This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
What data do you hold about me?
In order to arrange your race entry, we need certain personal information about you and your party, which may include full name, contact and billing address, email address, date of birth, contact telephone number, emergency contact details (name and telephone number), and an identifying password (so that we can verify you are who you say you are, if you contact us by telephone); for event organisation, we may hold medical certificates and information, data on past performance, body dimensions (e.g. height for bikes, size for tee-shirts), cycle details; for enquirers, waiting lists, and future interest requests, we hold your contact email address and, if entered, your name.
Why do you hold data about me?
When you make a booking with us, we collect data that helps us arrange your travel, transport, and/or accommodation; aid us, our affiliates and suppliers to organise and arrange events in which you wish to take part; notify suppliers about necessary dimensions of supplied clothing and/or equipment; instruct event medical staff about any medical information; and allow us to contact you and your travelling companions with information about your trip. We aim to hold accurate information about your party for these purposes, and pass it to our suppliers, some of whom may be located overseas, where necessary.
If you have subscribed to one of our Enquirers, Newsletters and Waiting list services, we will send you emails on the types of trips requested.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with a trip or entry into an event). In this case, we may have to cancel a trip or event you have or are wanting to book with us but we will notify you if this is the case at the time.
How long do you keep my data?
For existing bookings, data is held on our system for the legal term required for the contract between us. This will usually be a maximum of 6 years from the date of return, unless there are legal reasons for keeping this data longer (e.g. for a complaint, it is held until the case is finally closed and any outstanding court processes are completed).
For Enquiries, Newsletters and Waiting list services, we hold and process your email address until such time as you unsubscribe from the service. You may unsubscribe at any time, using the link provided at the bottom of the latest email. Usually this process in instantaneous, however it may take a little while in some cases to remove your email address from our mailing list, but it will be done within 10 days of receipt of your instruction.
Why do you ask for my consent?
Consent to receive emailed information from our Enquiries, Newsletters and Waiting list services is “opt-in”, and your consent is given by one of the following methods: ticking a box during the booking process, or by entering an email into the request box and sending the request to us or by entering your email and ticking a box on one of our cards at an event, requesting information on one or more specific types of holiday. You may unsubscribe from any of these services at any time, using the link on the bottom of every email you receive or contacting us at the address at the end of this notice.
Consent for Children’s data, and those who cannot give their consent:
We do not allow bookings to be made by lead passengers under the age of 18, and our marketing is targeted at those adults who are capable of arranging our trips. It is the onus of the person booking to obtain consent from all party members, their guardians, or legal representatives, to pass on their data before creating a contract with us.
What data do you share with others?
In order to organise our events, we will pass your party’s names, dates of birth, and other relevant details, as required, to our suppliers. These may include equipment suppliers, car-hire suppliers, and medically-trained personnel involved in an event, where these elements are part of your booking.
We may need to send your direct contact details to our suppliers in order to make a booking. We may also send your direct contact details to our suppliers if there is a legal request to do so.
We will send your personal details, including any data on athletic ability, past performance (for timing purposes), gender and age to suppliers and organisers of an event in which you are partaking, so that the timing chips, numbers, badges, and/or certificates may be issued correctly.
We will send suppliers your body dimensions for equipment/clothing (such as height for bicycle hire, or tee-shirt size), where these are necessary to obtain the goods and services provided.
We will share certain details with third-party companies for analysis and review purposes, in order to improve our site and future products.
We may pass your personal details, and those of your party, on to law enforcement agencies, or intelligence agencies for the purposes of screening and customs alerts, where we are legally obliged to do so.
Where any information relating to medical conditions has been volunteered, we will pass this information on to those responsible for your medical well being whilst participating in an event.
Can I see what data you hold?
If you have an existing booking account, you may be able to retrieve most information that we hold on you by logging on to your account on our website and examining your information profile and bookings. If you have an existing email marketing account, you may log on in order to change your preferences.
You may also request that we send you a copy of all personal data that we have for your party and/or bookings. We will send you this information free of charge, within one month of receiving your request.
Where no booking exists, or has ever existed, but we have access to an email address for the purposes of Enquiries, Newsletters and Waiting list services, we only hold the email address, and possibly your name, and no other personal information.
Can I correct the information if it is wrong?
In order to ensure that your event runs smoothly, it is necessary that we receive accurate information on all participants. If you notice anything is incorrect, you must inform us as soon as possible. We will advise any third parties to change the relevant data on their system(s).
If we have incorrectly entered data that have been communicated to us, there will be no charge. However, please be aware that administration charges may be incurred for booking changes or passenger name amendments – see the relevant part of the Terms and Conditions section for full details.
Can I request that data be removed?
If you have made one or more bookings with us, the contractual information must be held by us, for legal reasons, for a minimum of 6 years after your return. This information will remain on our system until the minimum period has expired, at which date it will be deleted unless there is some legal reason we need to retain this information. This includes the information for cancelled bookings.
If you have subscribed to Enquiries, Newsletters and Waiting list services, we will hold your email address. Once you have unsubscribed, using the link that is available on every email or by contacting us at the address below, your email address will be removed from our mailing list and transferred to our “opt-out” list, so that we do not include you in future mailings. The only way you can be reinstated is by altering your mailing-list preferences.
Can I prevent you from holding or processing my data?
The data that we hold is used to arrange your trip or event. Once a booking has been made, a contract exists, meaning that we are legally obliged to hold your data for the duration of the contract plus the further period referred to above. We need to process this data in order to provide you with the service(s) that you have purchased. You may request that we stop processing your data, however, by invoking your “Right to restrict processing”. This may affect your booking adversely.
How secure is my data?
Your digital data is held on password-protected systems and passed to third parties using encrypted files. Any paper documentation is stored in filing cabinets on a secure site.
All third-party suppliers and organisations must confirm that data is kept secure, confidential, and compliant with EU General Data Protection Regulations. They agree that your data will be amended on request, and subsequently destroyed upon our request (or moved to an appropriate ‘opt-out’ list. Suppliers must only act on our instructions.
Is my data sent abroad?
If you are travelling abroad, we will need to send some of the information you give us about your party to our suppliers.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
What specific information is stored?
Examples of personal information that we currently keep include the following:
- IP Address, country of origin, type of device, operating system, and browser, search details entered (each time an enquiry is performed). These data are not necessarily “personal”.
- Customer information (for the person booking, once per booking): Name, address, postcode, email address, telephone number(s), contact email address.
- Passenger information (once per passenger): Passenger name, gender, age/date of birth.
- Activity information (for each passenger involved, once per event or activity, where applicable or relevant): Emergency contact name and telephone number (next of kin), passenger contact number, any medical conditions we should be aware of, special food requirements or allergies, nationality, country of residence, predicted finishing time, clothing size (e.g. for a commemorative tee-shirt), height (for bicycle hire), bicycle details (if taking, or using our transport services), email address (for any event-related emails, such as certificates), name of charity for which you are taking part, passport or travel identification information (for flights or tours), car registration (if driving and using parking facilities). Note that we do not collect all of the above data for every booking; and all information, where captured, is necessary for the arrangement of a booking or as part of an event within that booking.
What are “Cookies”?
What if the data is breached?
We use extremely high data security protection, so data breaches are highly unlikely. However, if our data were to be compromised in such a way as to risk your rights and freedoms, we would notify the ICO and any individuals affected by the breach, as per EU General Data Protection Regulations.
What rights to complain do I have?
Should you feel that we have not been compliant with these, or the ICO’s General Data Protection Regulations, you may contact us at our registered address, or contact the Information Commissioner’s Office: www.ico.org.uk.
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Your legal rights
You have the right to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data.
This enables you to ask us to suspend the processing of your personal data in the following scenarios:
- if you want us to establish the data’s accuracy;
- where our use of the data is unlawful but you do not want us to erase it;
- where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
- you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.