Skip to main content

Privacy Policy

ENGLISH

Privacy Policy

Arran Development Trust

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by [the General Data Protection Regulation 2016/679 (the “GDPR”)

The Arran Development Trust is the data controller. This means it decides how your personal data is processed and for what purposes.

If after reviewing this policy, you have any questions or privacy concerns please send an e-mail to: This email address is being protected from spambots. You need JavaScript enabled to view it. or write to:

Operations Director

Arran Development Trust

c/o Visitor Information Centre

Brodick
Isle of Arran

KA27 8AU

 

How do we process your personal data?

  • Arran Development Trust complies with its obligations under the GDPR by keeping personal data up to date.
  • by storing and destroying it securely; by not collecting or retaining excessive amounts of data.
  • by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
  • The Arran Development Trust use your personal data for the following purposes:

 

  • To fundraise and promote the interests of the ADT
  • To manage the ADT employees and contractors.
  • To maintain the ADT accounts and records.
  • To operate the ADT website (DiscoverArran) and deliver the services individuals have requested.
  • To inform individuals of news, events, activities or services organised by the ADT.
  • To contact individuals via surveys to conduct research about their opinions of current services or of potential new services which may be offered. 
  • We collect personal information which you choose to provide:
  • when you make an enquiry online, by email or by phone.

  

What type of information is collected from you?

 

  • If you join the ADT as a member, we will ask for your name and contact details.

 

What is the legal basis for processing your personal data?

Under data protection law, we can only use your personal information if we have a proper reason for doing so. To use your personal information, we rely on the following legal bases:

  • you have given consent to the processing of your data for one or more specific purposes.
  • processing is necessary for compliance with a legal obligation to which the ADT is subject.
  • processing is necessary to protect your vital interests, or the vital interests of another individual; and
  • processing is necessary for the purpose of the legitimate business purposes pursued by the ADT:
  • Directly marketing to you as a member of the

 

We may use your information to:

  • seek your views or comments on the services the ADT
  • notify you of changes to the ADT work and services.
  • send you communications which you have requested or that we think may be of interest to you. These may include information about news, offers, new facilities or special events.
  • record your interactions with the ADT to provide tailored responses/experiences to you and improve the ADT

If you do not provide the personal information we ask for, it may delay or prevent the ADT from providing the services/response you have requested.


Sharing your personal data

Your personal data will be treated as strictly confidential, and will be shared only with:

  • Third Party Service Providers working on our behalf:we may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of providing services to you on the ADT’s However, when the ADT use third party service providers, we disclose only the personal information that is necessary to deliver the service and we ensure appropriate safeguards are in place that requires them to keep your information secure, in accordance with data protection laws, and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties beyond our approved suppliers, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
  • Law Enforcement/Regulatory Bodies: we may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

We will not share your personal information with any other third party.

How long do we keep your personal data?

We will hold your personal information on our systems only for as long as is necessary for the relevant activity. We are legally required to hold some types of information to fulfil our legal obligations (e.g., financial record keeping).

We use the following criteria to determine how long to retain your personal data:

  • Membership Contact Details – Ongoing whilst membership continues.
  • Information to fulfil our legal obligations (e.g., financial record keeping) – 7 years

Your rights and your personal data

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -

  • The right to request a copy of your personal data which the ADT holds about you.
  • The right to request that the ADT corrects any personal data if it is found to be inaccurate or out of date.
  • The right to request your personal data is erased where it is no longer necessary for the ADT to retain such data.
  • The right to request that ADT provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability).
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing.
  • The right to lodge a complaint with the Information Commissioners Office. (ICO website - https://ico.org.uk/ ICO helpline - 0303 123 1113)

 

Further processing

 

If the ADT wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

Where and whenever necessary, we will seek your prior consent to the new processing.

Security precautions in place to protect the loss, misuse or alteration of your Personal Information

  • When you give us personal information, we take steps to ensure that it is treated confidentially and held securely.
  • Once we have collected your information, we make our best effort to ensure its security on our systems and in physical form. Where data is stored electronically, we take steps to ensure your information is accessed only by those who need it.

If you are not using Microsoft Windows Explorer, then you should select ‘cookies’ in the ‘Help’ function for information on where to find your cookie folder.

Links to other websites

Our website may contain links to other websites. This Policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.

Review of this Policy

We keep this Policy under regular review. This Policy was last updated in May 2022.