Privacy Policy
Snozone and your personal data
This is Snozone’s Privacy Policy. It sets out how we collect and process your personal data, what we use it for, and gives you important information on how you can amend information we hold on you such as amending or removing consent for marketing communications or updating your personal details. If you have any queries about this policy or how we handle any personal data you provide to us, please contact us using the details provided at the bottom of this document.
“Personal Data” is any data that identifies you. The Personal Data which you supply to us you agree will be true. We will process your Personal Data in compliance with both the Data Protection Act 2018 which is the UK's implementation of the General Data Protection Regulation, and the EU General Data Protection Regulation (GDPR) which came into force on 25th May 2018. Please note this applies only to services which we operate and control and not to other companies or other organisations’ websites to which we may link. For such external services or sites please see their Privacy Policies to understand how they might be handling your data.
What is Snozone?
Snozone owns and operates two indoor snow slopes in the UK, and one indoor snow slope in Madrid, Spain. It is a subsidiary of Capital & Regional PLC. Our registered address is Strand Bridge House, 138-142 Strand, London, WC2R 1HH.
Our Purpose for Collecting and Processing Data
Our intention is to provide the best possible experience for visitors to our slopes, the best possible environment for our people that work here, and for the local community where we operate – and the best relations with our partners and other stakeholders. We collect and process data to understand who our guests are, send them appropriate and relevant information, track the performance of our venues, and help provide and improve our services as a whole.
Some data is required to operate our services, and in some cases we are required to hold certain information for legal compliance, law enforcement or contractual purposes.
Legal Basis
Data protection laws set out a number of valid reasons for the collection and processing of personal data. These include: Consent, such as ticking a box to opt-in to receive marketing emails from us; Legitimate Interest; Compliance with the law; and, to Fulfil contractual obligations.
The Data We Collect
When you order tickets or passes, we need to know your name, address, contact phone number and e-mail address to ensure we can contact you easily if required. We also require a credit/debit card number, your expiry date and 3 digit security code. This allows us to process and fulfil your order. Note - We do not store any payment information anywhere on any of our systems.
When entering competitions, either at the venue, on social media or via our website, we collect personal data like your contact information, to administer the competition, for example to ensure age restrictions are adhered to and to notify winners.
Personal details are required to sign-up to the Snozone Membership scheme, which provides members with offers and promotions at Snozone. These details are required to administer the scheme, such as the posting of membership cards, identifying members, informing them of the current offers and promotions within the scheme, and tracking usage of the scheme.
We may collect electronic data such as IP addresses or device information when you use Snozone services such as our websites to monitor the performance of those services and improve their quality. However, the data will only be disclosed on an anonymous and aggregated basis not in a way in which you will be personally identified, unless consent to the contrary has been given.
To protect our guests, venues and team we operate CCTV systems throughout, which record images for security. We do this based on our legitimate business interests. If required to do so we may provide this information to assist with law enforcement.
Where photography or filming is being performed at any of our venues, signage informing you of this will be clearly displayed so that you are aware. This is for use in our marketing materials, on our website or across our social media channels - however if you do not wish to have your image used please inform the photographers/videographers at the time.
Except for names used to administer certain elements of our Holiday Camps and SnoAcademy, we do not collect personal data from children under the age of 16.
Sensitive Data
We may need to process ‘sensitive’ medical data to ensure your visit is safe with us. Our Coaches may ask before an activity about any relevant medical conditions you think may impact your safety. If first aid is administered, a first aider may collect and document information relevant to the treatment carried out.
Marketing Purposes
We only send post, email, text messages and mobile notifications to you about news and services that we consider may be of interest to you, only if you have given us permission to do so or where we consider there to a legitimate interest in the information, for example, if we have to close the slope or building.
If you have agreed to be contacted by telephone then calls may be monitored and recorded for quality and training purposes.
Electronic notifications may be sent to you via your internet browser if you have given consent for us to do so. If you wish to remove consent you can do so following the instructions provided by your internet browser software.
Who Controls or Has Access to our Data?
Personal data is accessed and processed by staff at Snozone involved in operating the relevant services and marketing for the business. The use of personal data will always remain under the control of Snozone, operating as the Data Controller. Snozone does not sell your data to other companies.
We use selected third parties, called Data Processors, to help operate our services which include, for example, an email system or database providers. When employing Data Processors, we ensure that they comply with data protection laws including ensuring that data is held securely and that only the information required to complete the work is supplied to them. If we stop using a particular Data Processor’s services we require that personal data held by them is securely deleted or anonymized.
In compliance with the law, we may be obligated to disclose Data about you to a law enforcement agency or by a court order.
Personal Data is held and processed securely within our IT systems in accordance with the Data Protection Act and EU General Data Protection Regulation.
Data subjects have various rights in relation to accessing and amending the data companies hold on them under GDPR.
Retention Period
We only keep personal data for as long as necessary for the purpose for which it was collected or to comply with legal, contractual or law enforcement purposes. At the end of this period, data is either deleted or anonymized so that it can be used for statistical and analytical purposes in a non-identifiable way.
Security
We endeavour to take all reasonable steps to protect your personal information. However, we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the internet and will not hold us responsible for any breach of security unless this is due to our willful neglect.
Data Subject Rights
Data subjects have a number of rights which we recognise and uphold. These include: The right to be informed about how we collect and process your personal data which is detailed in this document; The right to access this information; The right to rectify or erase data; The right to restrict the processing of data; The right to data portability; The right to object; and, rights relating to automated decision making and profiling. Data subjects also have the right to lodge complaints with the Information Commissioners Office and the right to withdraw consent at any time.
How do I access my data?
If you have registered via our website, you will be able to log in to your profile to edit and update your personal information. To do so, please follow one of the following links, dependent on which site you originally registered with:
For Snozone Milton Keynes and Yorkshire click here: https://snozoneuk.com and select login.
For Snozone Madrid click here: https://snozonemadrid.com/ and select login.
If you change your mind about being contacted in the future, you can unsubscribe via the link above or please write to us at the address shown at the end of this privacy policy, including your email address and full postal address.
Alternatively, you can email us at [email protected] with the word ‘REMOVE’ in the subject line and details (eg: Email Address) you wish to be removed from the system. Please note that it may take up to 28 days to action your request via either of these methods.
Each marketing email we send also contains an unsubscribe link. Opting out of marketing communications will be honoured unless a later opt-in is received for the same contact details.
If you have any comments or queries in connection with our privacy policy or the data we hold, please telephone 020 7932 8000 or write to Snozone Data Controller, Snozone, Strand Bridge House, 138-142 Strand, London, WC2R 1HH or email [email protected].