We reserve the right to make changes to this Policy at any time. Your continued use of the Christmas in Leicester website will signify your acceptance of any and all changes to this Policy made by us from time to time.
Leicester City Council is the data controller in connection with any personal information collected or received by us arising from your use of the Christmas in Leicester website.
In this section we have set out:
We do not capture and store any personal information about website visitors, except where you voluntarily choose to give us your personal details via email, or by using an electronic form, or enquiring about any of our services.
We will process your personal data in accordance with the United Kingdom’s General Data Protection Regulations. We maintain strict security standards and procedures with a view to preventing unauthorised access to your data by anyone, including our staff. We use leading technologies such as (but not limited to) data encryption, fire walls and server authentication to protect the security of your data. Whenever we hire third parties to provide support services, we will require them to observe our privacy standards and to allow us to audit them for compliance.
We may process information that you provide to us for the purpose of e-newsletter subscriptions and competition entry. We will only use your personal information to administer your account and to provide the products and services you have requested from us.
Visit Leicester does not sell, rent or lease its customer lists to third parties. Visit Leicester may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In such an instance, your unique personally identifiable information (e-mail, name, address, telephone number) is not transferred to the third party.
The legal basis for this processing is consent.
2.3.1 Social Media
If you use any of our social network pages or applications or you use one of our products or services that allow interaction with social networks, we may receive information relating to your social network accounts. For instance:
2.3.2 Reviews, comments and content
Where you have uploaded comments or content to our website and made them publicly visible, we may link to, publish or publicise these materials elsewhere including in our own promotional campaigns.
The legal basis for processing in 2.3.1 and 2.3.2 is legitimate interest.
In addition to the specific purposes for which we may process your personal data set out in this section, we may also process any of your personal data where such processing is necessary for compliance with regulatory and legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another person.
We will only use your personal information to administer your account and to provide the products and services you have requested from us. We may use other third party service providers to provide data processing services for us (acting as our authorised data processors). Examples of authorised data processors could include billing and fulfilment partners, IT solution providers, data analytics providers who process information on our behalf for the purposes outlined above. For example, we may use the services of third parties to personalise content, fulfil orders, deliver packages, send postal mail and emails, send text messages (SMS), provide marketing assistance, process credit card payments, provide fraud checking services and provide customer services.
When acting as our authorised data processors, our service providers are required to only process data in accordance with our instructions, in line with this Policy, and are subject to appropriate confidentiality and security obligations.
We store your data on our secure servers in the United Kingdom and retain it for a reasonable period or as long as the law requires. However, your data may be transferred to, stored at, and processed at a destination inside or outside the European Economic Area by our partners or service providers. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.
This section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
Personal data that we process shall only be retained for as long as necessary to administer your account and to provide the products and services you have requested from us..
Personal data will be deleted when the data subject has withdrawn consent to processing or the data is no longer up to date.
Your personal data will be retained for 5 years following the date you cease to be a client, or longer as required to meet our regulatory obligations.
Notwithstanding the other provisions of Section 6, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests.
Some of our websites may contain links to other third party websites that are not operated by us. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content, security or privacy practices of those third party websites. We strongly encourage you to view the privacy and cookie policies displayed on those third party websites to find out how your personal information may be used.
We may update this policy from time to time by publishing a new version on our website.
You should check this page occasionally to ensure you are happy with any changes to this policy.
If appropriate, we may notify you of changes to this policy by email or via our website.
In this section we have summarised the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
Your principal rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to the supply of appropriate evidence of your identity. For this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address.
In practice, you will expressly agree (opt in) in advance to our use of your personal information for marketing purposes.
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
A cookie is a simple text file that is stored on a user’s computer (or mobile device) that is created when a user visits a website using a program called a browser (Chrome, Internet Explorer, Firefox or Safari).
A cookie isn’t a program itself and doesn’t actively do anything on a user’s computer. A cookie cannot be used to identify a user personally but they do contribute to improving a user’s experience of a website.
A cookie allows the website to read the contents of the cookie text file. The text file itself simply contains a unique identifier code; the site name and some digits and numbers.
Cookies do lots of different jobs, such as:
remembering what items a user may have added to a shopping basket or an itinerary as the user moves between pages on a website
saving a user’s preferences to allow them to customise a website
measuring what users do on a website to ascertain which parts of a website are popular, how long they spend on a website, how often users return, where they come from etc.
Cookies are set by this website (first party cookies) but may also be set by other websites (e.g. You Tube) that run content on the website’s pages (third party cookies).
Cookies can be set to remember a visitor for the duration of their visit (session cookies) or to remember a visitor for repeat visits (persistent cookies).
The website is owned and operated by Leicester City Council.
Our principle place of business is City Hall, 115 Charles Street, Leicester LE1 1FZ
If you wish to ask us anything about data protection or want to ask for a copy of your data, you may contact our Data Protection Officer at:
Data Protection Officer
Information Governance & Risk
4th Floor, Rutland Wing
115 Charles Street