Data Protection Policy
What is this privacy notice/policy?
This Data Privacy Notice/Policy describes the categories of personal data Floral Fringe Fair process and for what purposes. Floral Fringe Fair is committed to collecting and using such data fairly and in accordance with the requirements of the General Data Protection Regulations (GDPR), the regulations set by the European Union, and Data Protection Act 2018 (DPA 2018), the UK law that encompasses the GDPR.
This Privacy Notice/Policy applies to members, parents/guardians of youth visitors, volunteers, employees, contractors, suppliers, supporters, donors and members of the public who will make contact with Floral Fringe Fair.
Who we are?
The Data Controller for Floral Fringe Fair is Jean Jackman
From this point on Floral Fringe Fair will be referred to as “we”.
The data we may process
The majority of the personal information we hold, is provided to us directly by you or by the parents or legal guardians of youth visitors verbally or in paper form, digital form or via our online ticket system, Future Ticketing. In the case of staff and volunteers, data may also be provided by third parties, such as the England & Wales - Disclosure and Barring Service (DBS).
Where a visitor, trader, volunteer or staff member is under the age of 18, this information will only be obtained from a parent or guardian and cannot be provided by the young person.
We may collect the following personal information:
Personal contact details such as name, title, address, telephone numbers and personal email address - so that we can contact you.
Gender – so that we can address individuals correctly and accommodate for any specific needs.
Emergency contact information - so that we are able to contact someone in the event of an emergency.
Bank account details, payroll information and tax status information - so that we are able to pay any staff that might be employed by us and collect gift aid from HMRC where donations are made.
The lawful basis we process your data by
We comply with our obligations under the GDPR and DPA 2018 by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
In most cases the lawful basis for processing will be through the performance of a contract for personal data of our visitors and legitimate interest for personal data of youth visitors. Sensitive (special category) data for both adult volunteers/staff and all visitors/contractors will mostly align to the lawful basis of legitimate activities of an association. Explicit consent is requested from parents/guardians to take photographs of younger visitors. On occasion, we may use legitimate interest to process photographs where it is not practical to gather and maintain consent such as large-scale events. On such occasions, we will make it clear that this activity will take place and give individuals the opportunity to exercise their data subject rights.
We use personal data for the following purposes:
We use personal sensitive (special) data for the following purposes:
Our retention periods
We will keep certain types of information for different periods of time in line with our retention policy. https://www.floralfringefair.co.uk/Data_Retention_Policy.html
Sharing your information
We will share your personal information with others outside of Floral Fringe Fair where we need meet a legal obligation. This may include local authority services and law enforcement. We will only share your personal information to the extent needed for those purposes.
We will only share your data with third parties outside of the organisation where there is a legitimate reason to do so.
We will never sell your personal information to any third party.
Where personal data is shared with third parties we will seek assurances that your personal data will be kept confidential and that the third party fully complies with the GDPR and DPA 2018.
How we store your personal data
We generally store personal information in the following ways:
Printed records and data held while attending events - paper is sometimes used to capture and retain some data for example:
Event Registration
Health and contact records forms (for events)
Events coordination with event organisers
Paper records for events are used rather than relying on secure digital systems, as often the events are held where internet and digital access will not be available. We will minimise the use of paper to only what is required for the event.
Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
How we provide this privacy notice
A link to this website page is provided to those whose data is being processed by us. A printed version is also available on request.
Your rights
As a Data Subject, you have the right to object to how we process your personal information. You also have the right to access, correct, sometimes delete and restrict the personal information we use. In addition, you have a right to complain to us and to the Information Commissioner’s Office (www.ico.org.uk)12.
Unless subject to an exemption under the GDPR and DPA 20182, you have the following rights with respect to your personal data:
Website Cookies
Forms related cookies
When you submit data through a form such as those found on our contact pages or comment forms, cookies may be set to remember you your user details for future correspondence.
Third Party Cookies
In some special cases we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter through this site.
This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.
For more information on Google Analytics cookies, see the official Google Privacy information page.
Who to contact
If you have any queries relating to this Privacy Notice or our use of your personal data, please contact us by emailing Jean Jackman at jeanfffjackman@gmail.com
Version number and date of the last review
1.0 – 01/06/2024
This Data Privacy Notice/Policy describes the categories of personal data Floral Fringe Fair process and for what purposes. Floral Fringe Fair is committed to collecting and using such data fairly and in accordance with the requirements of the General Data Protection Regulations (GDPR), the regulations set by the European Union, and Data Protection Act 2018 (DPA 2018), the UK law that encompasses the GDPR.
This Privacy Notice/Policy applies to members, parents/guardians of youth visitors, volunteers, employees, contractors, suppliers, supporters, donors and members of the public who will make contact with Floral Fringe Fair.
Who we are?
The Data Controller for Floral Fringe Fair is Jean Jackman
From this point on Floral Fringe Fair will be referred to as “we”.
The data we may process
The majority of the personal information we hold, is provided to us directly by you or by the parents or legal guardians of youth visitors verbally or in paper form, digital form or via our online ticket system, Future Ticketing. In the case of staff and volunteers, data may also be provided by third parties, such as the England & Wales - Disclosure and Barring Service (DBS).
Where a visitor, trader, volunteer or staff member is under the age of 18, this information will only be obtained from a parent or guardian and cannot be provided by the young person.
We may collect the following personal information:
Personal contact details such as name, title, address, telephone numbers and personal email address - so that we can contact you.
Gender – so that we can address individuals correctly and accommodate for any specific needs.
Emergency contact information - so that we are able to contact someone in the event of an emergency.
Bank account details, payroll information and tax status information - so that we are able to pay any staff that might be employed by us and collect gift aid from HMRC where donations are made.
The lawful basis we process your data by
We comply with our obligations under the GDPR and DPA 2018 by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
In most cases the lawful basis for processing will be through the performance of a contract for personal data of our visitors and legitimate interest for personal data of youth visitors. Sensitive (special category) data for both adult volunteers/staff and all visitors/contractors will mostly align to the lawful basis of legitimate activities of an association. Explicit consent is requested from parents/guardians to take photographs of younger visitors. On occasion, we may use legitimate interest to process photographs where it is not practical to gather and maintain consent such as large-scale events. On such occasions, we will make it clear that this activity will take place and give individuals the opportunity to exercise their data subject rights.
We use personal data for the following purposes:
- to provide information about the Floral Fringe Fair
- to administer online ticketing sales
- to maintain our own accounts and records
- to inform you of news, events, activities and services being run or attended by Floral Fringe Fair
We use personal sensitive (special) data for the following purposes:
- for the protection of a person’s health and safety whilst in the care of Floral Fringe Fair
Our retention periods
We will keep certain types of information for different periods of time in line with our retention policy. https://www.floralfringefair.co.uk/Data_Retention_Policy.html
Sharing your information
We will share your personal information with others outside of Floral Fringe Fair where we need meet a legal obligation. This may include local authority services and law enforcement. We will only share your personal information to the extent needed for those purposes.
We will only share your data with third parties outside of the organisation where there is a legitimate reason to do so.
We will never sell your personal information to any third party.
Where personal data is shared with third parties we will seek assurances that your personal data will be kept confidential and that the third party fully complies with the GDPR and DPA 2018.
How we store your personal data
We generally store personal information in the following ways:
- SumUp
- Future Ticketing
- Mail Chimp
- Gmail
- Physical Folders in a locked cabinet
Printed records and data held while attending events - paper is sometimes used to capture and retain some data for example:
Event Registration
Health and contact records forms (for events)
Events coordination with event organisers
Paper records for events are used rather than relying on secure digital systems, as often the events are held where internet and digital access will not be available. We will minimise the use of paper to only what is required for the event.
Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
How we provide this privacy notice
A link to this website page is provided to those whose data is being processed by us. A printed version is also available on request.
Your rights
As a Data Subject, you have the right to object to how we process your personal information. You also have the right to access, correct, sometimes delete and restrict the personal information we use. In addition, you have a right to complain to us and to the Information Commissioner’s Office (www.ico.org.uk)12.
Unless subject to an exemption under the GDPR and DPA 20182, you have the following rights with respect to your personal data:
- The right to be informed – you have a right to know how your data will be used by us.
- The right to access your personal data – you can ask us to share with you the data we have about you. This is a Data Subject Access Request.
- The right to rectification – this just means you can update your data if it’s inaccurate or if something is missing.
- The right to erasure – this means that you have the right to request that we delete any personal data we have about you.
- The right to restrict processing – if you think that we are not processing your data in line with this privacy notice then you have the right to restrict any further use of that data until the issue is resolved.
- The right to data portability – this means that if you ask us we will have to share your data with you in a way that can be read digitally – such as a pdf. This makes it easier to share information with others.
- The right to object – you can object to the ways your data is being used.
- Rights in relation to automated decision making and profiling – this protects you in cases where decision are being made about you based entirely on automated processes rather than a human input, it’s highly unlikely that this will be used by us.
Website Cookies
Forms related cookies
When you submit data through a form such as those found on our contact pages or comment forms, cookies may be set to remember you your user details for future correspondence.
Third Party Cookies
In some special cases we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter through this site.
This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.
For more information on Google Analytics cookies, see the official Google Privacy information page.
Who to contact
If you have any queries relating to this Privacy Notice or our use of your personal data, please contact us by emailing Jean Jackman at jeanfffjackman@gmail.com
Version number and date of the last review
1.0 – 01/06/2024