Learn More
Learn More
Learn More
Learn More

GDPR Privacy Policy

Helmsley in Business (HiB) is an Association which works to promote and enhance the market town of Helmsley in line with the objectives set out in its constitution to make it a better place to live, work and enjoy. We could not do this without support from people like you, our members and we are committed to protecting both your data and your privacy.

We want you to feel assured that any information you give us is held securely and safely, whether you are working for us, supporting us through membership, fundraising or events.

This policy outlines what data we collect, how we may use it and how we keep your data safe.

‘We’ or ‘us’ means Helmsley in Business or HiB.

This Privacy Policy seeks to comprehensively cover the key areas relating to personal data held by HiB, but in the interests of clarity it is not an exhaustive list of all our policies and practices in these areas.

This policy will change from time to time, as we keep up to date with legislation and regulation and to remain aligned with any relevant changes in our programmes and operations. If material changes are made, we will notify you by email and by updating the relevant sections of our website. You can keep up to date by visiting these pages.

This text was last updated in May 2018.

Getting in touch

You have the right to ask for a copy of the information we hold about you and to have any inaccuracies in your information corrected. You also have the right to ask us to delete any personal information we hold about you. In these cases, we will ensure that you are removed from future communications and processing. We are committed to ensuring you receive only those communications you choose.

You can access your personal data held by us or request to receive your information in part or its entirety in machine readable format.

For all questions or concerns regarding our Privacy Policy or the processing of your personal information, please do get in touch. You can email the Secretary (the appointed HIB Data Protection Lead) at: enquiries@visithelmsley.co.uk

Why and how we collect your data

When you give it to us directly: The vast majority of personal data we hold is given to us directly by our members (businesses within the association) or by members of the public contacting us through the ‘enquiries’ email address, in the course of them interacting with our services, website or fundraising activities. We do not store data from non-members of HiB unless asked to do so to enable further communication. Ergo, all public email addresses shall be deleted once the enquiry is dealt with satisfactorily.

When we are working with a third party: Independent third parties will only share your data with us when you have given permission for HiB to contact you, for example, if the third-party requests us to contact you regarding an event/promotion.

What data we collect

Personal information is any data that can be used to identify you. It can include, but is not limited to, any of the data listed below.

Data protection law recognises that there are sensitive categories of personal information, such as health information, racial or ethnic origin, or religious beliefs or other beliefs. We would only collect sensitive personal information where there is a clear need to do so such as health information to enable participation in a challenge event. Before we collect any sensitive personal information, we will make it clear what information we are collecting and the purpose we are collecting it for.

Information we collect from you directly or from third parties with whom we work, may include:

We do not use cookies to collect this type of information.

We may also collect and process information about your interactions with us, including details about our contacts with you through email, Social media, SMS, post, on the phone or in person for the strictly for the purposes of HiB activities. This might include the date, time, and method of contact, events or activities that you register for or attend or any request for support.

Some of the reasons why we may contact you

The law allows personal data to be legally collected and used by an organisation if it is necessary for a legitimate business interest of the organisation – as long as its use is fair and balanced and does not unduly impact the rights of the individual concerned. We will send relevant information by email on the basis that it is within our legitimate interests to do so. If you feel you would like to reduce the amount of post you receive from us or prefer not to receive postal marketing at all, simply contact our Data Protection Lead, at enquiries@visithelmlsey.co.uk

We may contact you for any of the following reasons (this list is not exhaustive):

If at any time you wish to change the information you receive from us or how you are contacted you can let us know, by emailing enquiries@visithelmsley.co.uk

Data sharing with third parties

We do not share, sell or swap your information with other organisations for their own marketing purposes. We will share (non-sensitive) membership data within the HiB network as described above.

There are several legitimate situations where we may share your information with third parties whom we have contracted to fulfil specific services for us – for example with Shona Nutter our Freelance PR Consultant and Owen Turner, United by Design, Web Manager. In these situations we set up a written contractual agreement between ourselves and the third party to ensure that those organisations can only use the data provided for the specific purposes we direct them to do, and that they have in place strict security requirements in order to protect your personal information.

We may disclose your personal information if we are requested or required to do so by a regulator or law enforcement or to enforce or apply our rights (including in relation to our website or other applicable terms and conditions) or to protect HiB, for example in cases of suspected fraud or defamation, or to comply with any other applicable legal obligation.

Keeping your personal information safe

We take appropriate physical, electronic and managerial measures to ensure that we keep your information secure, accurate and up to date. Only the Committee of the Association has access to the complete list of contact information provided by Members. Committee Members are asked to ensure they hold no personal information on private/business computers when they are no longer serving as a committee member for the Association.

Although we use appropriate security measures once we have received your personal information, the transmission of information over the internet is never completely secure. We do our best to protect personal information, but we cannot guarantee the security of information transmitted to our website, so any transmission is at the user’s own risk.

How long will we keep your data

We remove personal data from our systems as soon as practicable once business cancels its membership or we are requested to do so.

In the News

Helmsley Sweetshop launches fundraising challenge to plant 200 ‘twin’ trees in Yorkshire and Uganda


Helmsley photographer takes pole position at international motorsport events


Compostable Carrier Bags – Thomas the Baker becomes first UK bakery to introduce innovative potato starch bags to reduce its plastic usage


Christmas isn’t cancelled in Helmsley as window trail offers a tip a day to enjoy the festive season