Skip to main content
HomePrivacy Policy

Privacy Policy

Last updated: January 2024

Adventure Wales ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

1. Information We Collect

Information You Provide

We collect information you provide directly to us, including:

  • Account Information: Name, email address, password, phone number
  • Booking Information: Participant details, emergency contacts, medical information relevant to activities
  • Payment Information: Billing address and payment details (processed securely by our payment processor)
  • Communications: Messages you send to us, feedback, reviews, and survey responses
  • Profile Information: Preferences, interests, profile photos you choose to add

Information Collected Automatically

  • Usage Data: Pages viewed, search queries, clicks, time spent on pages
  • Device Information: IP address, browser type, operating system, device identifiers
  • Location Data: Approximate location based on IP address (precise location only with your permission)
  • Cookies and Similar Technologies: See our Cookie Policy

Information from Third Parties

We may receive information from activity operators, payment processors, analytics providers, and social media platforms (if you choose to connect your accounts).

2. How We Use Your Information

We use your information to:

  • Process and manage bookings, payments, and cancellations
  • Communicate with you about your bookings and account
  • Provide customer support and respond to enquiries
  • Send you booking confirmations, updates, and safety information
  • Improve and personalize your experience on our platform
  • Send marketing communications (with your consent, where required)
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations and enforce our terms
  • Conduct analytics and research to improve our services

4. Sharing Your Information

We share your information with:

  • Activity Operators: Booking details, participant information necessary to provide the activity safely
  • Payment Processors: Stripe, PayPal, and other payment providers to process transactions
  • Service Providers: Email services, analytics tools, hosting providers, customer support platforms
  • Legal Authorities: When required by law or to protect rights and safety
  • Business Transfers: In connection with mergers, acquisitions, or asset sales

We do not sell your personal data to third parties.

5. Data Retention

We retain your personal data for:

  • Account Data: Until you request deletion or close your account
  • Booking Data: 7 years for tax and accounting purposes
  • Communications: 3 years from last interaction
  • Marketing Data: Until you unsubscribe or withdraw consent
  • Legal Claims: As long as necessary to defend or pursue legal claims

6. Your Rights Under GDPR

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we use your data
  • Data Portability: Receive your data in a machine-readable format
  • Object: Object to processing based on legitimate interests or for marketing
  • Withdraw Consent: Withdraw consent for processing at any time
  • Lodge a Complaint: File a complaint with the UK Information Commissioner's Office (ICO)

To exercise these rights, contact us at privacy@adventurewales.co.uk.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and deliver personalized content. For detailed information, please see our Cookie Policy.

You can manage cookie preferences through your browser settings or our cookie consent tool.

8. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (SSL/TLS) and at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication requirements
  • Employee training on data protection
  • Incident response and breach notification procedures

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

9. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal data from children. Parents/guardians make bookings on behalf of children participating in activities.

If you believe we have collected data from a child, contact us immediately at privacy@adventurewales.co.uk.

10. International Data Transfers

Your data may be transferred to and processed in countries outside the UK/EEA. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the UK/EU
  • Adequacy decisions by the UK/EU for certain countries
  • Binding corporate rules and certifications

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

  • Posting the updated policy with a new "Last Updated" date
  • Sending an email notification to registered users
  • Displaying a prominent notice on our website

Continued use of our services after changes indicates acceptance of the updated policy.

12. Contact Us

For questions about this Privacy Policy or to exercise your rights, contact our Data Protection Officer:

Email: privacy@adventurewales.co.uk

Post:
Data Protection Officer
Adventure Wales
Innovation Centre
Cardiff Bay, CF10 4BZ
Wales, United Kingdom

UK ICO Registration: [Registration Number]