MyCumbria from Cumbria Tourism – Privacy Policy

Cumbria Tourism (“we” or “our” or “us”) are committed to protecting and respecting your privacy.

This policy (and any other documents referred to herein) sets out the basis on which any personal data we collect from you from our website (www.mycumbriacard.co.uk)(“Website”), or that you provide to us by other means or will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the General Data Protection Regulation 2018 (GDPR), the data controller is Cumbria Tourism.

1. Information we may collect from you

We may collect and process the following data about you:
a. Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use the Website, subscribing to our service and any additional, posting material, contributions or requesting further services. We may also ask you for information when you enter a competition or promotion sponsored by us and when you report a problem with our Website.
b. If you have agreed to be contacted by us, we will send you regular e-newsletter updates, containing details of the latest news and special offers relating to the MyCumbria scheme. You can choose not to receive these emails at any time. We may also, from time to time, ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
c. Details of transactions you carry out through our Website.
d. Details of your visits to the Website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.

2. IP addresses and cookies

2.1 We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
2.2 For the same reason, we may obtain information about your general internet usage by using a cookie which is stored on the hard drive of your computer. Cookies are used to make our Website work and to deliver a better and more personalised service. They enable us:
a. To estimate our audience size and usage pattern.
b. To store information about your preferences, and so allow us to customise our Website according to your individual interests.
c. To speed up your searches.
d. To recognise you when you return to our Website.
2.3 The cookies used on our Website are:
a. ASP.NET_SessionId – This cookie is essential for the operation and navigation of the website. The cookie is deleted when you close your browser.
b. _utma, _utmb, _utmc, _utmz – These cookies are used by Google Analytics to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
c. dmsTPC – This cookie is used to record if a user has accepted the use of Google Analytics cookies on the MyCumbria Card website. This cookie is deleted when you close your browser.
2.4 Most web browsers allow some control of most cookies through the browser settings. These links explain how you can control cookies via your browser – remember that if you turn off cookies in your browser then these settings apply to all websites (not just this website):
a. Internet Explorer http://support.microsoft.com/kb/278835 (or http://www.microsoft.com/windowsphone/en-us/howto/wp7/web/changing-privacy-and-other-browser-settings.aspx for mobile versions).
b. Chrome: http://support.google.com/chrome/bin/answer.py?hl=en-GB&answer=95647.
c. Safari: http://docs.info.apple.com/article.html?path=Safari/5.0/en/9277.html (or http://support.apple.com/kb/HT1677 for mobile versions).
d. Firefox: http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies.
e. Blackberry devices: http://help.blackberry.com/en/blackberry-q10/10.3.1/help/mwa1334238823957.html.
f. Android: http://support.google.com/mobile/bin/answer.py?hl=en&answer=169022.
g. Opera: http://www.opera.com/browser/tutorials/security/privacy/.
h. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org
2.5 This privacy policy does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
2.6 We may embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode. To find out more please visit YouTube’s embedding videos information page: http://www.google.com/support/youtube/bin/answer.py?hl=en-GB&answer=171780.
2.7 We may display either (or both) of the following widgets:
a. Feed widgets (widgets that display a feed from our social network page). These widgets do not create a cookie.
b. Sharing widgets (widgets such as Facebook Like, Twitter Share or AddThis) which enable you to share content of MyCumbria Card to your friends or followers. By default these do not create a cookie until you have clicked on the graphic or icon representing the sharing network you would like to use. By clicking the graphic or icon you consent to transmitting data to the respective social network.
Facebook’s privacy policy on social plugins: http://www.facebook.com/about/privacy/your-info-on-other#socialplugin.
Twitter’s privacy policy on cookies and information sharing: https://twitter.com/privacy.
AddThis’ privacy policy on cookies and information sharing: http://www.addthis.com/privacy.

3. Where we store your personal data

3.1 As our servers are located in the United Kingdom, the data that we collect from you is obtained, processed, stored and transmitted in compliance with General Data Protection Regulation 2018 (GDPR). By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
3.2 All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
3.3 The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use appropriate procedures and security features to try to prevent unauthorised access.

4. Uses made of the information

4.1 We use information held about you in the following ways:
a. To ensure that content from our Website is presented in the most effective manner for you and for your computer.
b. To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
c. To carry out our obligations arising from any contracts entered into through our Website.
d. To allow you to participate in interactive features of our service, when you choose to do so.
e. To notify you about changes to our service.
f. To regularly update you about our services and promotions in e-Newsletters if you have consented to be contacted for this purpose.
4.2 We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in SW1).

5. Disclosure of your information

Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
We may disclose your personal information to third parties only in the following circumstances:
a. In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets purely for the purpose of continuing the same contact activity as previously agreed.
b. If we or substantially all of our assets are acquired by a third party, personal data held by us about our customers will be one of the transferred assets.
c. If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions and other agreements; or to protect the rights, property, confidential information or safety of our Website, customers, affiliates or others and in particular if we are required to prevent any fraud or fraudulent transactions. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

6. Your rights

6.1 You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing at any time by contacting us at info@mycumbriacard.co.uk.
6.2 Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

7. Access to information

GDPR gives you the right to see the information held about you at any time and you may ask us to make any necessary changes to ensure that it is accurate and kept up to date. You may also request that your details are removed from our database. If you wish to do this, please contact our data protection officer at rtyson@cumbriatourism.org and provide a subject access request. Your request will be handled with 1 calendar month.

8. Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.

9. Contact

9.1 Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to info@mycumbriacard.co.uk