The Granary, Larkbeare Grange (“we”, “us”) is committed to protecting and respecting your privacy.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
The General Data Protection Regulation (GDPR) is part of new legislation designed to update and expand the Data Protection Act 1998. For the purposes of the Data Protection Act 1998 (the Act), the data controller is Larkbeare Grange. Our nominated representatives for the purpose of the Act are Charlie and Julia Hutchings.
Telephone: 01404 822069
Mail: Larkbeare Grange, Talaton, Exeter, Devon EX5 2RY
Collection of your personal data
When you subscribe to an email alert or newsletter service we collect:
Your name, email address, subscription preferences and any other information you choose to provide to us;
We may also collect information about how you use our emails – for example whether you open them and which links you click on and details of which version of web browser you are using;
Information on how you use the site, using cookies and page tagging techniques.
Use of your personal data
The lawful basis for collecting and using the personal data will depend on the specific context in which we collect it.
However, we will normally collect personal data from you only:
Where we have your consent to do so;
Where the processing is in our legitimate interests and not overridden by your rights.
Details about the lawful bases for processing personal data can be found on the Information Commissioner’s website.
Storage and retention of your personal data
We will retain your personal data for as long as is necessary for the purpose it was collected.
In most cases, if you have subscribed to an email alert or subscription service, we will keep your personal data for as long as you are subscribed to that service and delete that data once you have requested to be removed.
CCTV – recordings are automatically deleted after six weeks.
Any payment transactions will be encrypted using SSL technology and we are PCI DSS compliant.
Disclosure and security of your personal data
We will never disclose your personal data to third parties unless required to do so by law.
All personal data you provide to us will be stored securely, both physically and electronically, in accordance with our policies.
We use Mail Chimp to manage subscription lists, preferences and send emails.
Mail Chimp has staff based outside the European Economic Area and stores your data in the US. Mail Chimp is certified under the EU-US Privacy Shield framework.
We will ensure you can exercise your rights in relation to the personal data you provide to us. These are as follows:
Where we are relying on your consent to use your personal data, you can withdraw that consent or unsubscribe from our services at any time.
You can request access to the personal data we hold about you at any time by contacting the Data Protection Officers whose contact details are found at the top of this notice.
You can ask us to update your personal data if it changes. In certain circumstances, you can request we erase the personal data we hold, or ask us to stop or restrict processing if you have an objection.
If you have any privacy-related questions or unresolved problems relating to the use of your personal data, you may contact the Data Protection Officers whose details are found at the top of this notice.
You also have the right to complain to the Information Commissioner’s Office, the supervisory authority, about our collection and use of your personal data. They can be contacted at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, www.ico.org.uk.
Further details about your rights and the complaints process can be found on the Information Commissioner’s website.