For details on our privacy policy please contact us at info@generationschristiancamps.org.uk
WELCOME !
Welcome to Generations Christian Camps (G.C.C). We take your privacy seriously and know you do too. This Privacy Policy (“Policy”) is here to help you understand how we collect, use, disclose, and process your personal data. We also describe Your Rights and Choices with respect to how we process your personal data. Please read this Policy carefully.
WHO WE ARE
This is the Policy of Generations Christian Camps (“Generations Christian Camps,” “us,” “our,” or “we”), a Christian Charity camping in East Sussex for around 50 years. You can contact us here.
APPLICABILITY
This Privacy Policy applies to our “Services”, which include our websites that link to/post this Privacy Policy, including any subdomains or mobile versions (the “Site(s)”) and mobile applications (the “Mobile App(s)”).
AGREEMENT
This Policy is incorporated into the Terms of Use governing your use of any of our Services. Any capitalised terms not defined in this Privacy Policy will have the definitions provided in our Terms of Use.
Following notice to you or your acknowledgment of this Privacy Policy (including any updates), your continued use of any of our Services indicates your consent to the practices described in this Policy.
THIRD PARTIES
Generations Christian Camps is a Christian Charity providing camps and other events for young people and adults (“Campers“). To process bookings we also work with other third party organisations. These Services enable our booking services to connect with, support, and provide services to parents and campers, as well as G.C.C team. In each case, we provide a platform for use and this Policy reflects the data processed and activities undertaken through our Services.
This Policy does not apply to information processed by other third parties, for example, when you visit a third-party website or interact with third-party services, unless and until we receive your information from those parties. Please review any third parties’ privacy policies before disclosing information to them.
COLLECTION AND USE OF PERSONAL DATA
DATA WE COLLECT
We collect and process the following types of information, including data that relates to identified or identifiable individuals (“Personal Data”) (note, specific Personal Data elements listed in each category are only examples and may change):
Identity Data: Personal Data about you and your identity, such as your name, ID, gender, date of birth, photos, and other Personal Data you may provide on applications, registration forms, or as part of an account profile.
Transaction Data: Personal Data we collect in connection with a transaction or purchase, such as the item you purchased, the price, the delivery location, post code, and other similar information.
Contact Data: Personal Data used to contact an individual, e.g. email address(es), physical address(es), phone number(s), or social media or communications platform usernames/handles, as well as a name or other salutation.
Financial Data: Personal Data relating to financial accounts or services, e.g. a credit card, bank, or other financial account numbers, and other relevant information you provide in connection with a financial transaction.
Device/Network Data:Personal Data relating to your device, browser, or application e.g. IP addresses, MAC addresses, application ID/AdID/IDFA, identifiers from cookies, session navigation history and similar browsing metadata, and other data generated through applications and browsers, including cookies and similar technologies.
Location Data:Personal Data relating to your precise location, such as information collected from your device’s GPS or other precise localisation service where given by yourself or a camper.
Special Category Data: Personal Data revealing racial, national, or ethnic origin, religious or beliefs, health information.
Custom Content: Custom Content: Information that a user provides in a free text or other unstructured format, or pursuant to custom fields created by a Client; this may include Personal Data or Special Category Data to the extent provided by the user.
HOW WE COLLECT PERSONAL DATA
We collect Personal Data from various sources based on the context in which the Personal Data will be processed:
You: We collect Personal Data from you directly, for example, when you input information into an online form, sign up for a waiting list, register, or contact us directly.
Your Device: We may collect certain Personal Data automatically from your devices. For example, we collect Device/Network Data automatically using cookies and similar technologies when you use our Services, access our Sites, or when you open our marketing communications.
Service Providers: We receive Personal Data from third parties with whom we have a relationship in connection with a relevant transaction, or who collect information on our behalf (e.g. our bookings company).
Data we create or Infer: We (or third parties operating on our behalf) create and infer Personal Data (such as Inference Data) based on our observations or analysis of other Personal Data we process, and we may correlate this data with other data we process about you.
PROCESSING OF PERSONAL DATA
USER ACCOUNT REGISTRATION
Users may register and create an account on our Services. When you register, we process certain Personal Data such as Identity Data and Contact Data. We may also process certain Financial Data if you choose, for example, to purchase products and services through our Service. We use Identity Data and Contact Data as necessary to create, maintain, and provide you with important information about your account. Financial Data provided at registration will be used only as necessary to process transactions at your request or to store payment information for future purchases.
APPLICATION/REGISTRATION
Users may submit enquiries, camper or event applications, medical and other forms, and register with us through our Services. When you submit an application or register, we process certain Personal Data, which typically includes Identity Data, Contact Data, and Financial Data, and if submitted, Custom Content and Special Category Data.
We use all Application/Registration data as necessary to provide our Services, including in connection with the assessment of applications and prospective applicants, and creation of the G.C.C / camper or G.C.C / Helper relationship. Financial Data provided in connection with any application/registration will be used only as necessary to process transactions you request. Subject to your rights and choices, we may also use Identity Data, Contact Data, and Custom Content: (i) in connection with the maintenance of camper or event attendee records, which may include family/guardian relationships, emergency contact information, mailing addresses, etc.; (ii) to provide marketing or other communications between G.C.C and parents or event organisers and attendees; and (iii) along with Special Category Data, in accordance with your consent provided to the G.C.C (e.g. to provide health services, adjusting meal options, etc.), and where permitted by law, to maintain records relating to the health and treatment of campers or event attendees.
PURCHASES AND DONATIONS
Through our bookings service, we process Transaction Data, Identity Data, Financial Data, and certain Contact Data when you complete a purchase from or donate to G.C.C through our Services. Note, all online purchases and donations through our bookings service provider are processed by a third party on behalf of us, however, we will obtain any Personal Data processed by that third party.
We use the Transaction Data, Identity Data and Contact Data as necessary to complete and provide you with important information regarding your transaction, or in connection with certain recordkeeping we may wish to undertake. Financial Data is used only as necessary to process your transaction, and if you request, we may store your Financial Data for future purchases.
COMMENTS, MESSAGING AND CUSTOM CONTENT
We process Identity Data, Contact Data, and if provided, Custom Content when you use our Services to fill out forms relating to G.C.C, message G.C.C, or if you otherwise submit any Custom Content (e.g. on a comment board or other free form content submission form).
We use Identity Data and Contact Data as necessary to carry out the processes and transactions you request. Subject to your rights and choices, we may also use Identity Data to improve our Services and we may make certain Custom Content and Identity Data, including information (such as name) derived from analysis of faces that appear in photos, contained in Client photos and videos available on our Site for viewing by parents, event organisers and Administrators.
We may or may not screen messages, comments or other postings for personal or inappropriate content.
EVENTS, PLANNING AND ACTIVITIES
We may process Identity Data and Contact Data, Custom Content and Special Category Data in connection with the management of events, trips, and other activities.
We use this personal data as necessary to manage these activities. Subject to your rights and choices, we may also use Identity Data, Contact Data, and Custom Content: (i) in connection with the maintenance of event-related administrative camper or event attendee records, e.g. Client and event scheduling and attendance records, building/room/bus/seat assignments or other data relating to transportation use, helper assignments, event description/destination, etc., and (ii) along with Special Categories Data, in accordance with your consent provided (e.g. to provide health services, adjusting meal options, etc.).
MOBILE APPS (Not yet in use)
If you use our Mobile Apps, we process certain Personal Data, which typically includes Identity Data, Contact Data, Device/Network Data, and, with your consent, Location Data. Note, you may also be able to complete purchases, register for an account, or enrol in marketing communications through our Mobile App.
We process the Identity Data, Contact Data, and Device/Network Data as necessary to create your account and deliver the Service and fulfil your requests. Subject to your rights and choices, we may use the Identity Data, Contact Data, Device/Network Data, and Location Data to improve our services.
STAFFING DATA
We may process Identity Data, Financial Data and Contact Data as well as certain Special Category Data in connection with an application to be a, volunteer / Helper, or otherwise join or support our team in connection with criminal, spiritual, or other background checks relating to an applicant (e.g. DBS and reference checks).
Staffing data is used as necessary in connection with these activities, or as required by law. Financial Data is collected and may be stored for booking or reimbursement purposes, or as otherwise necessary in the context of the relationship. Subject to your rights and choices, we process this Personal Data in connection with our activities in relation to the assessment, creation, maintenance, and termination of the volunteer / helper relationship, or in connection with various background checks relating to a prospective volunteer / helper.
Generations Christian Camps may maintain relationships with background check providers (e.g. DBS update service), Generations Christian Camps are the controllers of such information and are responsible for obtaining applicants’ consent, ensuring the legal rights of applicants, and for their use of background check data.
ADMINISTRATION DATA
We may process Identity Data, Financial Data and Contact Data as well as certain Special Category Data in connection with administrative information collected. This information may include medical information of certain helpers, campers or event attendees, or other similar Special Category data, to the extent provided by the helper, camper, parent or attendee.
All administrative data will be used as is necessary in connection with these activities, or as required by law. Subject to your rights and choices, we may process the Special Category Data in connection with the individual’s consent, or as otherwise permitted by law.
COOKIES AND SIMILAR TECHNOLOGIES
We, and certain third parties, may process Device/Network Data when you interact with cookies and similar technologies. We may receive this data from third parties to the extent allowed by the applicable partner. Please note that the privacy policies of third parties may apply to these technologies and information collected.
In connection with our legitimate interests in providing and improving the user experience and efficiency of our Services, and understanding information about the devices and demographics of visitors to our Services, we use this information (i) for “essential” or “functional” purposes, such as to enable various features of the Services such as your browser remembering your username or password, maintaining a session, or staying logged in after a session has ended; (ii) for analytics and site performance purposes, such as tracking how the Services are used or perform, how users engage with and navigate through the Services, what sites users visit before visiting our Services, how often they visit our Services, and other similar information; and (iii) for the purpose of displaying advertisements via retargeting to those users who visited our Site or who may be interested in our Service.
Some of these technologies can be used by third parties to identify you across platforms, devices, sites, and services.
BUSINESS PURPOSES OF PROCESSING
In addition to the processing described above, we generally process Personal Data for several common purposes in connection with our business. For example:
Operate our Services and Fulfil Obligations: We process any Personal Data as is necessary to provide the Services, and as otherwise necessary to fulfil our obligations to you, e.g. to provide you with the information, features, and services you request.
Personalisation/Customisation: We process Personal Data as necessary in connection with our legitimate business interest in personalising our Services. For example, aspects of the Services may be customised to you so that it displays your name, to reflect appearance or display preferences, display recent or commonly used features or data, or other similar functionality.
Internal Processes and Service Improvement: We process Personal Data as necessary in connection with our improvement of the design of our Services, understanding how our Services are used or function, for customer service purposes, in connection with the creation and analysis of logs and metadata relating to service use, and for ensuring the security and stability of the Services. Additionally, we may use Personal Data to understand what parts of our Service are most relevant to users, how users interact with various aspects of our Services, how our Services perform or fail to perform, etc., or we may analyse use of the Services to determine if there are specific activities that might indicate an information security risk to the Services or our Users.
MARKETING COMMUNICATIONS
Data: We may process Identity Data and Contact Data in connection with email marketing communications, including (i) when you register for an account, and choose to enrol, to receive marketing communications; (ii) when you open or interact with our electronic marketing communications..
Uses: We use Identity Data and Contact Data as necessary to provide marketing communications, and consistent with our legitimate business interests, we may send you marketing and promotional communications if you sign up for such communications or purchase services from us.
AGGREGATE ANALYTICS
We process Personal Data as necessary in connection with our creation of aggregate analytics relating to how our Services are used, to understand how our service performs, and to create other reports regarding the use of our Services, demographics of our Users, and other similar information and metrics. The resulting aggregate data will not contain information from which an individual may be readily identified. This processing is subject to users’ rights and choices.
COMPLIANCE, HEALTH, SAFETY & PUBLIC INTEREST
Note that we may, without your consent or further notice to you, and to the extent required or permitted by law, process any Personal Data subject to this Policy for purposes determined to be in the public interest or otherwise required by law. For example, we may process information as necessary to fulfil our legal obligations, to protect the vital interests of any individuals, or otherwise in the public interest or as required by a public authority. Please see the data sharing section for more information about how we disclose Personal Data in extraordinary circumstances.
OTHER PROCESSING OF PERSONAL DATA
If we process Personal Data in connection with our Services in a way not described in this Policy, this Policy will still apply generally (e.g. with respect to Users’ rights and choices) unless otherwise stated when you provide it.
DATA SHARING
GENERALLY
Information we collect may be shared with a variety of parties, depending upon the purpose for and context in which that information was provided. We generally transfer Personal Data to the following categories of recipients:
G.C.C Leaders: For example, any forms, applications, messages, or other material may be processed and all Personal Data processed may be available to the camp leadership.
Service Providers: In connection with our legitimate business interests or other business purposes, we may share your Personal Data with service providers or subprocessors who provide certain services or process data on our behalf. For example, we may book an activity which requires a campers name and age to take part in the activity.) We disclose Special Category Data to service providers only with your consent where required by law.
Legal Disclosures: In limited circumstances, we may, without notice or your consent, access and disclose your Personal Data, any communications sent or received by you, and any other information that we may have about you to the extent we believe such disclosure is legally required, to prevent or respond to a crime, to investigate violations of our Terms of Use, or in the vital interests of us or any person.
YOUR RIGHTS
Applicable law may grant you rights in your Personal Data. In cases where we process Personal Data on our own behalf, you may exercise rights you have by contacting us. All right requests we receive directly must be verified to ensure that the individual making the request is authorised to make that request, to reduce fraud, and to ensure the security of your Personal Data. We may require that you log in to your account or verify that you have access to your account or the email on file in order to verify your identity. For information regarding your rights, please see below.
YOUR CHOICES
You may have the following choices regarding the Personal Data we process, to the extent required under applicable law:
Consent: If you consent to processing, you may withdraw your consent at any time, to the extent required by law.
Direct Marketing:You have the choice to opt-out of or withdraw your consent to processing related to direct marketing communications. You may have a legal right not to receive such messages in certain circumstances, in which case, you will only receive direct marketing communications if you consent. You may exercise your by contacting us.
Location Data: You may control or limit Location Data that we collect using our services by changing your preferences in your device’s location services preferences menu, or through your choices regarding the use of Bluetooth, WiFi, and other network interfaces you may use.
Online Advertising: You may opt out or withdraw your consent to behavioural advertising. You must opt out of third-party services directly via the third party. For example, to opt out of Google’s use of cookies, visit Google’s Ads Settings, here. If you wish to take steps to opt-out of tracking by certain online advertisers, you can visit the Digital Advertising Alliance’s opt-out page at http://www.aboutads.info/choices or the Network Advertising Initiative at www.networkadvertising.org/optout_nonppii.asp.
Other Processing:You may have the right under applicable law to object to our processing of your Personal Data for certain purposes. You may do so by contacting us re: data access requests. Note that we may not be required to cease processing based solely on an objection.
NOTE REGARDING USERS’ DATA
In many cases, Generations Christian Camps acts a processor of Personal Data. We may be notified of your data rights requests; however, we may be unable to directly fulfil rights requests regarding Personal Data unless we control or have the necessary rights of access. Generations Christian Camps may not have access to or control over all or some Personal Data controlled by Third Parties (e.g. if collected for the purpose of an activity booking for instance). Please contact the companies directly for data rights requests regarding controlled information, and we will also assist you as appropriate in the fulfilment of your request. Please note that, to the extent we make interfaces available for you to directly control your data, these will take effect only with respect to the data we control, and you may need to contact the other companies regarding your request to any data they hold.
SECURITY
We follow and implement reasonable security measures to safeguard the Personal Data we process. While we may require our service providers to follow certain security practices, we do not have control over and will not be liable for third parties’ security processes. We do not warrant perfect security and we do not provide any guarantee that your Personal Data or any other information you provide us will remain secure.
DATA RETENTION
We retain Personal Data for the periods stated above, or if none, for so long as it remains relevant to its purpose or for so long as is required by law (if longer). We will review retention periods periodically, and if appropriate, we may pseudonymise or anonymise data held for longer periods.
MINORS
Our Services are intended for use by G.C.C event organisers and attendees and campers’ parents and are neither directed at nor intended for direct use by individuals under the age of 16. Further, we do not knowingly collect Personal Data directly from such individuals without parental / legal guardian consent. If we learn that we have inadvertently done so, we will promptly delete it. Do not access or use the Services if you are not of the required age unless you have the consent of your parent or guardian.
YOUR EU/EEA PRIVACY RIGHTS
Users of our Services in the EU may have the following rights:
Access: You may have a right to know what information we collect, use, disclose, and you may have the right to receive a list of that Personal Data with whom we have received or shared Personal Data, to the extent required and permitted by law.
Rectification: You may correct any Personal Data that we hold about you to the extent required and permitted by law.
Delete: To the extent required by applicable law, you may request that we delete your Personal Data from our systems. We may delete your data entirely, or we may anonymise or aggregate your information such that it no longer reasonably identifies you. Contact us as part of your request to determine how your Personal Data will be erased in connection with your request.
Data Export: To the extent required by applicable law, we will send you a copy of your Personal Data in a common portable format of our choice.
Right to Object: Where we process Personal Data on the basis of our legitimate interests, you can object to that processing to extent allowed by law. Note that we must only limit processing where our interests in processing do not override an individual’s interests, rights, and freedoms, or the processing is not for the establishment exercise, or defence of a legal claim.
Right to Restrict: You may have the right to restrict processing of your Personal Data where the accuracy of the Personal Data is contested, the processing is unlawful but you object to deleting the Personal Data, or we no longer require the Personal Data, but it is still required for the establishment, exercise, or defence of a legal claim, or while we assess an objection to processing.
Automated Processing: To the extent we process Personal Data using automated means (if any), or where otherwise required by law, you may opt-out of, or revoke your consent, to this processing or elect to have an individual review any of the results of processing.
Regulator Contact: You may have the right to file a complaint with regulators about our processing of Personal Data. To do so, please contact us in the first instance and if we are unable to resolve any complaint you may escalate it to the ICO.
Please note we NEVER sell on any personal data information given to us by you, it is used solely for our own purposes.
SUBMISSION OF RIGHTS REQUESTS
You may submit requests by contacting us (see below for summary of required verification information).
VERIFICATION OF RIGHTS REQUESTS
All rights requests must be verified to ensure that the individual making the request is authorised to make that request, to reduce fraud, and to ensure the security of your Personal Data. We may require that you provide the email address we have on file for you (and verify that you can access that email account) as well as an address, phone number, or other information we have on file, in order to verify your identity.
CHANGES TO OUR PRIVACY POLICY
We may change this Privacy Policy from time to time. Changes will be posted on this page with the effective date. Please visit this page regularly so that you are aware of our latest updates. Your acknowledgment of these changes or use of the Services following notice of any changes (as applicable) indicates your acceptance of any changes.
CONTACT US
Feel free to contact us with questions or concerns using the email address below:
General enquiries:
info@GenerationsChristianCamps.org.uk
.