Privacy and Data Protection Policy.
What is personal data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
The data we collect from you:
- Your name.
- Contact information including email address and mobile phone number.
- The City/Town of which you have signed up.
- Demographic information, such as location, gender and age.
- Questions, if you contact us via the contact page.
The data we collect about you:
- Website usage data
- Your IP address, and details of which version of web browser you used.
- Information on how you use the site, using cookies and page tagging techniques.
- Geographical location when browsing our websites, device information (ie iPhone, Google Pixel, Desktop etc).
On what basis can we process your information.
The legal grounds for processing your personal data are as follows:
- It is necessary that we collect your data for the performance of a contract to which you are a party, or to take steps prior to entering into a contract with you, in order for us to provide you with our services. The data that we require in all cases is your name, contact details and area you wish to sign up for, without which we are unable to offer you our services.
- Where you have provided explicit consent to the processing of your personal data for one or more specific purposes, namely 1) to receive electronic marketing by us, 2) to process special category data where relevant, including for insurance purposes.
- It is necessary for the purposes of our legitimate interests, except where our interests are overridden by the interests, rights or freedoms of affected individuals (such as you). To determine this, we shall consider a number of factors, such as what you were told at the time you provided your data, what your expectations are about the processing of the data, the nature of the data, and the impact of the processing on you. Our legitimate interests are to better understand our customers’ interests, to improve and to promote our Services and those of others, to administer the site, and to provide you with information regarding training for your event and for future events.
- Where we need to comply with a legal obligation; or in rare circumstances:
- Where we need to protect your interests (or someone else’s interests); and/or
- Where it is needed in the public interest or for official purposes
How we use this data.
Collecting this data helps us to understand what you are looking for from The MMA Experience, enabling us to deliver and improve our products and services.
Specifically, we will use data:
- As necessary to provide our services, we will use the data set out above in order to provide details about our MMA training programme and our events.
- For our own internal records, namely fight orders and participant records.
- To improve the products and services we provide, including our MMA training programme and our events.
- To contact you in response to a specific enquiry.
- To contact you in response to your application to our events and provide you with more information regarding our MMA training programme.
- To send you information about future training and events in your area.
Cookies and how we use them.
What is a cookie?
A cookie is a small file placed on your computer’s hard drive. It enables our website to identify your computer as you view different pages on our website.
Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable us to see information like how many people use the website and what pages they tend to visit.
- Analyse our web traffic using an analytics package. Aggregated usage data helps us improve the website structure, design, content and functions.
- Identify whether you are signed in to our website. A cookie allows us to check whether you are signed in to the site.
- Test content on our website. For example, 50% of our users might see one piece of content, the other 50% a different piece of content.
- Store information about your preferences. The website can then present you with information you will find more relevant and interesting.
- To recognise when you return to our website. We may show your relevant content, or provide functionality you used previously.
Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.
However, please note that doing this may affect how our website functions. Some pages and services may become unavailable to you.
To learn more about cookies and how they are used, visit All About Cookies.
Who we share your personal information with.
The third parties we need to share certain information with, to provide our services, including email and SMS suppliers, Insurance providers and our area representatives.
Your personal information may be made available to third parties providing us with relevant services on our behalf, such as IT hosting and maintenance providers and email marketing providers and SMS suppliers. These companies will only have access to or use your information where necessary to perform their functions on our behalf.
Where your data is stored.
Many of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
How long we keep your data for.
We will keep your details on record for so long as you have a registered account with us (or for up to 180 days if you visit our site and do not register with us). If you would like to close or delete your registered account, please contact us, in which case we will within thirty days of your request, remove all of your personal data from our records (except to the extent that it is required to satisfy any legal, accounting, or reporting requirements).
Your right to access and update your personal information.
You can find out if we hold any personal information by making a ‘subject access request’, normally free of charge, under data protection legislation. If we do hold information about you we will let you have a copy of that information unless a legal exception applies, in which case we will inform you of this at the time. You also have the right to request that information we hold about you which may be incorrect, incomplete, or which has been changed since you first told us, is updated or removed. To make a request to exercise either of these rights, please either put the request in writing addressing it to the address provided below or email us your request to firstname.lastname@example.org.
Your right to erasure of your data.
You can ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Your right to withdraw your consent.
You have the right at any time to withdraw any consent you have given us to process your personal data. Please note if you withdraw your consent it will not affect the lawfulness of any processing of your personal data we have carried out before you withdrew your consent. If you have opted into receive marketing information, you can change your mind easily by sending an email to email@example.com or clicking the unsubscribe link.
For any consent you have provided for us to process special category data (such as medical information), to withdraw your consent, please contact us.
Your right to restrict or object to us using your data.
You can ask us to suspend the way in which we are using your information in certain scenarios, or object to our processing your data where we are relying on a legitimate interest ground (or those of a third party) and you feel it impacts on your fundamental rights and freedoms, or where we are processing your personal data for direct marketing purposes or profiling your data. In some cases where you object, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Please note that if you want us to restrict or stop processing your data this may impact on our ability to provide our Services. Depending on the extent of your request we may be unable to continue providing you with our service.
Any queries or concerns about the way in which your data is being used can be sent via email to firstname.lastname@example.org
Moving your information to another organisation.
In the event that we process your data by automated means where you have either provided us with consent for us to use your information or where we used the information to perform a contract with you, you have the right to request that we send to you or to another organisation, an electronic copy of the personal data we hold about you, for example when you are dealing with a different service provider. If you would like us to move, copy, or transfer your information please let us know by emailing email@example.com . We will respond to you within one month after assessing whether or not this is possible, taking into account the technical compatibility with the other organisation in question.
Automated decision making and Profiling.
We do not currently use your data in this way.
We DO NOT provide services for children. Our customers have to be at least 18 years of age.
Changes to this Policy.
We keep this Policy under regular review. We may change this Policy from time to time by updating this page in order to reflect changes in the law and/or our privacy practices.
Contact and Complaints.
If you have any questions about this Policy, please contact us at: firstname.lastname@example.org
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the UK data protection regulator, the Information Commissioner’s Office. Further details can be found at www.ico.org.uk or 0303 123 1113.