We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.
Our website uses cookies. By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy
Who are we?
Toomer Farm is the data controller, this means it decides how your personal date is collected, handled, processed and stored, and for what purposes. If any of your personal information changes, you believe that any of the information we hold is incorrect or you have any queries with regard to our personal information or our data protection policies and procedures, then please contact us at toomerfarm@hotmail.co.uk.
What is Personal Data?
‘Personal Data, means any information relating to an identified or identifiable natural person (‘data subject); an identifiable natural person is anyone who can be identified, directly or indirectly from that data. Identification can be by the information alone or in combination with other information that is within our possession, control or from other information to which we legally have access to.
What if the legal basis for processing your Personal Data?
All personal Data that we process, will be in accordance with one or more of the following legal basis:
-
Consent from the individual (or someone authorised to consent on their behalf).
-
Where it is necessary in connection with a contract between us and an individual or an individual that is authorised to represent a non-natural person with whom we have a contractual relationship.
-
Where it is necessary because of a legal obligation – if the law says you must, you must.
-
Where it is necessary in an emergency, to protect an individual’s vital interests’
-
Where it involves the exercise of a public function – i.e. most activities of most government local government and other public bodies.
-
Where necessary in our legitimate interests, as long as these are not outweighed by the interests of the individual.
How do we protect Personal Date?
Toomer Farm aim to protect your Personal Date, and complies with its obligations under the GDPR, by:
-
keeping Personal Date up tp date;only storing information in secure locations;
-
destroying information that is no longer relevant;
-
not collecting or retaining unnecessary or excessive amounts of date;
-
protecting Personal Date from loss, misuse, unauthorised access and disclosure;
-
ensuring that appropriate technical measures are in place to protect Personal Date.
-
ensuring that we undertake suitable due diligence checks on 3rd parties who have a legal basis for Processing Personal Date.
The summary, what is the GDPR and our Date Privacy Policy all about?
Please note that we have a legal obligation under GDPR, that we must notify any date breach to the controller without undue delay. Toomer Farm therefore has processes and procedures in place for identifying, reviewing and promptly reporting date reaches to the relevant controller.
The law requires that eight data protection principles are followed in the handling of personal date.
These are that personal date must be:
- Fairly, transparently and lawfully processed
- Obtained and processed for limited purposes and not in any manner incompatible with those purposes.
- Adequate, relevant and limited to only data that is necessary to perform the purpose for which it was obtained
- Accurate and up to daye.
- Not kept for longer than is necessary.
- Processed in accordance with the data subject’s rights
- Secure.
- Not transferred outside the EEA or between countries without adequate protection.
We are committed to following these principles and will be open and transparent about the purposes for which we will use your data.
What information do we collect?
We may collect, store and use the following kinds of personal information;
-
Agricultural, Accommodation and Equestrian Activities
-
Registration information relating to your visits and use of the facilities where we have a statutory or regulatory obligation;
-
Information about your computer and about your visits to and use of this website including your IP address, geographical location, browse type and version, operating system referral source, length of visit, page views, website navigation,
-
Information relating to any transactions carried out between you and us on or in relation to this website, including information relating to any purchases you make of our goods or services;
-
Information that you provide to us for the purpose of registering with us.
-
Information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters
-
Any other information that you choose to send to us
What do we use your personal information for?
Personal information submitted to us via this website will e used for the purposes specified in this privacy policy or in relevant parts of the website. We may use your personal information to;
-
administer the website;
-
improve your browsing experience by personalising the website;
-
enable your use of the services available via the website;
-
send statements and invoices to you, and collect payments from you;
-
send you general (non-marketing) commercial communications;
-
send you email notifications which you have specifically requested;
-
send to you [our newsletter and other] marketing communications relating to our business; you can inform us at any time if you no longer require marketing communications;
-
provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.
All out website financial transactions are handles through our payment services providers, Stripe – www.stripe.com. Pay pal at www.paypal.com Global payments at www.braintreeprivacypolicy.com
We may disclose information about you to any of our employees, officers, agents, suppliers or subcontractors in so far as reasonable necessary for the purposes as set out in this privacy policy. Please refer to the Data Privacy policies for any named companies set out below.
Booking.com; Laterooms.com; Eviivo & Equoevents
In addition, we may disclose your personal information;
-
to the extent that we are required to do so by law;
-
in connection with any legal proceedings or prospective legal proceedings;
-
in order to establish, exercise or defend our legal rights ( including providing information to others for the purposes of fraud prevention and reducing credit risk)
-
to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling; and
-
to any person who we reasonable believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information
Except as provided in this privacy policy, we will not provide your information to third parties.
Policy Amendments
We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes. We may also notify you of changes to our privacy policy by email.
Third party websites
The website contains links to other websites, we are not responsible for the privacy policies or practices of third party websites.
Updating information
Please let us know if the personal information which we hold about you needs to be corrected or updated.
Further processing?
If we wish to use your personal data for a new purpose not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
How long do we keep your personal data?
We keep your personal data for no longer than reasonably necessary however there are circumstances when we may retain Personal Data for longer period;
Special Categories or ‘Sensitive Data’
Due to the nature of the facilities and services provided by Toomer Farm, we may require you to provide us with certain special categories of information that are treated in law as being particularly sensitive ( e.g. information relating to your health). We will ask that you agree to us processing any Sensitive Personal information that you provide to us in accordance with this policy. This sensitive personal data will be required to ensure that your safety obligations, laws and regulations are fulfilled e.g. to ensure that whilst riding or being around horses after suffering from a relevant illness, disease, infection and/or having previously been in an ‘high risk’ environment or geographical location.
What are your rights?
Unless subject to an exemption under the GDPR, you have the following rights in respect of your personal data;
-
to request a copy of your personal data which we hold about you (Access);
-
to request that we correct any personal date if found to be inaccurate or out of date (Rectification)
-
to request your personal data is erased, unless there is a legitimate reason for us not to comply (we will always provide you with more details about your Rights in our response to your request) (Erasure – ‘Right to be forgotten’);
-
to transmit that data directly to another data controller, (Portability);
-
to lodge a complaint with the information Commissioners Office.
Provision of such information will be subject to:
a) the payment of a fee (currently fixed at £10.00): and
b) the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of the utility ill showing your current address)
-
We may withhold such personal information to the extent permitted by law.
-
You may instruct us not to process your personal information for marketing purposes by email at any time. In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt-out of the use of our personal information for marketing purposes.
If you wish to exercise any of your rights, please see our ‘Contact Details’ section below
Contact Details
To exercise all relevant rights, queries or complaints please contact us;
Email: toomerfarm@hotmail.co.uk
Phone: 01963250237
Post: Toomer Farm, Henstridge, Somerset BA8 0PH
You can also contact the Information Commissioners Office on 03031231113 or via email https/ico.org.uk/global/contact-us/email/ or at the information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
|