Privacy

Last updated: 18 April 2018

Overview

In accordance with the General Data Protection Regulation, personal data is “any information relating to an identified or identifiable natural person” such as a name, email address, postal address or IP address. Processing of personal data refers to “any operation or set of operations which is performed on personal data”.

This privacy policy sets out how and why Whitley Warriors Ice Hockey Club processes any personal data that you give us when you use this website. It is written in plain language with as little jargon as possible. It is set out in sections to make it easier to understand.

Your Account

Your Account

What personal data do we process?

When you set up an account on our website we collect your email address. You then have the option to add your first name, surname, billing address and shipping address. Additionally, you may opt for our website to store your payment details. This is held in an encrypted format – see the E-Commerce section below for more details.

Why do we process this personal data?

Your email address is required to send you instructions on how to set your account password. Your first name, surname, billing address, shipping address and payment method are used to make your online shopping experience smoother by pre-filling these fields at the checkout.

How long do we keep this personal data for?

This data is kept until you delete your account.

Who has access to this personal data?

Our payment processor has access to your encrypted payment details – see the E-Commerce section below for more details. Our website team has access to this personal data. It is not shared with any other third party unless we are legally required to do so.

How do I delete my account?

You can permanently remove your account by going to My Account > Account details. Below the ‘Password change’ option is the ‘Delete my account’ option. Click the ‘Delete Account’ link then click OK in the confirmation popup. Your account will be deleted immediately and you will be redirected to the website home page. This will also delete any comments you have made on articles and any product reviews. Orders you have placed on the website will not be deleted – transaction data will be reatined for six years from the date of the transaction.

Certain account types, such as administrator and editor accounts, cannot be deleted using this method and must be deleted by the website administrator.

E-commerce

E-commerce

What personal data do we process?

When you place an order on our website, we collect the following personal data:

  • Billing details
    • First name
    • Surname
    • Company name (optional)
    • Street address
    • Town/city
    • County
    • Postcode
    • Country
  • Shipping details (optional)
    • First name
    • Surname
    • Company name
    • Street address
    • Town/city
    • County
    • Postcode
    • Country
  • Email address
  • Telephone number
  • IP address

Additionally, certain data is collected by Google Analytics when you make a purchase from our website – please see the Google Analytics section below for more details.

Why do we process this personal data?

Billing details are required to process the debit or credit card transaction and for delivery of the item(s) ordered. Credit and debit card transactions are handled by Stripe on behalf of Whitley Warriors Ice Hockey Club. Your card details are encrypted (known as tokenisation) by your web browser before they are transmitted securely to Stripe, who will then process the transaction. We do not have access to your credit or debit card details at any time and we do not hold untokenised credit or debit card details on our server. The tokenised version of your card details, which can only be decrypted by Stripe, is stored on our server if you select the option to save your payment method in your account.

Shipping details are only required if the item(s) ordered are to be delivered to a different address to the billing details. Your email address is used to contact you regarding your order. Your telephone number is required in case we need to get in touch urgently regarding your order for example if an item in your order is time-limited in some way,

We require your IP address to locate which country you are in because sales are currently restricted to the United Kingdom.

How long do we keep this personal data for?

We keep the transaction data for six years from the date of the transaction.

Who has access to this personal data?

Stripe has access to your billing details so they can process the transaction. You can see their privacy policy at stripe.com/gb/privacy. Our website and e-commerce teams have access to this personal data. It is not shared with any other third party unless we are legally required to do so.

Mailing Lists

Mailing Lists

What personal data do we process?

When you sign up to our mailing list, we collect your name, surname and email address.

There are various forms throughout the website that can be used to subscribe to the mailing list. Subscribing requires explicit consent on the form and a further opt-in via email.

Why do we process this personal data?

Your email address is required to send you our promotional emails. Your first name and surname are required to personalise the ‘To’ field and greeting line of the email.

How long do we keep this personal data for?

This data is kept until it is manually removed. If you unsubscribe, your data will remain on the list but will be marked as ‘Unsubscribed’ and you will not receive any further emails. This is to keep any preferences you may have set when you were subscribed in the event of you re-subscribing to the list.

Who has access to this personal data?

Our email mailing list provider is MailChimp. You can find their privacy policy at mailchimp.com/legal/privacy. Our website team has access to this personal data. It is not shared with any other third party unless we are legally required to do so. MailChimp has two-factor authentication activated in case of an attempted hack using login credentials.

How do I delete my personal data?

Contact us and let us know you want your personal data to be deleted from the marketing list. We will manually remove your data and confirm this to you by email when it is completed.

Contact Forms

Contact Forms

What personal data do we process?

There are various contact forms in use throughout our website. Every contact form will collect your first name, surname and email address. Certain contact forms may also collect your telephone number. Contact form data is emailed to us securely.

Why do we process this personal data?

We collect your email address so we can reply to your message if necessary. Every contact form will send an automated reply to notify you that your message has been sent.

How long do we keep this personal data for?

Personal data from contact forms is kept for varying lengths of time depending on the reason for contact. General queries from the public will be archived until the end of the current ice hockey season, after which they will be deleted unless there is a legitimate reason to retain them for longer. Messages that require forwarding to specific members of the Club’s management team may also be retained for longer.

Who has access to this personal data?

Our website team has access to this personal data in the first instance. If the query requires the attention of another member of the Club’s management team, the appropriate member will also have access to the personal data. It is not shared with any third party unless we are legally required to do so.

Location Services

Location Services

What personal data do we process?

Our website collects your location using your device’s GPS data if you grant us permission to do so using the permissions functions of your device.

Why do we process this personal data?

This data is used to provide directions from your current location to Whitley Bay Ice Rink.

How long do we keep this personal data for?

This data is not retained or stored on our systems.

Who has access to this personal data?

Directions are provided by Google Maps. You can find their privacy policy at policies.google.com/privacy. We do not have access to this personal data.

Text Voting

Text Voting

What personal data do we process?

We collect your mobile telephone number.

Why do we process this personal data?

We require your mobile number in order to ascertain the number that has sent us the text message so we can prevent the same number voting multiple times. The vote may also require us to send a text message reply to a voter. For example, a voter may be able to win a prize as an incentive to cast a vote and winners would be notified by text message.

How long do we keep this personal data for?

We retain this personal data until the vote has closed, as per the terms and conditions of that vote, and we have noted the winner(s) of the vote unless we are sending a text message reply. In this instance, we will delete all personal data except the number(s) requiring replies. This data will be deleted once no further communication is required.

Who has access to this personal data?

Our SMS systems provider is Text Local. You can find their privacy policy at textlocal.com/legal/privacy. Your mobile number is stored on their servers for the timescale mentioned above. Our website team has access to this personal data. It is not shared with any other third party unless we are legally required to do so.

Amazon Alexa

Amazon Alexa

What personal data do we process?

We do not process any personal data in our Alexa skill. You can find Amazon’s terms and conditions for Alexa at amazon.co.uk/gp/help.

Google Analytics

Google Analytics

What personal data do we process?

We track users’ visits to our website using Google Analytics including where the user was directed to our website from, which pages they visited and for how long, whether they are a first-time visitor or returning visitor. Google Analytics will also track anonymous user demographics including age range, gender and users’ interests depending on whether the user is signed into a Google account on their browser at the time of their visit to our website. Users’ IP addresses are anonymised.

Additionally, Google Analytics will track purchases made on our website. Individual order numbers will be recorded by Google Analytics which, in association with our e-commerce sales records, will allow a user to be personally identified. No other personal data is included.

Why do we process this personal data?

We use this data to track our website’s popularity and to see which pages are our most visited, allowing us to enhance our website accordingly. We use e-commerce data to measure conversions based on where the user was directed to our site from in order to ascertain where we should concentrate our marketing efforts.

How long do we keep this personal data for?

Google Analytics data is held for 26 months.

Who has access to this personal data?

Our website team has access to this personal data. It is not shared with any other third party unless we are legally required to do so.

Can I see the personal data you hold relating to me?

Can I see the personal data you hold relating to me?

Yes, of course. Please write to Whitley Warriors Ice Hockey Club, c/o Whitley Bay Ice Rink, Hillheads Road, Whitley Bay, NE25 8HP. We will provide all your personal data held within one month. If you find any discrepancies in the data, let us know and we will rectify it immediately.