Privacy Policy

This Privacy Policy sets out the data processing practices carried out through the use of the Internet and any other electronic communications networks by First Event.

If you have any requests concerning your personal information or any queries with regard to these practices please contact First Event at info@firstevent.co.uk. Please note that all data thus captured will be used and held in accordance with the requirements of the Data Protection Act 1998.

Privacy Policy of Morgan Travel Limited trading as First Event. Updated 18 October 2018

This policy (together with our terms of use https://www.firstevent.co.uk/terms-and-conditions and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. 

On 25th May 2018 the General Data Protection Regulation ((EU) 2016/679) (GDPR) comes into effect in the UK.  This gives data subjects (living individuals in respect of whom personal data is processed) enhanced rights and protections in relation to their personal data.  We are committed to safeguarding the privacy of the users of our services.  Therefore, we have updated our Privacy Policy so we are completely clear as to what personal data we collect, why we collect that personal data and how we handle it. 

We, Morgan Travel Limited, trading as First Event, of Ghyll Beck House, Gill Lane, Yeadon, Leeds, West Yorkshire, LS19 7SE are the Data Controller (as that term is defined in data protection legislation). In some cases we process personal data about individuals in order to supply services to our business customers.  Where we process personal data on behalf of a business customer, the business customer will be data controller of that personal data and such personal data will be processed in accordance with the privacy policy of that business customer.  In those circumstances, we will be a data processor of such personal data (as that terms is defined in data protection legislation).  As a data processor we are still required to process the personal data in accordance with data protection legislation, and this privacy policy explains how we do this.

 

Please read the privacy policy carefully. By visiting our website (www.firstevent.co.uk you are accepting and consenting to the practices described in this policy.

1. What information do we collect from you?

We may process the following data about you:

1. Information you give us

 What personal data might you supply to us?

 How and why we process your personal  data:

Account information: Information about you which relates to your, or your employer’s account with us. This information may include your name, your email address and your telephone and/or mobile number.

We will process this data to maintain your account with us, to provide our services to you, to communicate with you and to back up our database.  The reason we process this data is to ensure the proper administration of your account and our business and, where you have entered into a contract with us, for the purposes of fulfilling our contract with you.

Registration Information: Information you provide when you register to use our services and when you report a problem with our website. The information you give us may include your name, address, e-mail address and phone number and such other details as are necessary for us to supply services to you.

We will process this data so we can deal with your registration, or other communications or applications, or to address your query or concern.  The reason we process this data is to ensure the proper administration of your registration and our business.

Transaction Data: If you purchase services from us through our website, you will need to provide certain information to us so that we can supply those services to you.  The information you supply to us may include your name, your contact details, your card details and other information relevant to your transaction. Sometimes, in order to provide services to you (for example, for you to attend an event we are running) we may need you to provide certain specific information so we can ensure you are able to travel to the event safely and so that we can assist you if there is an emergency whilst you are attending the event.  Such information may include your passport number, relevant medial information and details of your next of kin.  Where we collect information that is sensitive personal data (as that term is defined in the Data Protection Act 1998 (as updated)), we will use technical and organisational measures to ensure such sensitive personal data is kept as secure as possible. 

We will process that data in order to perform our contract with you and to fulfil the transaction.  This is also our reason for processing the data (our legitimate interest).   Any sensitive personal data we collect from you will be limited to information we specifically need to ensure you are safe whilst using our services in order to protect your vital interests. 

Communication Data: If you communicate with us, we may process the information contained in your communication.  This information may include your name and contact information, the content of your communication and any metadata our website generates where you communicate with us using the contact form available on our website. 

We will process that information so we can correspond with you and keep records of such correspondence.  The reason we are processing this data is to ensure the proper administration of our business (our legitimate interest).

Notification Data: Where you have purchased services from us, or where you subscribe to receive our email notifications and/or newsletters, we will process your data so that we can send such email notifications and/or newsletters to you.  If you prefer not to receive such communications please click here [insert link] to unsubscribe.

The legal basis for us processing this data is that you have consented to such processing.

Regulatory Data: We may process your data if we need to do so in order to comply with our legal and/or regulatory obligations so that we can protect the vital interests of you or another natural person.

The reason we will process such data is to protect the vital interests of you or another natural person.

1.2 Information we collect about you.

1.2.1 With regard to each of your visits to our website we will automatically collect the following information:

With regard to each of your visits to our website we will automatically collect the following information:

(a) technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We will obtain this data through our analytics tracking system. We process this data so we can monitor and analyse how our website is used so we can improve our website and our services.;

(b) information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page. We process this data so we can monitor and analyse how our website is used so we can improve our website and our services.

1.2.2      To ensure we promote our services in a targeted manner, we may undertake profiling activities in relation to certain individuals, using information which is publicly available about such individuals in their professional (not personal) capacity. No automated decisions are made in respect of such profiling activity.  This profiling enables us to determine those people and companies who may be most interested in our services.  If you would like more information about these activities or you do not wish to be the subject of any profiling activity, please contact our data protection officer using the details below. 

1.3 Information we receive from other sources.

This is information we receive about you if you use any of the other websites we operate or the other services we provide. This may include our sister company, Loyalty Works Limited. Please click here to view Loyalty Work’s privacy policy. In this case we will have informed you when we collected that data if we intend to share those data internally. We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies). We may receive personal data about you from these organisations. Those organisations will have their own privacy policies detailing how they process personal data.

Use of cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. A cookie is a small piece of information sent by a web server to a web browser, which enables the server to collect information from the browser. To find out more information about cookies, including how to see what cookies have been set and how to manage and delete them, go to www.allaboutcookies.org.

We use Google Analytics’ cookie on our website. This cookie is used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookie collects information in an anonymous form, including details about the number of visitors to our website, where visitors have come to the website from and the pages they visited.

Most web browsers allow some control of most cookies through the browser settings. If you want to know how to do this please look at the menu on your browser, or look at the instructions on www.allaboutcookies.org.

You may set up your computer to reject cookies although, in that case, you may not be able to use certain features on our website which may restrict your use of our website.

Please see the end of this Privacy Policy for a table containing details of the cookies that we use together with more information about how those cookies affect you. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gooptout.

3. When will we disclose your personal data to others?

3.1 We may need to share your personal information with members of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries. These terms are defined in section 1159 of the UK Companies Act 2006. We may also share your personal information with our sister company, Loyalty Works Limited where this is necessary for us to provide services to you or where you have consented to such sharing of information. Click here to view Loyalty Works’ Privacy Policy. We will only share such personal information where this is necessary for the purposes set out in this policy.

3.2 We may need to share your personal information with certain selected third parties including:

(a) our business partners, suppliers and sub-contractors for the purpose of performing any contract we have with you or them. In particular, we use third party IT companies to host our operating system and store personal information, and to support us in the use of that operating system. We also use a software supplier to operate the registration software for events that we run ;

(b) analytics and search engine providers that assist us in the improvement and optimisation of our website.

3.3 We will also disclose your personal information to third parties in the following circumstances:

(a) If we sell or buy any business or assets, in which case we may need to disclose certain personal data to the prospective seller or buyer of such business or assets.

(b) If all or most of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets.

(c) If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce any legal agreement we have with you; or to protect our rights or property, or the safety of us, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

4. Where do we store your personal data?

We will always try to ensure that your personal data is processed within the European Economic Area. In some circumstances this will not be possible. In circumstances where it is necessary for us to transfer your personal outside the European Economic Area, we will only transfer such personal data to third parties where we have carried out due diligence on such third parties to ensure they will protect your personal data using similar standards and safeguards as we have. We will also have contractual provisions in place with such third parties to ensure your personal data is protected. Such contractual provisions will be based on the standard contractual clauses approved by the European Commission for the transfer of data outside the EEA or such other appropriate standards as are required from time to time by the European Commission or the UK Government. You consent to the transfer of your personal data outside of the EEA, as long as we comply with these requirements.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, and we will maintain appropriate technical and organisation measures to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Some of the specific measures we use to keep your personal data safe and secure include encryption technology, amongst other things. Where the personal information you have supplied to us is sensitive personal data, we will use such technical and organisational measures as we consider necessary to ensure the sensitive personal data is kept as secure as possible.

5. Storage and deletion of personal data

(a) Any personal data that we process will be deleted from our systems once we have completed the purpose for which we were processing the personal data. In some cases, the purpose for which we are processing your personal data will last for a considerable period (for example, if you are a long term customer of ours, we will need to store your data until our relationship with you comes to an end).

(b) We will determine the period for which we need to retain your data, acting reasonably, and taking into consideration a number of factors such as your relationship with us, your engagement with us, and the fulfilment of contracts we have with you.

(c) We may need to retain your personal data where this is necessary to comply with our legal or regulatory obligations, or to protect the vital interest or the vital interests of another natural person.

6. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

7. Your rights

7.1 Under data protection laws you have the following fundamental rights:

(a) The right to access the personal data we hold about you;

(b) The right to have your personal data corrected if there are errors or inaccuracies in it, or your personal data is incomplete;

(c) The right to restrict the processing we carry out in relation to your personal data; (d) The right to object to the processing we carry out in relation to your personal data; (e) The right to have the personal data we hold about you provided to you in a useable format;

(f) The right to complain to a supervisory authority (in the UK this is the Information Commissioner’s Office) about how and/or why we are processing your personal data; (g) The right to tell us you no longer consent to us processing your personal data. In practice you will usually agree in advance to us using your personal data for marketing purposes and if you no longer wish us to use your personal data for marketing purposes, you can opt out of receiving such marketing messages at any time. You can do this either by unsubscribing from the marketing messages we send you, notifying us in writing at dpo@firstevent.co.uk.

7.2 You can ask us to provide you with details of any personal data we hold about you. You will be required to pay us a fee for supplying this to you. Until 25th May 2018, this fee is £10. After 25th May 2018 you do not have to pay us a fee to access your personal data unless we believe your access request is unfounded, repetitive or excessive. In this case we may charge you a reasonable fee to access your personal data or we may decide not to comply with your request. We will notify you if this is the case. We will require you to provide appropriate evidence of your identity before we respond to your request. Typically this identification evidence will be a photocopy of your passport or photo driving licence, which a solicitor or bank has certified as being a true copy of the original and a copy of a recent utility bill detailing your current address.

7.3 Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

7.4 If you think that any of the data we hold about you is incorrect or inaccurate, you can contact us to correct such data. Please contact us at dpo@firstevent.co.uk or call us on 01943 877444 for these purposes.

8. Changes to our privacy policy

Any changes we make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

9. Information about us

This privacy policy relates to Morgan Travel Limited trading as First Event. We are a company registered in England and Wales with company number 04213944. Our registered office and main place of business is at Ghyll Beck House, Gill Lane, Yeadon, Leeds, West Yorkshire, LS19 7SE. You can contact us at Ghyll Beck House, Gill Lane, Yeadon, Leeds, West Yorkshire, LS19 7SE, or by using our website contact form, by phone 01943 877444 or by email dpo@firstevent.co.uk.

Our data protection officer can be contacted at dpo@firstevent.co.uk.

10. Any questions?

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to First Event, Ghyll Beck House, Gill Lane, Yeadon, Leeds, West Yorkshire, LS19 7SE

Cookie

Data collected by the cookie

How long this data is kept for

Who owns this data

_ga

This cookie is used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

2 years

Google Analytics

_gid

This is used to collect anonamous information about your session ID and to enable us to group together activity for each user so we can improve the site and the experience of the user

24 hours

Google Analytics

_gat

This is part of google analytics and  is used to create and retrieve tracker objects

1 minute

Google Analytics

hubspotutk

This cookie is used by HubSpot to keep track of a visitor's identity.

10 years

HubSpot

__hstc

This is the main cookie HubSpot uses to track visitors.

2 years

HubSpot

__hssrc

Whenever HubSpot changes the session cookie, this cookie is also set

End of session

HubSpot

__hssc

This cookie keeps track of sessions for HubSpot.

End of session

HubSpot

fr

Used by Facebook to help them deliver advertisement products.

3 months

Facebook

__cfduid

Used by the content delivery network Cloudflare, to identify trusted web traffic.

1 year

CloudFare

LinkedIn (Insight Tag)

 

This cookie allows us to target the advertising we do on LinkedIn more effectively by matching data we hold with that held by LinkedIn.

3 months LinkedIn