Visit Nunney is a Community Interest Company (CIC), registered in England and Wales (Company No. 09197083) and regulated by the Office of the Regulator of Community Interest Companies.
Visit Nunney believes in protecting the personal information that you provide us with. We are committed to complying with the following seven principles:
- What personal information we collect about you;
- Who is collecting this personal information;
- How the information we collect about you is used;
- With whom might the information will be shared;
- What choices we provide you with regarding the collection use and distribution of the information;
- The kind of security procedures that are in place to protect the loss, misuse or alteration of information under our control;
- How you can correct any inaccuracies in the information.
Visit Nunney and GDPR compliance
The European Union’s (EU) General Data Protection Regulation (GDPR) is a sweeping new EU law that comes into effect on 25 May 2018. The GDPR harmonises data privacy laws across the EU and mandates how companies collect, store, delete, modify and otherwise process personal data of EU citizens. Despite Brexit, the UK is committed to stay compliant with the GDPR.
Visit Nunney is committed to making sure our website and email services GDPR compliant and will continue to monitor new guidance on best practices even after the 25 May 2018 effective date. We have taken these new requirements to heart and made changes to our website, equipment and policies. Our officers and volunteers have received training on the GDPR and data protection.
- We collect and process personal information from you at various stages throughout our website, for reasons including answering your enquiries, ensuring that content from our site is presented in the most effective manner for you and for your computer, to notify you about changes to our websites (including services and products), providing you with quotations, and carrying out our obligations from any contracts entered into between you and us. We also collect and process details of your visits to our site and the resources that you access.
- At each stage, you will be able to see what information we ask from you, such as your name and contact details, and information relating to your specific enquiry. If you contact us otherwise than via our website, we may keep a record of that correspondence.
- In addition, we use Google Analytics and other web analytics services to collect and process anonymous data on site visits, page impressions, duration of visits, IP geolocation, searches and other statistical data without identifying individual visitors. We reserve the right to share these anonymous visitor statistics with you and third parties.
- Visit Nunney is the Data Controller that collects information about you. Jeremy Gaunt, Company Secretary, is Visit Nunney’s Data Protection Officer.
- The information we collect about you is used solely for the purposes for which it was provided. We will only use it for additional purposes (such as marketing) if we have received your prior consent to do so.
- The information you provide us with may be shared with employees in order to deal with your enquiry or request.
- We will not share your information with any third parties other than when we are legally obliged to do so, such as for fraud prevention purposes.
- It is entirely up to you as to whether or not you choose to provide us with any personal information. If you choose not to, we simply may not be able to assist you.
- Under the Data Protection Act 1998 you have the right, for a fee, to ask us for a copy of the information we hold on you, and to have any inaccuracies corrected or removed.
- To do this, either contact us by email, telephone us on 01373 836 949, or write to us at:
Visit Nunney CIC
Attn.: Jeremy Gaunt, Data Protection Officer
Somerset BA11 4LW
We may disclose your personal information to third parties
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Visit Nunney assets are acquired by a third party, in which case personal data held by it about its clients will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions (as defined below) and other agreements; or to protect the rights, property, or safety of Visit Nunney, our clients, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Where we store your personal data
All of Visit Nunney’s Internet-connected equipment is encrypted, including desktop PCs, laptops and mobile phones. This means that personal data on it is safe, even if the PC, laptop or mobile phone gets lost or stolen.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Visit Nunney uses Cloudflare, a GDPR compliant cloud service based outside the European Union and the European Economic Area (EEA), to process data. In the event of vendors handling personal data on our behalf a data processing addendum covering our use of Cloudflare service and GDPR compliance is available at request.
Cloudflare shall, in accordance with EU Data Protection Laws, make available to the Customer such information in Cloudflare’s possession or control as the Customer may reasonably request with a view to demonstrating Cloudflare’s compliance with the obligations of data processors under EU Data Protection Law in relation to its processing of Personal Data.
Where and to the extent that Cloudflare processes data which is defined as ‘personal data’ under EU Data Protection Laws as a data controller as set out in Cloudflare Privacy & Security Policy available at https://www.cloudflare.com/security-policy/, Cloudflare will comply with applicable EU Data Protection Laws in respect of that processing.
Visit Nunney uses security software to encode any email address displayed on this website to prevent spam. This prevents the email address owner from being added into a spam list by spam crawlers searching the web for unsecured mail addresses.
In addition, we use encryption and anti-virus software to ensure that all our emails are secure.
Types of cookies used
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
An updated list of all cookies we use on the Visit Nunney website and why is available at request.
IP addresses and cookies
- We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration.
- A cookie is a piece of information that is stored on your computer’s hard drive which records how you have used a website. This means that when you go back to that website, it can give you tailored options based on the information it has stored about your last visit.
- For information about how to disable cookies in your browser please visit the AboutCookies website.
In the event of any data breach, we will report certain types of data breaches to the relevant authorities and, in some cases, inform you if you are affected by the breach as well.
Concerns or queries
- You the right to access any personal data that we store about you. This is provided free of charge. You also have the right to ask us to delete your personal data held by us.
Last updated: 29 April 2018