The Fyne Den Privacy Policy

1. Introduction

We operate this Privacy and Cookies Policy because we are committed to safeguarding the privacy of those using our website (www.thefyneden.com) and the confidentiality of any information that we collect about you. 

This Privacy and Cookies Policy sets out how we will use any personal data that we may obtain from you.  If we change any of the terms of our Privacy and Cookies Policy we will post the revised policy on our website behind the “Privacy, Terms and Cookies Policy” link at the bottom of each page.

Whenever you submit your information to us, whether it be by using our website, by email, over the telephone, in person or by any other means, we will collect and use of such information in accordance with the terms of this Privacy and Cookies Policy.  We are committed to ensuring that all personal data we hold is treated properly and in accordance with applicable data protection legislation.  In accordance with data protection legislation, we are required to explain to you how we will treat any personal data which we collect from or about you.

 

2. Who are we?

We are Cairndow Community Childcare.  We are a registered charity in Scotland  (number SCO 36216, Co. SC27612) whose main trading address is The Fyne Den (the attraction), Cairndow, Argyll PA268BL.  We are the data controller in respect of all personal data collected via our website

 

3. What information do we collect about you?

You may give us information about you:

• when you contact us by any means (including via the website, over the phone, by email or by post) with queries, complaints etc.;
• when you set up an account on our website;
• when you make a booking or purchase a ticket to enter The Fyne Den adventure play attraction, book a party or event, or become a member of The Den;
• when you engage with us on social media;
• when you choose to complete any surveys we send you;
• when you comment on or review any of our products, services or the Adventure Zone;
• when you subscribe to our mailing list;
• when you fill in any forms (for example, if you are involved in an accident at The Fyne Den;
• when you enter The Fyne Den (which has CCTV systems in operation which will record your image);
• when we create and validate your membership card;
• when you agree to be photographed at the Attraction;
• when you take part in a prize draw or competition;
• when you’ve given a third party permission to share with us the information they hold about you (for example, pursuant to a third party prize draw, competition or survey).

 

4. What information do we collect about you?

The information we may collect, use, store and transfer about you includes the following:

• name, username or similar identifier (such as social media username), photograph, title, date of birth and gender (“Identity Data”);
• delivery address, billing address, email address and telephone number(s) (“Contact Data”);
• bank account and credit/debit card information (“Financial Data”);
• details of your interactions with us, including interactions through our website, by telephone, email, in person and through social media (“Transaction Data”).  For example, information regarding your order history and logs of any complaints or comments you make; 
• your preferences in receiving marketing from us and your communication preferences (“Marketing Data”);
• information regarding any accident you have been involved in at the Attraction or any health information that we need to be aware of with regard to any services you have asked us to provide (“Health Data”) and
• your comments and product reviews.

We may also automatically collect data about you such as internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website (“Technical Data”) as you interact with our website.  We collect Technical data by using cookies and other similar technologies.  Please refer to section 12 for further information regarding the cookies used on our website.

 

5. How and why do we collect information about you?

We have set out below a description of how and why we may use personal data you give us and which of the legal bases we rely on to do so.  Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.  Please contact us by emailing us at info@thefyneden.com if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

 

Purpose/Activity	Type of Data	Lawful basis for processing
To set up an account on our website	(a) Identity Data; (b) Contact Data; (c) Financial Data; (d) Marketing Data.	Necessary for our legitimate interests (in order that we can provide you with the best customer experience and ensure that you can easily access your information and obtain tickets to the Attraction); (c) Consent (in respect of your marketing preferences).
To process any orders you make including: (a) Manage payments, fees and charges; (b) Collect and recover money owed to us.	(a) Identity Data; (b) Contact Data; (c) Financial Data; (d) Transaction Data.	(a) Performance of a contract with you; (b) Necessary for our legitimate interests (to recover debts due to us).
In respect of “Friends of the Den” - to create your membership card and provide updates in relation to your membership.	(a) Identity Data; (b) Contact Data.	Necessary for our legitimate interests (in order that we can authorise your entrance to the Attraction as a Friend of the Den and provide updates to you in relation to your membership).
To respond to an enquiry made by you (whether via the website, over the phone, by email, social media or by post).  We may also keep a record of our communications with you to inform any future communication we have with you and to demonstrate how we communicated with you throughout.	(a) Identity Data; (b) Contact Data; (c) Transaction Data.	Necessary for our legitimate interests (to respond to your enquiry and provide you with the information requested regarding our business and the Attraction).
To provide you with marketing information regarding the Attraction.	(a) Identity Data; (b) Contact Data; (c) Marketing Data.	(a) Consent; (b) Legitimate Interests (where legally permitted to do so in order to promote our business and the Attraction - for example, we may use your address details to send you direct personalised marketing information by post telling you about events happening at the Attraction that might be of interest to you).   If you decide that you do not wish to receive such mailings please see section 7 below.
To enable you to partake in a prize draw, competition or complete a survey (survey messages will not contain any promotional content and do not require prior consent).	(a) Identity Data; (b) Contact Data; (c) Marketing Data.	(a) Performance of a contract with you; (b) Necessary for our legitimate interests (to study how customers use the Attraction and to grow our business).
To log, report and respond to any incidents that have happened at the Attraction and to make staff aware of any safeguarding matters in relation to any children attending the Attraction.	(a) Identity Data; (b) Contact Data; (c) Health Data.	(a) Compliance with a legal obligation; (b) Explicit consent; (c) Vital interests.
To send communications required by law or which are necessary to inform you about our changes to the services we provide you.  For example, updates to this Privacy Policy.	(a) Identity Data; (b) Contact data.	Necessary to comply with a legal obligation.
To administer and protect our business and our website from fraud and other illegal activities (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).	(a) Identity Data; (b) Contact Data; (c) Financial Data; (d) Technical Data.	(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise); (b) Necessary to comply with a legal obligation.
To use data analytics to improve our website, customer relationships and experiences.	Technical Data	Necessary for our legitimate interests (to define types of customers for the Attraction, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).
To record customers and staff at the Attraction using our CCTV system.	Identity Data	Necessary for our legitimate interests (to protect our business from crime; ensure the safety of our customers and staff; to support law enforcement bodies in the prevention, detection and prosecution of crime; to assist in day-to-day management; to assist in the effective resolution of disputes and for insurance purposes).
To take photographs of events taking place at and in relation to the Attraction.	Identity Data	Consent.
To consider you for a vacancy.	(a) Identity Data (b) Contract Data (c) Information contained within your CV and application form.	Legitimate interests (to run and improve our business).

 

If we require your information for the purposes of performing a contract with you and you fail to provide this information, or if the information you provide is not accurate, we may not be able to perform the contract we have or are trying to enter into with you.

You warrant that any information you supply to us is accurate and up to date, that you will inform us if any such information requires updating, and that if you submit a third party’s details to us you have that third party’s permission to do so.

We will not sell any of your personal data to any third party. 

 

6. Who do we share your personal data with?

We may share personal data about you:

• with third parties who are directly involved in dealing with any request or enquiry made or order placed by you;
• with service providers acting as processors who provide IT and system administration services;
• where such disclosure is required by law;
• with third parties who are providing us with professional advice;
• where the disclosure is in connection with any criminal investigation, legal proceedings or prospective legal proceedings where permitted by law;
• where the disclosure is in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
• where we are required to enforce our Terms and Conditions of Sale or our Terms of Use; 
• where we have stated or informed you otherwise (e.g. in this policy or on our website); or
• if you receive goods or services which involve the goods and services of a third party we will pass information about you to the supplier so that it can provide you with these goods or services and any associated services which we ask it to provide.

We will not pass on your information to any third party for the purpose of marketing.   

We may also disclose your personal data to third parties in the event that we sell or buy any business or assets (in which case we may disclose your personal data to the prospective seller or buyer of such business or assets) or if we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our clients and subscribers will be one of the transferred assets.

 

7. How do you stop marketing information being sent to you?

You can ask that marketing information is no longer sent to you by emailing us at info@thefyneden.com , or by writing to us at Cairndow Community Childcare, The Fyne Den, Cairndow, Argyll PA268BL or by clicking on the appropriate link in the footer of any of our marketing emails.  It may take up to 14 working days to remove you from our marketing lists.

 

8. Security and International Transfers

We will take all reasonable steps to protect your personal data.  However, the Internet is global and no data transmitted via the Internet can be guaranteed by us to be completely secure during transmission.  We cannot guarantee the security of any data that you disclose online and we will not be responsible for any breach of security unless this is due to our negligence or wilful default. 

Our website is hosted in the UK and all data provided to us is stored within our servers located in the UK or the European Economic Area (“EEA”).  Sometimes we may need to transfer personal data we collect from you to third-party data processors in countries that are outside the EEA - for example, this might be required in order to fulfil your order, process your payment details or provide support services.  If we do this, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• The transfer is to a third party located in a country that has been deemed to provide an adequate level of protection for personal data by the European Commission. 
• The transfer is subject to use of a contract approved by the European Commission which gives personal data the same protection it has in Europe. 
• The transfer is to a third party based in the US which is part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

In the absence of an adequacy decision in respect of the relevant country, or appropriate safeguards as detailed above, we will not transfer your personal data outside of the EEA unless we have a lawful basis for doing so (for example, because you have explicitly consented to the proposed transfer).

 

9. What are your rights?

If we are sending marketing materials to you by any means, you may ask us to stop sending such marketing materials at any time.  Please see section 7 above for further information on how to do this.

You have a legal right to see a copy of the personal data that we keep about you, subject to certain exemptions.  Requests for such information should be made by email to info@thefyneden.com 

In some circumstances you may also have a right to:

• rectify or erase any personal data we hold about you;
• restrict our processing of your personal data;
• object to us processing your personal data (for example, where we are processing your personal data based on our legitimate interests, you can ask us to stop processing your personal data.  We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data);
• data portability in respect of your personal data.

In accordance with applicable data protection legislation, we follow security procedures when we process your personal data.  We may therefore request proof of your identity before disclosing certain information to you or acting on any requests pursuant to this section 9.

Please contact us at the above address if you have any reason to believe that information we hold about you is inaccurate.

 

10. How do we use CCTV?

We use CCTV cameras to view and record individuals on and around the Attraction.  We have considered alternatives to using CCTV, such as additional regular inspections of the Attraction, but have concluded that such alternatives would be less effective and more costly.  In particular, there are situations which will require a rapid response if there is a risk to customer or staff security.  CCTV is the best way for us to achieve this.

Camera locations are chosen to minimise viewing of spaces not relevant to the legitimate purpose of the monitoring.  The CCTV cameras will not be used to record sound.  Only authorised personnel have routine access to live and recorded images generated by the CCTV cameras.  Such authorised personnel will be given appropriate training to ensure they understand and observe the legal requirements related to the processing of relevant data.

In the event of there being any damage, theft or trespass or any other criminal activity or alleged criminal activity affecting the Attraction, recorded images will be provided to law enforcement authorities where appropriate.  Images will not be used or released for any commercial or entertainment purpose.

The CCTV camera’s monitoring and control equipment is located securely at the Attraction and all images recorded using the system will be held for 30 days and then deleted automatically.  If any images are provided to law enforcement authorities, this shall be achieved by providing an electronic copy of the recording to the relevant authority.

All requests for access to images recorded using our CCTV system should be made in writing in accordance with section 9 above.  In order for us to locate relevant footage, any requests for copies of recorded CCTV images must include the date and time of the recording, the location where the footage was captured and, if necessary, information identifying the individual.

We will ensure that the ongoing use of existing CCTV cameras as set out above is reviewed periodically to ensure that their use remains necessary and appropriate, and that any surveillance system is continuing to address the needs that justified its introduction.

 

11. How long do we retain your personal data?

We only retain your personal data for as long as we need it for the purpose for which is was collected.  Whilst taking in to consideration our legal obligations, we will on an ongoing basis: review the length of time we retain your personal data; consider the purpose or purposes for which we hold your personal data for in deciding whether (and for how long) to retain it; securely delete your personal data if it is no longer needed for such purpose or purposes; and update, archive or securely delete your personal data if it goes out of date.  Specific retention periods are set out below.  For further information on how long we retain your personal data please contact info@thefyneden.com

• Photographs obtained of events taking place at and in relation to the Attraction will be deleted if they are not used or if you withdraw your consent.

 

12. Cookies

Our website uses “cookies” to ensure you receive the best possible visitor experience.  Cookies are small files which are sent by a web server to an individual’s computer which are then stored on that computer’s hard drive.  A cookie contains text, and is like an identification card which can only be translated by the server it originated from.

Cookies cannot tell us information such as your email address, which we can only collect where you tell us, for example if you submit an enquiry to us.

Our website uses the following cookies for the following purposes:

 

Cookie Name	Cookie Description
Google Analytics	These cookies are used to collect information about how visitors use our website.  We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited.    Read Google's overview of privacy and safeguarding data

 

Cookies

 

First-Party Cookies

Strictly Necessary
Cookie name		Duration	Purpose
ForceFlashSite		Session	When viewing a mobile site (old mobile under m.domain.com) it will force the server to display the non-mobile version and avoid redirecting to the mobile site
hs		Session	Security
smSession		Persistent (Two days or two weeks)	Identifies logged in site members
XSRF-TOKEN		Session	Security
Functionality
Cookie name	Duration		Purpose
svSession	Persistent (Two years)		Identifies unique visitors and tracks a visitor’s sessions on a site
SSR-caching	Session		Indicates how a site was rendered.
smSession	Persistent (Two weeks)		Identifies logged in site members

Third-Party Cookies

Functionality
Cookie name	Duration	Purpose
TS*	Session	Security
TS01*******	Session	Security
TSxxxxxxxx (where x is replaced with a random series of numbers and letters)	Session	Security
TSxxxxxxxx_d (where x is replaced with a random series of numbers and letters)	Session	Security

 

 

Most internet browsers allow you to prevent cookies being stored on your computer.  Alternatively, you may be able to configure your browser to accept all cookies or to notify you when a cookie is offered by our server.  You may also be able to delete all cookies currently stored on your web browser.

Therefore, unless you change your browser settings you will automatically accept cookies from our website.

We may also collect information about where you are on the Internet (e.g. the URL you came from, IP address, and domain types like .co.uk and .com), your browser type, the country where your computer is located, the pages of our website that were viewed during your visit and any search terms that you entered on our website.  We will use this information to administer our website, for internal operations (including troubleshooting, data analysis, testing, research, statistical and survey purposes) and as part of our efforts to keep our website safe and secure.

 

For further information about cookies and how they are used, please visit www.aboutcookies.org.

 

13. What about third party websites that you can access via our website?

Our website contains links to other websites which are outside our control and are not covered by this Privacy and Cookies Policy.  If you access other websites using the links provided, the operators of those websites may collect personal data from you which will be used in accordance with their respective privacy policies which you should read.  We are not liable for the practices of such third party website operators in respect of your personal data.

You acknowledge that any information that you post using our social media facilities will be viewable by anybody who visits those websites and that such information is also subject to the relevant provider’s privacy policy.  You are advised to consult each such privacy policy to see how they will use your data.

 

14. What if I want to complain about how you are handling my information?

You have the right to lodge a complaint with the ICO if you have any concerns with regard to the way in which we process your personal data.  We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.  You can contact us by emailing us at info@thefyneden.com or by writing to Cairndow Community Childcare, The Fyne Den, Cairndow, Argyll PA268BL.

 

DigiTickets Privacy Policy

Who we are

In this privacy policy references to "we", "us" and "our" are to The Fyne Den. References to "our Website" or "the Website" are to thefyneden.digitickets.co.uk.

Information collected and its use

The information we collect via the Website may include:

1. Any personal details you knowingly provide us with through forms and our email, such as name, address, telephone number etc.
2. In order to effectively process credit or debit card transactions it may be necessary for the bank or card processing agency to verify your personal details for authorisation outside the European Economic Area (EEA). Such information will not be transferred out of the EEA for any other purpose.
3. Your preferences and use of email updates, recorded by emails we send you (if you select to receive email updates on products and offers).
4. Your IP Address, this is a string of numbers unique to your computer that is recorded by our web server when you request any page or component on the Website. This information is used to monitor your usage of the Website.
5. Information about your device such as your web browser, screen resolution and operating system. This information is used to ensure we continue to support the different devices used by our customers.
6. Data recorded by the Website which allows us to recognise you and your preferred settings, this saves you from re-entering information on return visits to the site. Such data is recorded locally on your computer through the use of cookies. Most browsers can be programmed to reject, or warn you before downloading cookies, information regarding this may be found in your browsers 'help' facility.

We do not store any credit card details.

What we do with your information

Any personal information we collect from this website will be used in accordance with the Data Protection Act 1998 and other applicable laws. The details we collect will be used:

1. To process your order, to provide after sales service (we may pass your details to another organisation to supply/deliver products or services you have purchased and/or to provide after-sales service);
2. In certain cases we may use your email address to send you information on our other products and services. In such a case you will be offered the option to opt in/out before completing your purchase.

We may need to pass the information we collect to other companies for administrative purposes. We may use third parties to carry out certain activities, such as processing and sorting data, monitoring how customers use the Website and issuing our e-mails for us. Third parties will not be allowed to use your personal information for their own purposes.

Cookie Policy

Like many websites we use cookies to store and then retrieve small bits of information on your computer when you visit. This information is used to make the site work as you expect it to. It is not personally identifiable to you, but it can be used to give you a more personalised web experience.

Some of the information stored is put there by other companies whose software we have added to the site, and this can also impact your experience of other websites you may visit after leaving ours.

If you continue to use this site without taking action to prevent the storage of this information, you are effectively agreeing to this use.

If you want to learn more about the general uses of cookies, including how to stop them being stored by your computer, please visit Cookiepedia - all about cookies.

Below is a list of the different types of cookies used on this site, and an explanation of what they are used for. If you would like any more information, please get in touch.

Cookie	Name	Expiration Time	Purpose
Shopping Basket	PHPSESSID	24 minutes	This cookie is used to keep track of what items are in a user's shopping basket.
Cookie Consent	dtAnalyticsConsent	1 year	This cookie is used to monitor the users consent for analytical cookies on our site. No user data is collected without this being enabled.
Google Analytics	_ga _ga_container-id	2 years	These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Read Google's overview of privacy and safeguarding data
	_gid	24 hours
	_gat_tracker-name	1 minute
Microsoft Clarity	_clck	1 year	These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site and how they interact with the website. Read Microsoft Clarity's Cookie Overview and Data Retention Policy.
	_clsk	1 year
	CLID	1 year
	ANONCHK	1 year
	MR	1 year
	MUID	1 year
	SM	1 year
New Relic	__cfduid	1 year	This cookie is used to collect information about visitor's experience of the site in terms of performance. This helps us to monitor that our systems are working quickly and effectively, and to identify any problematic areas. Visit the New Relic website

Your Rights

You have the right to request a copy of any information that we currently hold about you. In order to receive such information please send your contact details including address to the following address:
The Fyne Den
The Fyne Den Cairndow Argyll
PA268BL

Other websites

This privacy policy only covers this website. Any other websites which may be linked to by our website are subject to their own policy, which may differ from ours.