We will use the information that we collect about you in accordance with:
The Data Protection Act 1998 as amended by the Data Protection Bill
The Privacy and Electronic Communications (EC Directive) Regulations 2003
The EU General Data Protection Regulation (Regulation EU 2016/679), (‘GDPR’)
Under the Data Protection Legislation, all organisations which handle personal information must comply with a number of important principles regarding the privacy and disclosure of this information.
We believe that the lawful and correct treatment of personal information is critical to our business operating successfully. We recognise that to maintain our professional reputation and integrity, we must be fully compliant with this legislation. Principus Studios Ltd, which wholly owns Writer’s Retreat UK is registered with the Information Commissioner’s Office.
By providing us with your data, you warrant to us that you are over 13 years of age.
1. Your personal data – what is it?
Personal data means information relating to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).
2. Who are we?
Writer’s Retreat UK is wholly owned and operated by Principus Studios Ltd, which is registered in England and Wales, as a private limited company, registration number: 09339033.
3. What information do we collect or keep?
We may collect the following information about you when you register with us, book on one of our retreats, buy any of our products, make use of your user account on our system or take part in any of our competitions:
Identity data: includes title, first name, last name, gender, age.
Contact data: includes billing address, email address and telephone number.
Marketing and Communications data includes your preferences in receiving marketing from us and your communication preferences, details of emails we have sent them and how you have engaged with them, feedback you have given us, communications you sent to Writer’s Retreat UK, how you heard about us, survey responses you have completed and any competition entries you have submitted. This helps us to manage our relationship with you and ensures you only receive communications from us that are relevant and timely.
Event data including events you have been invited to and whether you attended.
Booking data includes dietary and accessibility requirements and past bookings.
Financial data includes credit and/or debit card details and payment details (collected by PayPal and not retained by us).
Transaction data includes details about payments to and from you and other details of products and services you have purchased from us.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.
Profile Data includes your username and password when you create an account for use on our cloud-based system.
Special Personal Data
We may collect some special personal data, such as information about your health or medical conditions, so we can cater for people with disabilities.
4. When do we collect data?
We collect data, which may include personal information, when you:
- visit our website
- contact us via email, telephone, post, live chat or contact forms
- register with us
- book a place on a retreat
- place an order for any of our products or services
- complete our customer surveys
- provide us with feedback
- participate in a Writer’s Retreat UK competition
5. How will we use the information about you?
We will process your personal data:
As necessary to perform our contract with you and to keep our records up to date.
As necessary for our own legitimate interests; to process your order, manage your account, understand your needs, provide you with a better service and in particular for the following reasons:
- Internal record keeping – this may include the secure holding of data with third-party organisations who provide us with services.
- To improve our retreats.
- To provide you with relevant and timely information about the work we do
As necessary to comply with a legal obligation e.g. when you exercise your rights under data protection law and make requests; for compliance with legal and regulatory disclosures, for establishment and defence of legal rights; to verify your identity and where anti-money laundering checks are required. We may process your personal data without your knowledge or consent where this is required or permitted by law.
We will ensure our own legitimate interests do not override your own interests and fundamental rights.Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by emailing us at firstname.lastname@example.org.
6. Disclosures of your personal data
We will not transfer your personal data to any third-party organisation. We do not transfer your personal data outside the European Economic Area (EEA). We will not sell, distribute or lease your personal information to third parties unless we are required by law to do so.
7. Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with this original purpose. If you wish to find out more about how the processing for the new purpose is compatible with the original purpose, please contact email@example.com.
If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing.
8. How will we keep your personal information secure?
We have taken appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents and contractors who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have implemented procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. We comply with our obligations under the “GDPR” by:
- keeping personal data up to date
- storing and destroying it securely
- not collecting or retaining excessive amounts of data
- protecting personal data from loss, misuse, unauthorised access and disclosure
- ensuring that appropriate technical measures are in place to protect personal data
9. How will we communicate with you?
If you have chosen to receive them, we may periodically send emails or printed materials to tell you about our retreats, activities, competitions and products. You can unsubscribe from these communications at any time at the footer of the email, or by editing your mailing preferences in your user account.
If you have booked on a retreat with WRiter’s Retreat UK we may send you occasional emails with news of other retreats we are offering, as we consider this legitimate interest. We will only do this for two calendar years after your last retreat attendance.
10. Links to other websites
11. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
The right to request a copy of your personal data which Writer’s Retreat UK holds about you.
If you would like a copy of the information held on you please contact us at firstname.lastname@example.org and we will send the personal data we hold about you.
The right to request that Writer’s Retreat UK corrects any personal data if it is found to be inaccurate or out of date.
If you believe that any information we are holding on you is incorrect or incomplete, please contact us at email@example.com and we will promptly correct any information found to be incorrect.
The right to request that your personal data is erased where it is no longer necessary.
Please contact us if you would like your personal data erased and we will do so promptly, unless we have a contractual or legal requirement to keep the data.
The right to withdraw your consent to the processing at any time.
If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at firstname.lastname@example.org, or by clicking the ‘unsubscribe’ link at the footer of the email or you can edit your mailing preferences within your user account.
The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing.
The right to object to the processing of personal data.
You can see more about these rights at: ico.org.uk
If you wish to exercise any of the rights set out above, please contact email@example.com. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). We may, however, charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
12. How long will we keep your information?
We will keep your information only for as long as is reasonably necessary for the purposes set out in this privacy notice and to fulfil our legal obligations. We will not keep more information than we need. The retention period will vary according to the purpose, for example:
- We will keep your contact details and booking records indefinitely, unless you ask us to remove your details, in order that we can maintain our alumni records.
- If you request that we stop sending direct marketing communications to you, we will keep the minimum amount of information (e.g. name, address or email address) to ensure we adhere to such requests.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We are for tax purposes legally required to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for five years after they cease being customers.
In some circumstances you can ask us to delete your data: see above for further information.
13. How to contact us
0845 519 8115
Writer’s Retreat UK, Manor Farm, South End Lane, Balne, N Yorkshire. DN14 0EQ.
15. Updates or Changes to the Privacy Notice and Further Information