This policy was last updated on 23 March 2022.
Our contact details
Everybody's Cycling CBS is contactable via:
22 Hospital Fields Road, York, YO10 4DZ
What information do we collect about you?
Personal information we collect may include:
• your name, title, gender and date of birth
• the nature of your disability/mobility restrictions/support needs
• your postal address, email address and telephone number
• social media account details
• family and spouse/partner details
• relationships to other donors, and/or trustees, and/or directors, and/or staff
• current interests and activities
We will also collect and hold information about any contact you have with us as a customer, which may detail:
• previous and current enquiries and/or sales relating to product(s)/service(s)
• event/programme registration and/or attendance
• contact preferences
• Direct Debit bank details where applicable
• Gift Aid status and declaration details where applicable
• details of correspondence sent to you, or received from you
• donor status
• employment information and professional activities
• selected media coverage, where relevant
• any other information provided by yourself at our request
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
• making an enquiry/purchasing our product(s)/service(s)
• registering for/attending our event(s)/programme(s)
• signing up to receive our e-newsletter
• opting in to receive other marketing material – online/by telephone/by post
• completing customer surveys and/or surveys we use to research products and services
• donating goods, services and/or money
• joining our shareholder scheme
• working with us as a project/service/event/programme delivery partner
We use the information that you have given us for the following reasons:
• transactional – to process enquiries, manage products and services
• collation of feedback
• for market research
• assessment of data to inform company strategy and/or audit purposes
• dissemination of information on our range of products and services – due to an existing relationship, or because you have opted in to receive this information
• to provide relevant updates on products and services
• for compliance with legal and financial regulatory obligations to which we are subject
• other relevant communications based upon your relationship with us
We may use data analysis or tools to monitor the effectiveness of our communications with you. This could include email tracking, which records when an e-newsletter from us is opened and/or how many links are clicked within the message. The data from this kind of tracking is generally used in an aggregated and anonymised form.
We may share this information with subcontractors working for us.
We may share this information (if provided as part of a relevant event/programme/project) with relevant funders and/or partner organisations. Data is generally used in an aggregated and anonymised form – it will be made clear to you upon providing your details if this is not the case.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
• your consent – you can remove your consent at any time by writing to us, emailing us, or telephoning us (please use the contact details outlined at the start of this policy)
• contractual obligations – necessary for the supply/delivery of our products/services as per any quote you have requested and/or contract we have agreed with you; or if the good/service we have provided to you, or the event/programme you have registered for/taken part in, is partially/fully externally funded (with funder(s) specifying outcomes reliant on data collection/retention/sharing)
How we store your personal information
We have implemented procedures, rules and technical measures to protect the personal information that we have under our control. We use these measures to keep your personal information secure from unauthorised access, improper use or disclosure, or unauthorised modification. All our employees and subcontractors, who may have access to, and are associated with the processing of personal information, are legally obliged to respect confidentiality.
We will retain your personal information for as long as the information is deemed essential, potentially useful or potentially relevant and in accordance with record keeping legal obligations. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and our commitment to securely destroy outdated, unused information at the earliest reasonable opportunity.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - you have the right to ask us for copies of your personal information
Your right to rectification - you have the right to ask us to rectify personal information you think is inaccurate (you also have the right to ask us to complete information you think is incomplete)
Your right to erasure - you have the right to ask us to erase your personal information in certain circumstances
Your right to restriction of processing - you have the right to ask us to withdraw your personal information from processing in certain circumstances
Your right to data portability - you have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please use the contact details outlined at the start of this policy if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us – please use the contact details outlined at the start of this policy.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk