LMGT&E is committed to ensuring that your privacy is protected and you can be assured that any information we request from you will only be used in accordance with this privacy statement. Under the updated General Data Protection Regulation (GDPR) we are to clearly state to you how we will use any personal data and our legal basis for collecting it, how long we will store it for, how we will transfer it and who to, how we will protect it, your rights surrounding your data, and finally who the ‘Controller’ is.
Your Data Protection point of contact
LMG Treks & Expeditions Information Controller: Matthew Le Voi – 01900 336795 or firstname.lastname@example.org
Your rights as a data subject against LMG Treks & Expeditions Limited
Right of Access – you have a right to request access to the personal data we hold on file for you. You can also obtain prescribed information on how it is processed.
Right of rectification – in certain circumstances you have a right to ask for your personal data to be corrected if it is inaccurate or completed if it is incomplete. You can help us by keeping your personal data up to date with us (i.e notification of change of email etc)
Right to be forgotten – You have to right to erasure. It may be unlikely to do this however if we have a legal duty to retain or process your information (i.e Medical info that is required for an upcoming event)
Right to restriction of processing – you have the right to restrict the processing of your personal data.
Right of portability – you have the right, in certain circumstances, to move, copy or transfer your personal date to another organisation yourself
Right to object – you have the right to object to certain types of processing of your personal data. For example, for the use of direct marketing or for statistical generation.
Automated decision making – LMGT&E may profile your data for marketing and communication purposes (i.e Mailchimp Newsletter). You can of course opt out of these at any time, and clear consent to add you to such processes will be requested.
If you would like to exercise any of the above rights please contact the LMGT&E Information Controller above. You also have the right to lodge a complaint direct with the supervisory authority, the Information Commissioner (ico.org.uk) who can also be contacted on 0303 123 113
Using (or, the website)
The LMGT&E website utilises traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
A cookie does not give us access to your computer or any information about you, other than the data you choose to share with us.
Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.
Links to other websites
This website contains links to enable you to visit other websites of interest easily. Once you have used these links to leave the LMG Treks & Expeditions site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement.
The website and its content is copyright of ‘Lakeland Mountain Guides’. You may not without our written permission commercially exploit or distribute the content. You may print or download the content for personal use. Any extractions used for personal use must be cited back to the source.
Providing LMG Treks & Expeditions Limited with your Personal Data. How we store it, why we need it, how long we’ll have it and the legal basis for needing it.
There are a number of ways in which you will be required to provide LMG Treks & Expeditions Limited with personal data (Name, addresses, contact numbers, email address) and in some circumstances what is known as ‘Special Category Data’ (Health and medical information). Under GDPR it is important for organisations to be transparent wit you on how and why we collect this data. Further down this page you will also be able to learn about how or why we will transfer your data.
Collection via the website
The request of your email and phone number on the contact form. This is required so we can establish communications with yourself surrounding your enquiry.
When placing an order on the website you will be asked to complete the following fields: Email Address, First Name, Last Name, Address, Country, Region, Post Code and Phone Number. This information is stored on our website dashboard which is password protected. This information is only used so we can process your booking and engage in required communications surrounding that booking.
Collection via the E-Newsletter
For e-marketing we use the provider Mailchimp. You will only be added to the Mailchimp client mailout if you have given us clear consent to do so. This will either be done by yourself completing the Mailchimp e-newsletter sign up form or by ticking the appropriate box on our ‘Event Booking Form’ and or ‘Acknowledgement of Risk’ form. The data collected for this can be as little as an email address. You can unsubscribe from this e-newsletter at any time either through the ‘unsubscribe’ button or by emailing us.
Collection by Phone
Upon calling our landline number or mobile phone contact our electronic devices will automatically store your number. Your number will not be saved by us and the memory holding call lists on our phones will be wiped incrementally through the year.
Collection via Booking Forms
Upon booking we will require confirmation of personal data and some special category data. This data is required to ensure we have appropriate contact information for you leading up to an event and have a handle on your health and physical condition. This special category data surrounding your health is used so we can ensure you are suitable for your chosen event but also so we can inform your guide / instructor of any current or historical health issues (please see below for information on how we transfer this data).
Our ‘Event Booking Form’ also has the requirement for you to list an appropriate emergency contact. This is required so that in the event of an incident we have a point of contact to notify. You will be required to tick the appropriate box to display this person has consented to their data being passed on to us.
Please note, that although it is common practice, sending this data by email is not secure. Should you wish to use an encrypted service to transfer this data you can do so via WhatsApp, Facebook Messenger or DropBox.
How do we store your Data? How is it secured?
Any data which is completed on an electronic form (be it through the website, e-newsletter or sent via email) is protected on appropriate accounts via password on a desktop PC / Laptop. The passwords for these accounts is only known by the listed ‘Data Controller’. The PC in question has up to date anti-virus and malware protection to defend the data from hacking. The company email account is reputable, secure and protected by the above malware software. Personal data is never stored on external devices such as hard disk drives or CD.
If your data is to be stored in physical format it is done so within the LMG Treks & Expeditions Limited Office in a locked drawer and is not transferred from this location.
How long will we have it for?
Any personal data outside of the e-newsletter will be disposed of either by electronic deletion (or shredding if physical) 6 years after the date of the event you have attended. This time frame allows us to keep the data provided on file long enough to be used within any negligence claims that may be brought upon us (in which an individual has 3 years to make). Please note, this 6 year period will only start from when the person in question hits the age of 21 if they are not already on the event date.
Our Legal basis for requiring this personal data and Special Category Data
We have a ‘Vital interest’ to collect this data from you do we can process your bookings and or keep you up to date with our marketing activities. With regards to processing special category data, it is in your best interest that our team know any and all vital medical issues and history so aid us in any incident.
The transfer of your Data
The only way in which your data will be transferred is to a member of the LMG Treks & Expeditions team. Secure transfer procedures have been put in place to prevent loss of your data. The team member has also signed a contract with LMG Treks & Expeditions Limited detailing their understanding and compliance on this matter.
Your data will never be passed or sold on to third parties without your consent. Foreseeably, this will only occur with LMG Treks & Expeditions Limited if you are joining us on an international expedition, for which we use third party suppliers. It is key for us to highlight that GDPR is only applicable to transfer of data within the EU, but regardless of where I the world we send your data we will use our GDPR processes.
Personal Data Breaches
This could be as simple as sending your phone number to the wrong person or not using the ‘Blind Carbon Copy’ function whilst sending a mass event email. In the event of such as break the ICO will be informed. You will only be informed if the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, in which case you will be informed immediately.
Changes to this Privacy Notice
This notice was last updated on 18th May 2018. LMGT&E may amend this notice from time to time to keep it up to date or to comply with legal requirements. If necessary, you may be notified of the changes. Your contact details would be used for this purpose, based on the legal basis of compliance with legal obligations or legitimate interests (or both, as relevant)