This Privacy Notice explains how Club Peloton (“we”, “us” or “our”) processes (collects, uses, analyses, stores, changes, accesses, transfers and/or deletes) Personal Data as defined under the General Data Protection Regulation (GDPR).
We are committed to processing personal data responsibly, proportionately, securely and fairly.
This Privacy Notice applies to all data processed about people who have opted-in to receive regular marketing correspondence from us which may take the form of an email newsletter or printed matter sent by post.
The Data Controller is Club Peloton, Coram Campus, 41 Brunswick Square, London WC1N 1AZ and can be contacted at firstname.lastname@example.org.
The role of Data Administrator is not defined or required by GDPR. However, recognising our duties as Data Controllers, we have chosen to appoint a Data Administrator whose role it is to have an overview of our GDPR compliance as well as manage, update and disseminate our GDPR policies and documentation to maintain compliance.
Nick Hanmer has been appointed as our Data Administrator and they can be contacted at email@example.com.
Legal Basis for Processing
By actively opting-in to our mailing list, you have consented to receiving information from us in the form of an email newsletter and/or printed matter by post.
The information we process for our mailing list includes the information you provided to us when opting-in and includes your:
- email address
Purpose for Processing
We process your data in order to keep you informed of our news and industry updates which we will send to you in the form of an email newsletter or printed matter by post.
Protecting Your Data
This information is stored safely in our IT system and only accessible by our employees who need to manage the mailing list and fulfil their day to day duties. We are committed to ensuring that your information is secure. In order to prevent unauthorised use, access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we process. This includes ensuring:
- all media on which the data is stored is physically secure
- all digital media on which the data is stored is encrypted
- that data is not transmitted in an insecure manner
- that any 3rd party data transmittal services used are secure and GDPR compliant
- the process for removing data renders it unreadable
- that your data is only accessible to our employees who need it to fulfil their day to day duties
Transfer to Third Parties
We do not pass on your details to third parties.
By opting-in to our mailing list you have consented to us contacting you from time to time. We will retain your data until you withdraw your consent, which you can do at any time by opting-out using the unsubscribe link in the footer of our newsletters or by emailing us at firstname.lastname@example.org. Upon receipt of any request to opt-out we will remove your details from our system within without unde delay.
We respect all rights afforded to you as a Data Subject under the GDPR legislation.
At any time, you can ask us to:
- correct any information we record about you which you believe to be incorrect
- provide you with a copy of some or all of the information we record about you
- ask that we do not provide data to third parties
- delete all or some of the data we record
We may limit your access if it would disclose personal information about another person, or where it would disclose commercially sensitive information.
To obtain access, correct your information, request a deletion or make a complaint, please contact us in writing using the contact details above. We will acknowledge any correspondence received in writing within 30 days. If you are also dissatisfied with our response you can contact the Information Commissioner office.
If we do not believe it to be reasonable to act on any request, we will advise you in writing.