logo

Privacy Policy

 

Privacy Policy 

 

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that providing easy to understand and transparent personal data privacy notices is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

 

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this policy. This policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this policy will be reviewed and updated as necessary and on at least an annual basis.

Purpose of this privacy policy

This policy is intended to provide information about how St Mary’s Calne Sports Centre will use personal data about individuals. We’ve updated our privacy policy to reflect changes we’ve made to strengthen your privacy rights. This is part of our ongoing commitment to be transparent about how we use your data and keep it safe. We have included changes to address the new standards introduced by the European data protection law known as the General Data Protection Regulations (GDPR). You are encouraged to read this policy and understand the sports centre’s obligations to its users as well as the wider community.

 

Who we are

In terms of the relevant legislation, the data controller is: St Mary’s School (Calne) Services Ltd, a company limited by guarantee. Registration number: 4111369. Registration office: Curzon Street, Calne.



Where we collect our personal information from

This section outlines the places where we get the data that constitutes as part of your personal information.

The data you provide:

  • When you apply for membership or apply for a service we offer
  • When you talk to us over the phone or face to face at the sports centre
  • When you use our website, mobile device application, online booking platforms
  • In emails and letters
  • In recruitment, financial reviews and interviews
  • In customer surveys
  • If you take part in our competitions or promotions
  • If you communicate with us via social media
  • If your child is a pupil of St Mary’s or St Margaret’s School
  • If you use our facilities for any form of activity
  • If you complete any forms or questionnaires for us


Data we collect when you use our services:

  • Profile and usage data. This includes security information you create and use to connect to our services. It also includes your settings and marketing choices. We also gather data from the devices you use (such as computers and mobile phones) to connect to our mobile phone application and online platforms. This also includes your sports centre usage information.
  • Payment and transaction data.
  • Any other data that you choose to provide us with.


Data between outside organisations:

  • Companies that introduce you to us (e.g. GP Referral)
  • Social networks
  • Financial services
  • Data processors
  • Security companies
  • Service providers
  • Healthcare organisations
  • Healthcare professionals
  • Banks
  • Payroll service providers
  • Government and law enforcement services and agencies
  • Credit card providers

 

Privacy Notice

 

How we use your personal information and how long we keep it for

To give you the best experience possible, we carefully use your personal information and only as follows, for no more than 24 months after your membership contract has terminated.

  • We use your contact information – e.g. email, address, phone number - to deliver our services and related information to you.
  • We use your financial information e.g. bank & card info for payments in order to maintain your membership at St Mary’s Calne Sports Centre.
  • We use your demographic data e.g. age, gender, interests, business information and similar to give you the best possible experience.
  • We use your unique identity information – e.g. name or email and password to give you access to our mywellness application and online booking platforms.
  • We use your online click data and related information for analysing and improving our services.
  • We use information about your computer and about your visits to and use of this website, such as IP address, location, browser type, referral source, length of visit, number of page views.
  • We use the information you provide to us for the purpose of using our facilities.
  • We use your information to send you information, current programs, activities and other marketing communications relating to the sports centre which we think may be of interest to you by post or where you have specifically consented to this, by email or similar technology (you can inform us at any time if you no longer desire these communications to be sent to you).
  • To deal with enquiries and/or complaints made by or about you.
  • We use personnel files concerning employment matters, including staff health & welfare and safeguarding.
  • We use references given to the sports centre about current and prospective employees.

We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.

In addition to the disclosures reasonably necessary for the purposes identified within this privacy policy, we may disclose information about you:

  • To the extent that we are required to do so by law.
  • In connection with any legal proceedings or prospective legal proceedings.
  • In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
  • To the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling.
  • Except as provided in this privacy policy, we will not provide your information to third parties.


We are permitted to do this based on your consent, any contract we have agreed, our mutual legitimate interests or existing law. We do not share your personal information with anyone else and we protect personal data with established best practice information security measures which are aligned with data privacy law (GDPR) requirements. You have the right to know what personal information we are using and can ask for any errors to be corrected. You also have the right to request a copy of your personal information or for it to be deleted and for us to stop using it. You can also opt out of individual profiling and automated decision making.

 

You’re in control

How to get a copy of your personal information:

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that organising an easy to understand personal data request process (also known as SAR Subject Access Record request) for individuals is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.

You may instruct us to provide you with any personal information we hold about you by emailing This email address is being protected from spambots. You need JavaScript enabled to view it. or by writing to us at this address:

St Mary’s Calne Sports Centre
63 Curzon Street
Calne
Wiltshire
SN11 0DF



How to complain:

If you have any questions or feedback, please contact Lee Chalk at  ST MARY'S SCHOOL (CALNE) SERVICES LIMITED, Curzon Street, Calne, Wiltshire, SN11 0DF, tel: +44 1249 857335.

You also have the right to complain to the regulator or to lodge an appeal if you are not happy with the outcome of a complaint. In the UK this is the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

 

How to withdraw your consent:

You may instruct us to not process your personal data for communication and marketing purposes by email at any time – in practice you will either expressly agree in advance to our use of personal data for communication and marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal data for communication and marketing purposes.

 

Letting us know if your personal information is incorrect:

You have the right to question any information we have about you that you think is incorrect. We’ll take reasonable steps to check this for you and correct it.

If you want to do this please contact us by emailing This email address is being protected from spambots. You need JavaScript enabled to view it.. Or you can call or visit the sports centre during our opening hours.

 

Your rights

 

The right to object – You can object to us keeping or using your personal data (other than that required contractually to maintain your membership with St Mary’s Calne Sports Centre). This is subject to certain exemptions and limitations.

The right to erasure – You can ask us to delete, remove or stop using your information if there is no need for us to keep it. This is subject to certain exemptions and limitations.

The right to access – You can access and understand the personal data that is held by the sports centre.

The right to complain – You can complain to the Information Commissioner if you feel we are processing your personal information unlawfully.

There may be legal or other official reasons why we need to keep or use your data, but please tell us if you think we should not be using it.


Cookies

 

We use cookies on our website. A cookie is a text file sent by a web server to a web browser, and stored by the browser. The text file is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.

We may use the information we obtain from the cookie in the administration of this website, to improve the website’s usability and increase security. We may also use that information to recognise your computer when you visit our website, and to personalise our website for you.

We use Google Analytics to analyse the use of our website. Google Analytics generate statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to using our website is used to create reports about the use of our website. Google will store this information. Google’s privacy policy is available at www.google.com/privacy.

You can block cookies by activating the setting on your browser which allows you to refuse the setting of all or some cookies.

However, if you use your browser settings to block all cookies you may not be able to access all parts of our website. You may also opt out of Google Analytics at https://tools.google.com/dlpage/gaopout.

 

Security of your Personal Data

 

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.

We will store all the personal information you provide on our secure servers. All electronic transactions you make to or receive from us will be encrypted using SSL technology.

Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

You are responsible for keeping your password and user details confidential. We will not ask you for your log-on details.



Policy Amendments

 

We may update this Privacy Policy from time to time by posting a new version on our website. You should check this page regularly to ensure that you are aware of any changes. We may also notify you of changes to the Privacy Policy by email.

 

Third Party Websites

 

The website contains links to other websites. We are not responsible for the privacy policies or practices of those websites.

 

Updating Information

 

Please contact us if the information that we hold about you is wrong or needs to be corrected or updated.

 

Contact

 

If you have any questions regarding this privacy policy or about how your personal information is treated or processed, please contact the sports centre – This email address is being protected from spambots. You need JavaScript enabled to view it..

 

Our Policies

 

Training Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that training our employees about the importance of protecting the privacy of people's personal data is essential under GDPR and helps us improve our business performance in general. We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.


Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via the intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.

 

Data Audit and Risk Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that auditing the personal data we use and assessing then tackling the risks of noncompliance is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.

 

Lawful Basis Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that keeping personal data lawful basis records is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.

 

Subject Access Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that organising an easy to understand personal data request process (also known as SAR Subject Access Record request) for individuals is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.



Data Breach Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that organising an easy to understand personal data breach response process is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.

 

International Data Transfer Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that ensuring a clear understanding of international personal data transfer GDPR rules across the business is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.

 


Children & Sensitive Data Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that ensuring a clear understanding of sensitive and children’s personal data usage rules across the business is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.

 


GDPR Project Team Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that ensuring a clear understanding of how GDPR projects are best resourced and the project team’s structure including ST MARY'S SCHOOL (CALNE) SERVICES LIMITED Designated Protection Officer who is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.

 

Privacy by Design Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that data protection and privacy by design and default is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.


Project Plan Policy

At ST MARY'S SCHOOL (CALNE) SERVICES LIMITED we acknowledge that having a clear project plan and critical path is essential under GDPR and helps us improve our business performance in general.

We are committed to ensuring your personal data is managed competently by us via:

  • Ensuring compliance with all relevant legislation as a minimum.
  • Setting and reviewing performance against objectives and targets that drive continuous improvements in our compliance in this area.
  • Providing sufficient information, resources and training to facilitate the achievement of our objectives in this area.

Overall responsibility for data privacy and protection in line with GDPR rests with the Company Secretary. The Executive Board discharges this responsibility through the Division teams who are responsible for the implementation of this Policy. This Policy statement applies to the whole of ST MARY'S SCHOOL (CALNE) SERVICES LIMITED and is available to all employees via our intranet. The policy is also made publicly available on our website. The contents of this Policy will be reviewed and updated as necessary and on at least an annual basis.

 

May 2018