Data Controller and Data Processors

Data Controller:

Rockhampton Happy Hounds & Secure Dog Walking Fields is the Data Controller and responsible for the protection of your personal data in our care. You have the individual rights given to you by the General Data Protection Regulation ( GDPR) which came into force on 25 May 2018 and is overseen in this country by the Information Commissioners Office (ICO).

Data Processors:

• Jessica Farr is the Data Processor for Rockhampton Happy Hounds and has visibility of data solely for the purposes of customer support (i.e. dealing with technical and business issues on our behalf) and website/Acuity Booking support (technical and business development to make the tools run well for us all) as instructed by us or determined reasonably by them in the course of their duties with us. 
• We use Mailchimp (a secure communications platform) to gather form submissions and send necessary customer emails. This platform securely holds any information you submit by form to us.
• Squarespace (for the Acuity booking system) holds your name, email address and phone number. Please see below for more on this.
• An accountant with some visibility of personal data (maybe names but not phone numbers, email addresses nor bank details).
  

We will never use your data for any other purpose than you give us express permission for nor ever sell it to others nor disclose it unless required by law.

Lawful Basis for Processing

There are 6 permitted reasons to hold and process data under GDPR (each is known as a lawful basis for processing). Our customers approach us to hire our fields and to enroll in our dog training courses. In both cases, we process their personal data under the lawful basis of Contract which simply means we are allowed to hold and process your data to fulfil any contract (or engage in discussions before we agree to a contract). We have to keep financial records for HMRC. In that regard, your data is processed under the lawful basis of Legal Obligation.

Data Gathered and Being Processed

Fundamentally, the data we hold and actively process consists of your name, phone number and email address. We do not usually process financial data (i.e. card or bank details) as this is usually handled by our Data Processor Squarespace via the Acuity Booking System (this will be more prevalent when we move our dog training classes to Acuity soon). Where customers pay us by cheque or electronic fund transfer, we may be able to determine the bank details but we do not actively seek or use it. Y our IP address (which is personal data) may be logged by any of the direct and indirect systems used to access the internet, operate our emails, the website and the Acuity booking system. We do not actively store or use your IP address. Vistaprint logs website usage data (i.e. which pages are viewed the most and by what device types).

Acuity is a company owned by Squarespace. We believe this is the best available statement of their compliance with GDPR and this is their Privacy Policy. For booking our secure fields, the booking process requires you to submit your name, phone number and email address and these items (along with your IP address) will be stored in Acuity's (Squarespace's) servers. At the time of writing, the personal data that you give us when booking dog training is stored outside Acuity (on paper and/or on online forms through Mailchimp. We will shortly be moving our dog training classes onto Acuity and so the personal data will also be stored on Squarespace's servers.

Where we discuss Vistaprint's servers, we mean this to represent the website platform which they subcontract out so in reality, the personal data may be stored on Vistaprint's servers and/or the servers of the company that provides the website platform for them. The platform is moving to Wix sometime in summer 2022.  The servers for Squarespace, Vistaprint and the Website Platform provider are possibly not in the UK but suitable data privacy compliance statements should be in place for UK customers as these are not small companies we are dealing with. 

There have been no known incidents with these parties and our handling of your data to date. We will keep our processes under review.