The Stable Creative Hub
We reserve the right to make changes to this Policy at any time. Your continued use of our products, applications, services and websites that are subject to this Policy will signify your acceptance of any and all changes to this Policy made by us from time to time. You can opt-out at any time.
The Stable Weston is the data controller in connection with any personal information collected or received by us arising from your use of any of our products, services, applications, websites and customer support communications.
- How we use your personal data
In this section we have set out:
" the general categories of personal data that we may process " the purposes for which we may process personal data; and " the legal basis for the processing
We will process your personal data in accordance with the United Kingdom's Data Protection Legislation and Europe's new General Data Protection Regulations (GDPR). We maintain strict security standards and procedures with a view to preventing unauthorised access to your data by anyone, including our staff. We use leading technologies such as (but not limited to) data encryption, fire walls and server authentication to protect the security of your data. For any third-party software or other companies we use or hire to provide support services, we will require them to observe our privacy standards and to allow us to audit them for compliance if required.
2.1 Online Purchases/ Bookings
When you sign up to our website as a member or to make a room booking or membership booking, our web forms ask you to give us information specific to that order, including your name, billing address, shipping address, credit card information and email address. The information that you provide is processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. We also use the information to contact you if there is a problem with your order. The legal basis for this processing is the performance of a contract or delivery of a booking between you and us and/ or taking steps, at your request, to enter into such a contract and our legitimate interests, namely our interest in the proper administration of our website and business.
2.2 How long we hold your data for
Creating a booking or sign-in for The Stable's website does not mean that you will start to receive marketing or other email communications. A specific sign-up will be requested for this to happen. Once you have entered your information into our website system to make a booking, it will remain in our system until you ask us to remove it. The basis for this is that if you made a booking you may require additional bookings in the future, so this is to make the process easier for you in the future. If you sign up to any marketing-specific emails then you will continue to receive those communications until you unsubscribe.
2.3 Secure server
All of our transactions automatically take place on a secure server. All of your personal information is encrypted before it is transmitted over the Internet. To clarify as this could confuse: for activities carried out from web address you see, http://www.thestableweston.com/en, the activity and the transactions will actually be carried out on our behind the scenes https:// site, https://thestablehub.spaces.nexudus.com/.
2.4 Visitor Profiling & Statistics
The Stable is not a major telemarketer nor does it run a complex online shop for instance tracking your activity. When you book memberships, events tickets or rooms from us online, our system saves the data so we as humans viewing the data can see your booking/ purchase history to make informed decisions.
We use this information in two ways: We review what kinds of products and services appeal most to our visitors/ users as a group. This statistical information helps us improve our offerings in the same way that other companies change their catalogue based on what sells best. Secondly, we might use information such as the number of bookings someone makes or types of bookings they make/ services they buy to make offers to them we believe will be of interest. We do not give out any information about you, as an individual, to anyone, except to complete your transactions, or to comply with valid legal process such as a search warrant, subpoena or court order.
The legal basis for this processing is legitimate interest.
2.5 Marketing eNewsletters
You will only receive generic marketing eNewsletters from The Stable if you have specifically subscribed to receive them. This can happen in several places and you can unsubscribe at any point by clicking the link in the email or by letting us know. Methods of signing up include:
" Using our Facebook page sign up " Using the Newsletter sign up on our website " In person (in writing while in the building/ at an event, or verbally) " Via email " By completing and submitting an Invitation to Subscribe link sent by us
2.6 Agreeing to receiving materials from us
" E-newsletters - by completing our e-newsletter sign-up page you are agreeing to receive email marketing communications. These can be unsubscribed from at any time, simply by clicking the unsubscribe link at the bottom of the email.
" Brochure requests - by completing any leaflet or Brochure Request forms you are agreeing to receive brochures or leaflets from us.
" Texts - by giving your phone number on any form requesting data for marketing purposes, you are agreeing to receive texts from us.
" Visitor Registration - by completing our Visitor Registration/Itinerary Planner page and opting in to receive information via email you are agreeing to receive email marketing communications. These can be unsubscribed from at any time, simply by clicking the unsubscribe link at the bottom of the email.
" Competitions - please check the individual terms and conditions associated with each competition. By entering our competitions and completing our entry forms you are agreeing for your data to be used to administer the competition.
" By booking rooms, memberships or other goods of services via our website and opting in to receive information via email you are agreeing to receive email marketing communications. These can be unsubscribed from at any time, simply by clicking the unsubscribe link at the bottom of the email.
The legal basis for this processing is consent.
2.7 User Generated Content
2.7.1 Social Media
If you use any of our social network pages or applications or you use one of our products or services that allow interaction with social networks, we may receive information relating to your social network accounts. For instance:
" If you click on a 'like', '+1' or 'tweet' or similar button in one of our websites or services, we may record the fact that you have done so. In addition, the content that you are viewing may be posted to your social network profile or feed. We may receive information about further interactions with this posted content (for example, if your contacts click on a link in the posted content), which we may associate with the details that we store about you
2.7.2 Reviews, comments and content
Where you have uploaded product reviews, comments or content to our websites or services and made them publicly visible, we may link to, publish or publicise these materials elsewhere including in our own advertisements.
Each time you create or reply to a post or thread on a website forum from us, in addition to providing this forum service, we may also record the forum name and the time and date of your post or thread with your account details. We do this to better understand the 'typical users' of any forums we might be involved in, and to select or tailor our marketing communications to reflect your forum activity. We do not use the actual content of your forum posts or threads for purposes of sending marketing communications.
The legal basis for processing the above is legitimate interest.
3 Legal Obligation
In addition to the specific purposes for which we may process your personal data set out in this section, we may also process any of your personal data where such processing is necessary for compliance with regulatory and legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another.
3.1 Providing your personal data to others
We may use other third-party service providers to provide certain data processing services for us (acting as our authorised data processors). Examples of authorised data processors could include billing and fulfilment partners, IT solution providers, data analytics providers who process information on our behalf for the purposes outlined above. For example, we may use the services of third parties to personalise content, fulfil orders, deliver packages, monitor access, alarms and CCTV within the building, send postal mail and emails, send text messages (SMS), provide marketing assistance, process credit card payments, provide fraud checking services and provide customer services.
When acting as our authorised data processors, our service providers are required to only process data in accordance with our instructions, in line with this Policy.
In addition to the specific disclosures of personal data set out in this section, we may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. This includes but is not limited to CCTV data in the event of a crime having been reported.
- International transfers of your personal data
We store your data on our secure servers in the United Kingdom and retain it for a reasonable period or as long as the law requires. However, your data may be transferred to, stored at, and processed at a destination inside or outside the European Economic Area by our partners or service providers. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice for instance by using suppliers who, if based in the US, comply with the Privacy Shield data compliance agreement. https://www.privacyshield.gov/welcome
- Retaining and deleting personal data
This Section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
" Personal data that we process shall not be kept for longer than is necessary for that purpose or those purposes. " Your personal data will be retained for five years following the date you cease to be a client, or longer as required to meet our regulatory obligations. " Notwithstanding the other provisions of this Section, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests.
- Links to third party sites
Some of our website or online activities may contain links to other third party websites that are not operated by us. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content, security or privacy practices of those third-party websites. We strongly encourage you to view the privacy and cookie policies displayed on those third-party websites to find out how your personal information may be used.
" We may update this policy from time to time by publishing a new version on our website and MemberSpace Intranet. " You should check this page occasionally to ensure you are happy with any changes to this policy. " We may notify you of changes to this policy by email or through private messaging system or via our website.
- Your Rights
In this Section we have summarised the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights. Your principal rights under data protection law are:
(a) the right to access; (b) the right to rectification; (c) the right to erasure; (d) the right to restrict processing; (e) the right to object to processing; (f) the right to data portability; (g) the right to complain to a supervisory authority; and (h) the right to withdraw consent.
You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to the supply of appropriate evidence of your identity. For this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address.
In practice, you will usually either expressly agree (opt in) in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes during every communication.
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
9.1 About Cookies
A cookie is a simple text file that is stored on a user's computer (or mobile device) that is created when a user visits a website using a program called a browser (Chrome, Internet Explorer, Firefox or Safari). A cookie isn't a program itself and doesn't actively do anything on a user's computer. A cookie cannot be used to identify a user personally but they do contribute to improving a user's experience of a website. A cookie simply allows the website to read the contents of the cookie text file. The text file itself simply contains a unique identifier code; the site name and some digits and numbers.
9.2 Why are Cookies used?
Cookies do lots of different jobs, such as:
" remembering what items a user may have added to a shopping basket or an itinerary as the user moves between pages on a website " saving a user's preferences to allow them to customise a website " measuring what users do on a website to ascertain which parts of a website are popular, how long they spend on a website, how often users return, where they come from etc.
9.3 What Cookies are used by this site?
Cookies are set by this website (first party cookies) but may also be set by other websites (e.g. You Tube) that run content on the website's pages (third party cookies). Cookies can be set to remember a visitor for the duration of their visit (session cookies) or to remember a visitor for repeat visits (persistent cookies).
- About Us
The website is owned and operated by Hub Weston CIC. Hub Weston CIC's trading name as relates to this policy is The Stable Creative Hub.
Our principal place of business is The Stable Creative Hub, 3-6 Wadham Street, Weston-super-Mare, North Somerset, BS23 1JY
The Stable Creative Hub, 3-6 Wadham Street, Weston-super-Mare, North Somerset, BS23 1JY
01934 315 305
Date of Publication of this version 1: 25 May 2018