Spider Climbing
Privacy Notice
Your privacy is important to us. This Privacy Notice gives details of the personal information that we collect in the running of our business, and how we keep it secure.
Personal information we collect about you
Information you provide directly to us:
- When you register to use the centre (including your name, date of birth, email address, postal address, telephone number, emergency contact details, gender, climbing experience and signature)
- When you book a session or make purchases with us (including your name, date of birth, email address, transaction and payment details)
- When you visit us for a climb (including your check-in history, and images and videos of you taken while on the premises (also see our Photography & Filming policy below))
- When we communicate with you (including your name, date of birth, email address, postal address, telephone number, any other personal information you provide and the content of our communications)
- When you subscribe to our email mailing lists (including your name, email and mailing preferences)
- When you use our WiFi (we may collect data about your device, the volume of data which you use, the websites and applications which you access, your usage by access time and frequency, and your general location)
- Other information that you choose to provide or send to us during our relationship.
Other information:
- Your personal information may be available to us from external publicly available sources (for example, depending on your privacy settings, via social media services)
- In certain situations, we may collect and/or use special categories of data (for example, information on climbers’ medical conditions relevant to their use of our facilities – we will only process these special categories of data if there is a valid reason for doing so and where the GDPR allows us to do so)
- Our services are used by people of all ages. We may accept registrations and collect personal information about children under the age of 18 from their parent or guardian or with their parent or guardian’s consent. We do not wish to collect any personal information without this consent.
Data we derive through your interactions with us:
- General user information about your computer and your visits to our website (including your IP address, location, browser, operating system, referral source, length of visit and the pages you visit). This information can be facilitated by cookies (see our Cookies policy below); and
- Other information that may be generated when you use our website, interact with us online or visit our centre.
How we will use your personal information
We will only use your personal information for our legitimate business purposes as set out in this Privacy Notice. We will make it clear to you if we intend to use your information for any purpose that is not obvious.
We use your data:
- To administer our facilities, our websites and our business
- To enable your use of our services, including registration, bookings and attendance at our facilities
- To assist you with certification schemes, such as NICAS/NIBAS
- To manage relationships with our partners and service providers
- To respond to your requests for information
- To send you email or postal mail e.g. gift cards, brochures or information that you have specifically requested
- To send invoices, reports, statements, payment reminders and collect payments from you
- To deal with any enquiries or complaints by you or about you
- To understand how you (and others) are using our services and to help us improve and develop our services, including conducting internal analyses
- To keep you safe when using our centre and enable us to provide information to emergency services and emergency contacts in case of accidents
- To keep our facilities and systems secure and prevent fraud
- To send you other necessary information about our services and our relationship
- To contact you about new services, offers, events or news where it is legitimate for us to do so
- To otherwise manage our relationship with you or comply with health and safety or other legal obligations
- For the establishment, defence and/ or enforcement of legal claims
- As is otherwise necessary for our legitimate business interests.
We do not:
- Sell your data to third parties for their own purposes
- Use your data to send you unsolicited marketing communications.
When we share your personal information with others
In order to run our business effectively and provide the best possible service to customers, we use various third-party services to administer and store your personal information. These include:
- Rock Gym Pro: storage and processing of our customer database. Their privacy policy: https://www.rockgympro.com/privacy-policy/
- Smartwaiver: collection, storage and processing of our digital user registration forms. Their privacy policy: https://www.smartwaiver.com/p/Privacy
- Other reputable third parties used for emailing, file storage and processing payment transactions
- The ABC Training Trust, for the administration of NICAS/NIBAS.
In special cases we may also need to share your information with other third parties, including:
- Professional advisors and insurers: We may have to provide information to our advisors as necessary in running our business
- Regulatory bodies and law enforcement: We may disclose personal information to a third-party authority, such as a law enforcement or child protection agency, if legitimately required to do so
- Corporate transactions: If we sell or transfer the whole or part of our business or assets we may transfer personal information to the buyer or transferee, on the basis that it would be used in accordance with the terms of this Privacy Notice.
How we store your information and keep it secure
We will take care to ensure that your personal information is secure:
- We follow good practice security protocols across our business to ensure that information is protected
- We regularly review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to our systems
- Where we need to share customer information with third parties to administer our business, we ensure that these third parties are reputable, use up to date security protocols, and have appropriate privacy policies in place.
How long your information will be held
We will endeavour not to keep your personal information for longer than necessary for the permitted purposes. We need to keep customer details for at least 6 full tax years under the UK tax laws. After that, until you ask us in writing to delete your personal data, we will keep it to enable us to contact you as mentioned elsewhere in this notice.
We may need to retain certain information for reasonable business or legal purposes (e.g. accounts information, unsubscribe records, information needed to prevent identity theft, legal disputes and misconduct) even if deletion has been requested, subject to the conditions of GDPR.
Exercising your rights
You have the right to:
- ask us in writing for details of the personal data that we hold on you
- require us to rectify any errors
- have your personal data deleted if there is no reason for its continued storage and processing
- lodge a complaint about the data controller with the ICO (Information Commissioner’s Office).
Further details about your rights under data protection legislation can be found on the ICO’s website at https://ico.org.uk/.
Please note that if you delete or restrict information we hold about you, it may prevent you from making full use of our services.
Other important information:
Cookies Policy
Your internet browser has the in-built facility for storing small files – “cookies” – that hold information which allows a website to recognise your account. Our website takes advantage of this facility to enhance your experience. You have the ability to prevent your computer from accepting cookies but, if you do, certain functionality on the website may be impaired.
Photography and Filming
Users of our facilities should be aware that at events, and at other times, we will take photos and video in the centre for use in our social media, website and other marketing purposes. If you would like us to remove an image which features you prominently that you are not happy with, please contact us directly.
CCTV/Surveillance
We have installed CCTV systems in some of our premises used by members of the public, for the purposes of public and staff safety and crime prevention and detection. CCTV is also installed on the outside of some of our buildings for the purposes of monitoring building security and crime prevention and detection.
Images captured by CCTV will not be kept for longer than necessary. However, on occasions there may be a need to keep images for longer, for example where a crime is being investigated.
We will only disclose images and audio to other authorised bodies who intend to use it for the purposes stated above. Images and audio will not be released to the media for entertainment purposes or placed on the internet for public viewing.
We operate CCTV and disclose in accordance with the codes of practice issued by the Information Commissioner and the Home Office.
About Us and this notice:
Who we are/ Contact us
We are the “Spider Climbing” group of companies, acting through our 3 centres White Spider Climbing Ltd (registered company number 07456949), Red Spider Climbing Ltd (registered company number 09467518) and Green Spider Climbing Ltd (registered company number 11139627) (together, “we”, “us”, “our”).
Please let us know if you have any questions or concerns about this Notice or about the way in which our facilities process your personal information by contacting us at the channels below.
- By email: info@spiderclimbing.com
- By telephone: 020 3302 2576
- By post: Spider Climbing, 225 Hook Rise South, Surbiton, KT6 7LD
Changes to this Privacy Notice
Any changes to this Notice will be placed here and will supersede this version. We will take reasonable steps to draw your attention to any changes in our policy. However, to be on the safe side, we suggest that you read this document each time you use the website to ensure that it still meets with your approval.
This notice applies from May 25, 2018.