GDPR & Privacy Notice

GDPR

Any information you have supplied to Outfit Moray will be used for the purpose(s) for which you have provided it. This data will be maintained in accordance with the GDPR and the Data Protection Act 2018 and will not be passed on or sold to any other organisation without your prior approval, unless there is a legal requirement to do so. For more information on how we handle any personal data please see below.

Privacy Notice

1. Introduction

1.1 Outfit Moray are committed to safeguarding the privacy of persons for whom we process Personal Data. In this policy we explain how we will treat Personal Data processed by us, in accordance with data protection legislation, and with the General Data Protection Regulation (‘GDPR’).

1.2 Personal Data includes any information relating to an identified or identifiable natural person (‘Data Subject’) who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

1.3 Processing, for the purpose of this Privacy Notice, means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1.4 By consenting to this Privacy Notice you are giving us permission to process your Personal Data and the Personal Data of the Participant specifically for the purposes identified within this Privacy Notice.

1.5 You have a right to withdraw your consent to our processing your Personal Data and the Personal Data of the Participant at any time, and we have outlined the process for such a withdrawal within this Privacy Notice.

2. Processing Personal Data

2.1 We will only process such Personal Data which is adequate, relevant and limited to what is necessary for processing.

2.2 We may process the following kinds of Personal Data from your visit to our website:

(a) information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths);
(b) information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (including your name and email address). You can inform us at any time you no longer require our email notifications/ newsletter;
(c) information that you provide to us when using the services on our
website, or that is generated in the course of the use of those services (including the timing, frequency and pattern of service use);
(d) information relating to any purchases you make of our services or
any other transactions that you enter into through our website (including your name, address, telephone number and email address);
(e) information contained in or relating to any communication that you send to us or send through our website (including the communication content and metadata associated with the communication);
(f) information necessary so as to send you statements, invoices and payment reminders to you and collect payments from you;
(g) information necessary so as to provide third parties with statistical information about our users;
(h) information required so as to deal with enquiries and complaints made by or about you relating to our website;
(i) information required so as to keep our website secure and prevent fraud and;
(j) any other personal information that you choose to send to us.
(k) Personal Data on the Participant including age, date of birth and medical information

2.3 Before you disclose to us the Personal Data of another person, you must obtain that person’s consent to both the disclosure and the processing of that Personal Data in accordance with this policy.

2.4 In the event that we need to obtain Special Personal Data from you or the Participant, other than as required by law, we will always tell you why, and how the information will be used and obtain your consent for this

2.5 We will process Personal Data for the following lawful purposes:

(a) Legitimate interests of our organisation. These include, the administration of our business, debt recovery, processing accounts and payroll, crime prevention and detection (including the use of CCTV),