We regard your privacy as very important and we believe you should always know what data we collect from you and how we use it, and that you should have control over both.
Any personal data you provide to us will be dealt with in accordance with this policy together with any fair processing notice we may provide on specific occasions when we collect your personal data. Please read this policy and any fair processing notice provided carefully to understand our views and practices regarding your personal data and how we will treat it.
Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending marketing communications to you via email. You have the right to withdraw consent to marketing at any time by using the unsubscribe link in the marketing email communication or by contacting us by email to firstname.lastname@example.org or by post to Data Protection Group, Leeds Bradford Airport, Leeds, LS19 7TU.
We will collect personal data from you, when you visit our websites, buy a service or product from us, enter a competition, use our Wi-Fi service, use a social media platform to interact with us, make enquires or otherwise provide us with your personal data.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us by email to email@example.com or by post to Data Protection Group, Leeds Bradford Airport, Leeds, LS19 7TU.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We may share your personal data with:
Third parties to whom a complaint is passed as described above. We do this on the basis of our legitimate interests in ensuring that complaints are resolved promptly to deliver a positive customer experience.
We may disclose your personal data to third parties:
We may need to store or transfer your personal data to countries outside the European Economic Area (EEA) and some of our external third parties are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our websites; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
Our websites use up to date industry procedures to protect your personal data. We also protect the security of your data during transmission using secure encryption protocols. We may vary this in the future if we feel you will benefit from greater security whilst using our websites.
We have appropriate security measures in place in our physical facilities to protect against the loss, misuse or alteration of information that we have collected from you via our websites.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Third party services
We may from time to time make available through our websites certain services provided by third parties and or you may link to a third party website from our websites. Please note that these third party websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
This policy was last updated on 19 March 2019 and historic versions can be obtained by contacting us.