Our Privacy Notice
The Bug Parc is a company providing informative and fun experiences and encounters with invertebrates in Norfolk. In line with the General Data Protection Regulation enacted from 25th May 2018, we’ve produced a Privacy Notice so that anyone who wishes to be informed about what we do with their data should find out everything they need to know on this page. If there is anything that you would like to know about how we process your personal data that you can’t see here, please get in touch.
WHAT IS OUR LEGAL BASIS FOR STORING PERSONAL INFORMATION?
The contract that we agree with our customers forms the legal basis for storing and processing their data. For those that agree to receive occasional marketing of promotional offers, the legal basis is consent.
The purpose of the GDPR legislation is to give individuals more control over their personal data and how it is processed. We fully endorse this principle and want to be completely transparent about the data we collect, why we collect it, how we use it and what happens to it when you no longer require our services.
VISITORS TO OUR WEBSITE
When we receive a visitor to https://www.thebugparc.com/, we use the third-party service Google Analytics to collect the standard internet log information. Google Analytics works by reading the user's IP address then setting a cookie on www.thebugparc.com/ containing a unique ID (so Google can get accurate audience figures). The IP address is then never used again. The unique ID has no personal identity information held within it.
If you object to Google Analytics collecting data, you can download a browser add-on that will prevent Google Analytics from using your data: https://tools.google.com/dlpage/gaoptout.
INFORMATION GATHERED THROUGH OUR WEBSITE IS SUMMARISED BELOW
We gather anonymised user activity information from those that accept cookies when entering the website. This information includes pages visited and time spent on those pages.
The only information that we store relating to The Bug Parc and customers is the booking information itself. This booking information includes a name, phone number and email address from the customer but otherwise no personal information. The information is only stored and used in relation to a booking and nothing else.
All booking information is held on a secure IP locked server, accessible only by designated IP addresses and also only with the correct login credentials to the server.
The booking information is also viewable via the website admin CMS which is protected by username and password, with the credentials encrypted and held on the same secure database as above.
NEWSLETTER SIGN UPS:
The user may opt to sign up for the newsletter, which has a two-step opt-in process. The newsletter sign-up only stores a customer's name and email address, and only if they double opt-in to the newsletter for this purpose. If they do not double opt-in their information in this regard is removed after 7 days. They can also manually choose to unsubscribe from the newsletter and remove their information.
The GDPR enshrines rights that individuals may exercise in relation to their data:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- The right not to be subject to automated decision-making including profiling.
If you feel that any of these rights are being infringed, we will do everything that we can to address the problem.
If you would like information about any personal data we store about you then please email us at firstname.lastname@example.org.
If you would like to complain about any aspect of how we store or use your information please email us at email@example.com..