At Techniquest (“we”, “us”, “our”), we regularly collect and use personal data about consumers who visit us or browse our website. Personal data is any information that can used to identify you as an individual. The protection of your personal data is very important to us, and we understand our responsibilities to handle your personal data with care, to keep it secure and to comply with legal requirements.
Please read this Policy carefully. It provides important information about how we use personal data and explains your legal rights. This Policy is not intended to override the terms of any contract that you have with us (for example Annual Pass terms) or any rights you might have available under applicable data protection laws.
We will make changes to this Policy from time to time for example, to keep it up-to-date or to comply with legal requirements or changes in the way we operate our business. We will make sure that you are aware of any significant changes by sending an email message to the email address you most recently provided to us or by posting a notice on each relevant website so that you are aware of the impact to the data processing activities before you continue to engage. We encourage you to regularly check back and review this policy so that you will always know what information we collect, how we use it, and who we share it with
In relation to potential customers, historic customers and current customers and attraction visitors (“consumers”), we collect the following data:
Under the GDPR, there are six data protection principles that Techniquest must comply with.
These provide that the personal information we hold must be:
Techniquest is responsible for, and must be able to demonstrate compliance, with these principles. This is called accountability.
We share data with third parties, to help manage our business and deliver services. These third parties may from time to time need to have access to your personal data, and include:
We may use your personal data to send you direct marketing communications about our attraction or our related services. This will be in the form of email, post or targeted online advertisements.
Where we require explicit opt-in consent for direct marketing in accordance with the Privacy and Electronic Communications Regulations we will ask for your consent. Otherwise, for non-electronic marketing or where we can rely on the soft opt-in exemption under the Privacy and Electronic Communications Regulations, we will be relying on our Legitimate Interests for the purposes of GDPR as further detailed in section 3.
You have a right to stop receiving direct marketing at any time — you can do this by following the opt-out links in electronic communications (such as emails), or by contacting us at firstname.lastname@example.org.
We also use your personal data for customising or personalising advertisements, offers and content made available to you based on your visits to and/or usage of our attraction websites or other mobile applications, platforms or services, and analysing the performance of those advertisements, offers and content, as well as your interaction with them.
We may undertake photography or videography in Techniquest, either by our own team or an approved external partner. When this happens, there is a possibility that visitors may be captured in the background of photos/video footage. In order to protect your rights, we will have clear, prominent signage at the main entrance notifying visitors that the photography and/or videography will be taking place. This will also notify visitors that if they do not wish to be photographed, they can request this at the entrance. We will ensure, in these instances, that the photography/videography will not include any visitors who have opted out.
Any close-up photos or videos of guests will require consent forms to be signed by the visitors featured (or, in the case of under-18s, their parent or guardian).
Techniquest may choose to use photos and video footage for marketing purposes in print, digital and online marketing campaigns.
We will retain your personal data for as long as is reasonably necessary for the purposes listed in Section 3 of this Policy. In particular, where there has been no interaction from a consumer (e.g. a purchase, email open, newsletter sign up), a record will be deleted after 2 years.
Where we are required to do so to meet legal, regulatory, tax or accounting requirements, we will retain your personal data for longer periods of time, but only where permitted to do so, including so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a possibility of legal action relating to your personal data or dealings.
We maintain a data retention policy which we apply to records in our care. Where your personal data is no longer required and we do not have a legal requirement to retain it, we will ensure it is either securely deleted or stored in a way such that it is anonymised and the Personal Data is no longer used by the business.
You have a number of rights in relation to your personal data. In summary, you have the following rights:
The primary point of contact for all issues arising from this Policy, including requests to exercise data subject rights, is our Data Protection Officer. The Data Protection Officer can be contacted in the following way:
|Telephone||029 2047 5475|
|Address||Techniquest, Stuart Street, Cardiff, CF10 5BW|