Privacy Policy
Minehead Together Business Association is committed to protecting your privacy and handling your personal data with transparency, care, and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website or otherwise interact with us.
1. Who We Are
Data Controller:
Minehead Together Business Association
2. What Data We Collect
We may collect and process the following types of personal data:
• Identity Data – Name, business name, job title
• Contact Data – Email address, phone number, postal address
• Account Data – Login details, user ID, preferences
• Usage Data – IP address, browser type, pages visited, access times
• Communication Data – Any communication you send to us, including emails or contact form submissions
3. How We Collect Your Data
We collect your data when:
• You register or create an account on our website
• You submit a business listing or enquiry
• You contact us directly via email, phone or contact form
• You browse our website (via cookies and analytics)
4. Lawful Basis for Processing
We only process your personal data where we have a legal basis to do so. This includes:
• Consent – You have given clear consent for us to process your personal data
• Contract – Processing is necessary for a contract with you (e.g. account creation)
• Legal Obligation – Processing is required to comply with the law
• Legitimate Interests – To run our business, improve services, prevent fraud, and promote safety
5. How We Use Your Data
We use your personal data to:
• Provide and manage your business listing or user account
• Respond to enquiries and customer service requests
• Send updates, marketing (where consented), or administrative emails
• Improve our website, services, and user experience
• Comply with legal or regulatory obligations
6. Sharing Your Data
We do not sell your personal data. We may share your data with:
• Service providers (e.g., hosting, analytics, payment processing)
• Regulatory or legal authorities if required by law
• Third parties with your consent
All third-party services are bound by strict data protection obligations.
7. Data Storage and Security
We take appropriate technical and organisational measures to protect your personal data, including:
• Secure servers and firewalls
• Encrypted connections (SSL)
• Access control and data minimisation
• Regular monitoring and staff training
We store your data only as long as necessary to fulfil the purposes outlined in this policy or as required by law.
8. Your Rights
Under the UK GDPR, you have the right to:
• Access the personal data we hold about you
• Request correction of inaccurate or incomplete data
• Request erasure (the "right to be forgotten")
• Object to or restrict how we process your data
• Data portability – request your data in a structured format
• Withdraw consent at any time (where processing is based on consent)
• Lodge a complaint with the Information Commissioner’s Office (ICO)
Contact the ICO: https://ico.org.uk
9. Cookies
We use cookies to improve functionality and analyse traffic. You can control or disable cookies through your browser settings.
10. Third-Party Links
Our website may include links to third-party websites. We are not responsible for the privacy practices or content of these sites. Please review their policies separately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will encourage you to review this policy periodically.
12. Contact Us
For any questions or to exercise your data rights, please contact:
Email:
Call: Ben 07894 090888 or 01643 704673