Our Privacy Policy

This privacy policy will explain how Everybody's Cycling CBS use the personal data and information they (referred to herein after as ‘we’) collect about you and what is done with it.

This policy was last updated on 23 March 2022.

Our contact details

Everybody's Cycling CBS is contactable via:
22 Hospital Fields Road, York, YO10 4DZ

01904 951900

hello@everybodyscycling.org.uk

What information do we collect about you?

Personal information we collect may include:

• your name, title, gender and date of birth
• the nature of your disability/mobility restrictions/support needs
• your postal address, email address and telephone number
• social media account details
• family and spouse/partner details
• relationships to other donors, and/or trustees, and/or directors, and/or staff
• current interests and activities

Our website collects the following type of information about you, using ‘cookies’:

'session cookies' which are stored only temporarily during a browsing session to allow normal use of the system and are deleted from your device when the browser is closed.

'persistent cookies' which are read only by the website, saved on your computer for a fixed period and are not deleted when the browser is closed – such cookies are used where we need to know who you are for repeat visits, for example to allow us to store your preferences for the next sign-in.

'third-party cookies' which are set by other online services who run content on the page you are viewing, for example by third-party analytics companies who monitor and analyse our web access.

Cookies do not contain any information that personally identifies you, but personal information that we store about you may be linked, by us, to the information stored in and obtained from cookies. You may remove the cookies by following the instructions of your device preferences. However, if you choose to disable cookies, some features of our website may not operate properly, and your online experience may be limited.

We also use a tool called “Google Analytics” to collect information about your use of the website. Google Analytics collects information such as how often users access the website, which pages they visit, when they do so, etc. We use the information we obtain from Google Analytics only to improve our website and services. Google Analytics collects the IP address assigned to you on the date you visit sites, rather than your name or other identifying information. We do not combine the information collected using Google Analytics with personally identifiable information. Google’s ability to use and share information collected by Google Analytics about your visits to our website is restricted by the Google Analytics Terms of Use and the Google Privacy Policy.

We will also collect and hold information about any contact you have with us as a customer, which may detail:

• previous and current enquiries and/or sales relating to product(s)/service(s)
• event/programme registration and/or attendance
• contact preferences
• Direct Debit bank details where applicable
• Gift Aid status and declaration details where applicable
• details of correspondence sent to you, or received from you
• donor status
• employment information and professional activities
• selected media coverage, where relevant
• any other information provided by yourself at our request

 

How we get the personal information and why we have it

Most of the personal information we process is provided to us directly by you for one of the following reasons:

• making an enquiry/purchasing our product(s)/service(s)
• registering for/attending our event(s)/programme(s)
• signing up to receive our e-newsletter
• opting in to receive other marketing material – online/by telephone/by post
• completing customer surveys and/or surveys we use to research products and services
• donating goods, services and/or money
• joining our shareholder scheme
• working with us as a project/service/event/programme delivery partner

We use the information that you have given us for the following reasons:

• transactional – to process enquiries, manage products and services
• collation of feedback
• for market research
• assessment of data to inform company strategy and/or audit purposes
• dissemination of information on our range of products and services – due to an existing relationship, or because you have opted in to receive this information
• to provide relevant updates on products and services
• for compliance with legal and financial regulatory obligations to which we are subject
• other relevant communications based upon your relationship with us

 

We may use data analysis or tools to monitor the effectiveness of our communications with you. This could include email tracking, which records when an e-newsletter from us is opened and/or how many links are clicked within the message. The data from this kind of tracking is generally used in an aggregated and anonymised form.

We may share this information with subcontractors working for us.

We may share this information (if provided as part of a relevant event/programme/project) with relevant funders and/or partner organisations. Data is generally used in an aggregated and anonymised form – it will be made clear to you upon providing your details if this is not the case.

 

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

• your consent – you can remove your consent at any time by writing to us, emailing us, or telephoning us (please use the contact details outlined at the start of this policy)
• contractual obligations – necessary for the supply/delivery of our products/services as per any quote you have requested and/or contract we have agreed with you; or if the good/service we have provided to you, or the event/programme you have registered for/taken part in, is partially/fully externally funded (with funder(s) specifying outcomes reliant on data collection/retention/sharing)

 

How we store your personal information

We have implemented procedures, rules and technical measures to protect the personal information that we have under our control. We use these measures to keep your personal information secure from unauthorised access, improper use or disclosure, or unauthorised modification. All our employees and subcontractors, who may have access to, and are associated with the processing of personal information, are legally obliged to respect confidentiality.

We will retain your personal information for as long as the information is deemed essential, potentially useful or potentially relevant and in accordance with record keeping legal obligations. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and our commitment to securely destroy outdated, unused information at the earliest reasonable opportunity.

 

Your data protection rights

Under data protection law, you have rights including:

Your right of access - you have the right to ask us for copies of your personal information

Your right to rectification - you have the right to ask us to rectify personal information you think is inaccurate (you also have the right to ask us to complete information you think is incomplete)

Your right to erasure - you have the right to ask us to erase your personal information in certain circumstances

Your right to restriction of processing - you have the right to ask us to withdraw your personal information from processing in certain circumstances

Your right to data portability - you have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please use the contact details outlined at the start of this policy if you wish to make a request.

 

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us – please use the contact details outlined at the start of this policy.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk