Privacy Policy
Super Star Sport UK Privacy Statement
The Purpose of this privacy statement is to explain, in general terms, how Super Star Sport (SSS) processes your personal data from the moment it is collected to the point it is deleted or destroyed. It is written for anyone who is making an enquiry about one of SSS’s services or making a booking for a course. Other ‘specific to customer’ privacy notices will be provided when needed.
The personal data processed by SSS will only be basic contact information such as names, addresses, telephone numbers and an email address to be able to respond to your query. If you are booking a course for a child, SSS will need additional information about the child which will include health related data, sufficient to complete the booking. SSS will also collect minimal financial details for the purposes of recognising payments for activities.
The way we collect or receive your personal data is directly from you when you make your initial enquiry either through the web page contact form, a direct call, by email or the result of a visit to our premises.
SSS’s duty of confidentiality means that SSS staff will treat your personal data in confidence. SSS uses reasonable technical and organisational measures to ensure personal data is safe guarded. Access is strictly limited to those members of staff who need it. SSS expects the same duty of confidentiality of all third parties with whom we need to share your personal data for the purposes of fulfilling our contractual obligations to you. They are required to enter into a separate data
processing agreement with us when they have the role of data processor unless the equivalent clauses are already included in our contract with them.
SSS will process personal data using a lawful basis; such instances are described below:
When we have a legitimate interest to respond to your general enquiry regardless of how it reached us in the first instance
When we have a legitimate interest to use your contact details, as a former and/or current customer, to send you a newsletter with updates about our services
When we have a legitimate interest to record your images using CCTV equipment positioned around SSS’s offices, should you have reason to visit
When we have your consent in the situation where you have not been a customer of ours before, in order to send you a newsletter with updates about our services
When we have your explicit consent when we need to process special category data such as medical/health related data needed to support activity applications
To fulfil our contractual obligations to you either as a customer for the purposes of delivering the service(s) you have asked of SSS
To comply with our legal obligations
SSS will never sell your personal data and will only disclose it when it’s absolutely necessary, to some or all of the following third parties:
Company accountant and the legal firm appointed by SSS
HMRC for invoice related activities
The franchise(s) that run the activities
Sub-contractors appointed by SSS, subject to a data processing agreement or
equivalent commitment to confidentiality
SSS will process your personal data at its UK premises and utilises Microsoft Azure cloud (UK) for back up services. This website is hosted at a UK based data centre. We use HubSpot purely for marketing purposes which is US based and this is subject to the equivalent data safeguarding measures as the former EU-US Privacy Shield Agreement.
SSS follows a retention schedule to determine the length of time it holds different types of personal data of the customer. The key points of the schedule are shown below:
If you make an enquiry about a service that you subsequently choose not to use, we will routinely delete any information we have collected about you 36 months
If you make an enquiry about a service that generates a quotation that does not result in an order, we will retain your contact details indefinitely, unless you ask us to delete it
If you are or have been a customer, we will retain the details of your order, including your contact details, indefinitely, unless you ask us to delete them. If we don’t have another over-riding legal basis for processing, we will fulfil your request
If we have your consent to hold your contact details, we will retain them until you notify us that you want to withdraw your consent
For financial records and invoices, which include your personal data, these will be retained for 6 years after the end of the current tax year of processing
Personal data collected about children is not retained beyond their 12th birthday unless separate consent has been granted by the parent for specific activities
By exception, documentation that includes your personal data may be retained by SSS beyond the schedule, but only for a specific purpose and only when SSS believes there is a legitimate interest or has a legal obligation to do so. None the above affects your rights stipulated under the UK GDPR
(see below).
At the end of the retention schedule SSS will either return, destroy or delete/ anonymise your personal data and any associated emails or relevant documentation. If it is technically impractical to do so, we will put it beyond operational use. It allows up to 3 months after the retention criteria has
expired to do this.
The SSS website uses cookies (and similar technologies) with your permission when this is needed and does not attempt to identify individuals who visit the website. For further details please read the SSS cookie policy below or a link to which can be found at the foot of the homepage.
CCTV is in operation at SSS s office premises primarily to safeguard the location but also for the safety and wellbeing of SSS staff, contractors and any other visitors.
The UK General Data Protection Regulation defines the rights that you have (although these do not apply in all situations). For convenience, these rights are shown below:
Right to be informed as to how your personal data is being processed by SSS – this is done through this privacy policy and/or separate SSS privacy notices when appropriate
Right to access your personal data held by SSS which is done by making a ‘Data Subject Access Request’ (DSAR) to the SSS privacy officer
Right to rectification of your personal data if you believe SSS has collected it incorrectly or it needs to be updated
Right to erasure of your personal data for which SSS no longer has an overriding lawful basis with which to process
Right to restrict processing under certain circumstances, during which time your personal data will be out of operational use until the related matter is resolved
Right to data portability in a machine-readable version of the personal data you have provided to us, but this only applies to data provided with your consent or under contract
Right to object to SSS processing your personal data when it does not relate to a legal or contractual obligation
Rights related to automated decision making and profiling (however SSS does not use these techniques in its decision making)
Right to withdraw your consent at any time to any service for which have previously sought and obtained your consent as the lawful basis for processing your personal data
Further details on data subjects’ rights can be found on the Information Commissioner’s Office (ICO) website: https://ico.org.uk.
Exercising rights or making queries to SSS can be done by contacting the Privacy Officer. We will need to confirm your identity before proceeding with any request, therefore it may be necessary to ask you to provide documentation to verify your identity. If you have any concerns about the way
we are processing your personal data, please contact the Privacy Officer in the first instance. Alternatively, you may also contact the ICO directly using the details found on the ICO website.
In the event of a takeover or acquisition, the personal data SSS holds will form part of the assets of the organisation to be taken over by the new company, but only used for the same or similar purpose. If this happens, we will notify you using the latest contact details held.
This privacy statement is subject to a routine review every 12 months or sooner if there are significant changes to UK/EU legislation.
COOKIE POLICY
DO WE USE COOKIES?
Yes we do. A cookie is a piece of text that is stored on your computer by your web browser. We use cookies to monitor how people use our site. This helps us to understand how our customers and potential customers use our websites so we can develop and improve their design, layout and more relevant content.
We use a number of different cookies on our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit http://www.aboutcookies.org for detailed guidance.
The list below describes the cookies we use on this site and what we use them for. Currently we operate an ‘implied consent’ policy which means that by using our website you agree we can place these types of cookies on your device. If you are not happy, then you should either not use this site, or you should delete the cookies having visited the site, or you should browse the site using your browser’s anonymous usage setting (called “Incognito” in Chrome, “In Private” for Internet Explorer, “Private Browsing” in Firefox and Safari etc.)
FIRST PARTY COOKIES
These are cookies that are set by this website directly.
Login: A login cookie is used to preserve your personal login preferences as set on the login screen.
Google Analytics: We use Google Analytics to collect information about visitor behaviour on our website. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. This Analytics data is collected via a JavaScript tag in the pages of our site and is not tied to personally identifiable information. We therefore do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are.
You can find out more about Google’s position on privacy as regards its analytics service here.
Banner advertising: These cookies allow us to know whether or not you’ve seen an advert and how long it is since you’ve seen it.
PPC: These cookies use Flashtalking and Google Analytics to track our PPC campaigns by dropping cookies onto users’ browsers.
More info on Flashtalking and Google Analytics can be found here:
http://www.google.com/policies/technologies/ads/
https://developers.google.com/analytics/devguides/collection/gajs/cookie-usage
http://www.flashtalking.com/privacy/policy.pdf
THIRD PARTY COOKIES
These are cookies set on your machine by external websites whose services are used on this site. Cookies of this type are the sharing buttons across the site allow visitors to share content onto social networks.
Cookies are currently set by:
AddThis
Facebook
YouTube
In order to implement these buttons, and connect them to the relevant social networks and external sites, there are scripts from domains outside of our website. You should be aware that these sites are likely to be collecting information about what you are doing all around the internet, including on this website.
You should check the respective policies of each of these sites to see how exactly they use your information and to find out how to opt out, or delete, such information.
EMAILS
Some emails we send we track, at an individual level, whether the user has opened and clicked on the email. We do not use this information at a personal level, rather we use it to understand open and click rates on our emails to try and improve them. If you want to be sure that none of your email activity is tracked then you should opt out of our emails which you can do via the unsubscribe link at the bottom of every email we send.
BLOCKING & DELETING COOKIES
Most browsers allow you to refuse to accept cookies. For example:
Internet Explorer – to refuse all cookies click “Tools”, “Internet Options”, “Privacy”, and select “Block all cookies” using the sliding selector
Firefox – to block all cookies click “Tools”, “Options”, and un-check “Accept cookies from sites” in the “Privacy” box or select “Clear private data” if you want to delete all cookies.
Chrome – click on the Chrome menu in the toolbar, click on “settings”, click on “advanced settings”, choose “Privacy” section, then click on ” Content settings” button and choose either block or delete as appropriate.
Blocking or deleting all cookies will, however, have a negative impact upon the usability of many websites.