a reasonable fee to comply with requests for further copies of the same information. This does not mean that we can charge for all subsequent access requests.
We will provide you with your personal information within 30 days. We may need to extend this period by a further two months where necessary taking in to account the complexity and number of requests. If we have to extend the period, we will notify you within 30 days of receipt of the request.
You can use the Subject access request form or use the contact details below:
Subject Access Request
Data Protection Officer
Harrogate
Borough Council
PO BOX 787
Harrogate
Civic Centre
St. Luke’s Avenue
Harrogate, HG1 2AE
Letting us know if your personal information is incorrect
(Right of Rectification) You have the right to question any information we have about you that you think is wrong or incomplete. Please contact us if you want to do this.
If you do, we will take steps to check its accuracy and correct it.
(Right to Restricted Processing) You can ask us to stop processing your personal information if it is likely to cause unwarranted substantial damage or distress to you or anyone else.
What if you want us to stop using your personal information?
(Right to Object) You have the right to object to our use of your personal information, or to ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. This is known as the ‘Right to Object’ and ‘Right to Erasure’, or the ‘right to be forgotten’.
There may be legal or other official reasons why we need to keep or use your data. But please tell us if you think that we should not be using it.
We may sometimes be able to restrict the use of your information. This means that it can only be used for certain things, such as legal claims or to exercise legal rights. In this situation, we would not use or share your information in other ways while it is restricted.
You can ask us to restrict the use of your personal information if:
It is not accurate.
It has been used unlawfully but you don’t want us to delete it.
It not relevant any more, but you want us to keep it for use in legal claims.
You have already asked us to stop using your data but you are waiting for us to tell you if we are allowed to keep on using it.
If you want to object to how we use your data, or ask us to delete it or restrict how we use it or, please contact us.
How to request your personal information
To obtain and reuse your personal
information for your own purposes. (Right to Data Portability)
How to withdraw your consent
You can withdraw your consent at any time. Please contact us if you want to do so.
If you withdraw your consent, we may not be able to provide certain products or services to you. If this is so, we will tell you.
How to complain
Please let us know if you are unhappy with how we have used your personal information. You can contact us using our secure online contact form.
You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern.
If you have any queries regarding this privacy notice you can contact our Data Protection Officer on Tel: 01423 558606
Email: DataProtection@harrogate.gov.uk: