Privacy Policy

CONTENTS

CLAUSE

1. Privacy Statement

2. Scope

3. Personal data protection principles

4. LAWFULNESS AND FAIRNESS.

5. CONSENT

6. Purpose limitation

7. Storage limitation

8. PROTECTING PERSONAL DATA.

9. REPORTING A PERSONAL DATA BREACH.

10. TRANSFER LIMITATION.

11. YOUR RIGHTS AND REQUESTS.

12. PRIVACY BY DESIGN.

13. AUTOMATED DECISION MAKING.

14. SHARING PERSONAL DATA.

15. CHANGES TO THIS PRIVACY POLICY.

16. CONTACT.

  • PRIVACY STATEMENT

Go Racing In Yorkshire Ltd (“we”, “our”, “us”, “the Company”) is committed to preserving the privacy of all the Personal Data of our customers, suppliers, employees, workers and other third parties (in each case “you”, “your”) which we process regardless of the media on which that data is stored or whether it relates to past or present employees, workers, customers, clients or supplier contacts, shareholders, website users or any other Data Subject.

  • Scope

We recognise that the correct and lawful treatment of Personal Data will maintain confidence in the Company and will provide for successful business operations. Protecting the confidentiality and integrity of Personal Data is a critical responsibility that we take seriously at all times.

  • Personal data protection principles

We adhere to the principles relating to Processing of Personal Data set out in the General Data Protection Regulations (EU 20161679) (GDPR) which require Personal Data to be:

  • Processed lawfully, fairly and in a transparent manner.
  • Collected only for specified, explicit and legitimate purpose
  • Adequate, relevant and limited to what is necessary in relation to the purposes for which it is Processed.
  • Accurate and where necessary kept up to date.
  • Not kept in a form which permits identification of Data Subjects for longer than is necessary for the purposes for which the data is Processed.
  • Processed in a manner that ensures its security using appropriate technical and organisational measures to protect against unauthorised or unlawful Processing and against accidental loss, destruction or damage.
  • Not transferred to another country without appropriate safeguards being in place.
  • Made available to Data Subjects and Data Subjects allowed to exercise certain rights in relation to their Personal Data.

We are responsible for and must be able to demonstrate compliance with the data protection principles listed above.

 

  • LAWFULNESS AND FAIRNESS
    • Personal data will be Processed lawfully, fairly and in a transparent manner.
    • We will only collect, Process and share Personal Data fairly and lawfully and for specified purposes.
    • The GDPR allows Processing for specific purposes, for example where:
      • you have given your Consent;
      • the Processing is necessary for the performance of a contract or agreement with you;
      • it is necessary to meet our legal compliance obligations;
      • it is necessary to protect your vital interests;
      • it is necessary to pursue our legitimate interests for purposes where those interests are not overridden because the Processing prejudices your interests or fundamental rights and freedoms.
    • Consent
      • You consent to our Processing your Personal Data only if you indicate agreement clearly either by a statement or positive action to the Processing.
      • You can withdraw Consent to Processing at any time and withdrawal will be promptly honoured.
    • NOTIFYING YOU
      • We will only collect your Personal Data for specified, explicit and legitimate purposes and it will not be Processed in any manner incompatible with those purposes.
      • We will only collect Personal Data which is adequate, relevant and limited to what is necessary in relation to the purposes for which it is Processed.
      • We will ensure that the Personal Data we use and hold is accurate, complete, kept up to date and relevant to the purpose for which we collected it.
    • Storage limitation
      • We will not keep Personal Data in an identifiable form for longer than is necessary for the legitimate business purpose or purposes for which we originally collected it.
      • We will maintain retention policies and procedures to ensure Personal Data is deleted after a reasonable time for the purposes for which it was being held, unless a law requires such data to be kept for a minimum time.
      • We will take all reasonable steps to destroy or erase from our systems all Personal Data which we no longer require.
    • protecting personal data
      • We will ensure all Personal Data is secured by appropriate technical and organisational measures against unauthorised or unlawful Processing, and against accidental loss, destruction or damage.
      • We will develop, implement and maintain safeguards appropriate to our size, scope and business, our available resources, the amount of Personal Data that we hold or maintain, and identified risks.
    • REPORTING A PERSONAL DATA BREACH

We have put in place procedures to deal with any suspected Personal Data Breach and will notify you or any applicable regulator where we are legally required to do so.

  • Transfer limitation

We will not transfer Personal Data outside the EEA unless:

  • the European Commission has issued a decision confirming that the country to which we transfer the Personal Data ensures an adequate level of protection for your rights and freedoms;
  • appropriate safeguards are in place
  • you have provided Explicit Consent; or
  • the transfer is necessary for one of the other reasons set out in the GDPR
  • YOUR rights and requests
    • You have rights when it comes to how we handle your Personal Data. These include rights to:
      • withdraw Consent to Processing at any time;
      • receive certain information about our Processing activities;
      • request access to your Personal Data that we hold;
      • prevent our use of your Personal Data for direct marketing purposes;
      • ask us to erase Personal Data if it is no longer necessary in relation to the purposes for which it was collected or Processed or to rectify inaccurate data or to complete incomplete data;
      • restrict Processing in specific circumstances;
      • challenge Processing which has been justified on the basis of our legitimate interests or in the public interest;
      • request a copy of an agreement under which Personal Data is transferred outside of the EEA;
      • object to decisions based solely on Automated Processing, including profiling;
      • prevent Processing that is likely to cause damage or distress to the you or anyone else;
      • be notified of a Personal Data Breach which is likely to result in high risk to your rights and freedoms;
      • make a complaint to the supervisory authority; and
      • in limited circumstances, receive or ask for your Personal Data to be transferred to a third party in a structured, commonly used and machine-readable format.

12        PRIVACIES BY DESIGN

Any new systems, policies or strategies introduced by us will be implemented under a “Privacy by Design” Policy in order to ensure compliance with all GDPR requirements.

13        AUTOMATED DECISION MAKING

We do not use any automated decision-making process.

14        Sharing Personal Data

14.1      Generally we are not allowed to share Personal Data with third parties unless certain safeguards and contractual arrangements have been put in place.

14.2      We will only share the Personal Data we hold with another employee, agent or representative of the Company if the recipient has a job-related need to know the information and the transfer complies with any applicable cross-border transfer restrictions.

14.3      We will only share the Personal Data we hold with third parties, such as our service providers if:

  • they have a need to know the information for the purposes of providing the contracted services;
  • sharing the Personal Data complies with this Policy and, if required, your Consent has been obtained;
  • the third party has agreed to comply with the required data security standards, policies and procedures and put adequate security measures in place;
  • the transfer complies with any applicable cross border transfer restrictions; and
  • a fully executed written contract that contains GDPR approved third party clauses has been obtained.

15        Changes to this Privacy POLICY

15.1      We reserve the right to change this Privacy Policy at any time without notice so please check our website regularly to obtain the latest version.

15.2      This Privacy Policy does not override any applicable national data privacy laws and regulations in the United Kingdom.

16        CONTACTS

All comments, queries, and requests relating to our use of your Personal Data are welcome and should be addressed to admin@goracing.co.uk marked for the attention of the Data Protection Manager.

MAY 2018

Latest News
The jumps ARE BACK at Catterick races

Catterick’s 2018/19 National Hunt season starts on Friday 23 November The jumps are back at Catterick Races, with the first fixture of the 2018/19 National Hunt season taking place on Friday 23 November. Following on from a successful Flat season, the North Yorkshire track will host 10 National Hunt fixtures this winter featuring the ever popular Christmas and New Year’s Day fixtures as well as the prestigious North Yorkshire Grand National on Thursday 10 January and finishing with Countryside Day on Wednesday 6 March. Fiona Needham, General Manager & Clerk of the Course said: “We’re excited for the start of the new Jumps season and have some thrilling days racing ahead of us this winter including the North Yorkshire Grand National which Sue Smith has won for the last three... (Read More)