We are Rail Rambles, a non-profit organisation entirely run by volunteers. We offer free public walking programmes based around the railways of Mid-Wales and the Marches.
We want you to enjoy our website and our walks and so we want you to know that we take your privacy very seriously. If you give us information that someone could use to identify you as an individual (“personal data”), we will be very careful with it and will never sell or trade it for marketing purposes.
We have put together this notice to tell you more about the sorts of data we might collect and process, our reasons for doing so, and how we handle (and sometimes share) your data and keep it safe.
The sorts of personal data we might collect and process
In normal circumstances, we might need to collect and process:
- Your name, and a current contact method (if you ask us to contact you, or if you take part in our activities)
- Some limited additional information, such as where you have come from (if you take part in our activities)
- Cookies identifying your computer (if you visit our website)
In exceptional circumstances (e.g., if we need you to help us report an incident on a walk) we may, with your consent, collect and process relevant additional information.
We get this data directly from you, except for cookies. Cookies are explained below.
What are cookies?
Our website generates “cookies”, which are small files placed on your computer’s hard drive. These enable our website to identify your computer as you view the different pages so that it can track page to page navigation and maintain basic web analytics (page visits).
Cookies do not provide us with access to your computer or any information about you other than that which you elect to share. You can change your cookies settings in your browser (see, for example, https://ico.org.uk/your-data-matters/online/cookies/), though this may affect how the website functions.
We do not use any third-party analytics service, and our web analytics do not identify individual users of the website.
Why we process some personal data
Normally, we process some personal data in order to:
- Provide you with an opt-in information service (the mailing list)
- Run Rail Rambles effectively by
- Responding to enquiries and managing other correspondence with linked organisations
- Maintaining appropriate membership information (only applies to walk leaders and others involved in the organisation of Rail Rambles) and business records
- Maintaining records of current and past programming in order to inform future programmes
- Publicising and promoting the programmes
- Offering a working website and understanding how it is used by visitors in order to improve it
- Fulfil any legal or contractual obligations we may have, such as to insurers or sponsors, and comply with any other legal and regulatory obligations, requirements and guidance
In very exceptional circumstances (if you are in distress and unable to give consent) we may without your consent attempt to obtain medical or any other information which will help save you.
Who might handle your data and how we keep it safe
Rail Rambles is run by volunteers and our committee members may access your personal information for the purposes set out above. Most data is stored electronically and all appropriate data security precautions are taken (system password protection, firewall and internet security software, regular backups, etc.). Any data held as hard copy is securely stored. Data management guidelines are in development.
We may need to transfer your personal information to third-party data processors, including various email and cloud service providers. The Rail Rambles website, and some of our email, is hosted by One.com. NatWest processes payment transactions securely on our behalf. Third-party data processing may require the transfer of your data to data centres outside Europe.
We never trade or exchange mailing lists with other organisations or businesses.
We may disclose data to law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation.
How long we keep your data
We only keep personal information for as long as is necessary to carry out the functions listed above.
You have a legal right to:
- Access the personal data that we hold about you
- Request that we correct your personal data if you believe it is inaccurate or incomplete
- Request that we delete your personal information
- Restrict or object to the processing of your personal data for specific purposes
- Request that we send your personal data to another organisation for you
- Withdraw consent to consent-based services at any time
The mailing list
You can unsubscribe from the mailing list at any time by following the instructions given in each mailing, or by contacting us through the website. If you choose to unsubscribe, we will remove your personal data from relevant systems and stop sending you emails, but you will still be welcome on our walks!
We sometimes use photographs of walks on the website, but we will not knowingly use a photograph in which you are clearly identifiable (unless you have given us a specific permission to do so). If you do appear in a photograph on our website and wish to have the image removed, just let us know and we will take it down as soon as possible.
You can contact us at firstname.lastname@example.org, or through the website.
If you are dissatisfied, you can raise a complaint with the Information Commissioner’s Office at www.ico.org.uk.