Last updated 12th October 2018

Your personal information and Surrey County Council 

  1. Surrey County Council is committed to protecting your privacy when you use our services. Our Privacy Notice explains how we use information about you and how we protect your privacy.
  2. The Cycle Training Team commissioned and uses this bespoke online booking and administration system - https://surreycycletraining.online -  developed by an external company ("Weblaunch Ltd"). This is what you use when making a booking and below we explain how we use your personal information.

What personal information we collect from you

As you complete a booking, we request the following information:

  1. Name
  2. Postal address
  3. Email
  4. Phone number
  5. Data concerning health (does trainee need epipen, inhaler or similar; does trainee have other medical needs it would be helpful for us to know)
  6. Name and phone number for emergency contact
  7. Bank card details

Collection of your information

You enter your personal data in order to book training.

IP address, user agent, browser and operating system are collected automatically by the system and are viewable by system administrators.

The basis on which we collect the information

Your personal information enables us to contact you and provide the training requested.

The purposes for which your information is used

  1. Name: to contact you
  2. Postal address: to contact you and to locate the area where we need to provide training
  3. Email: to contact you
  4. Phone number: to contact you
  5. Data concerning health: to adjust the training where necessary and for the Instructor to ensure any required medical aids are being carried
  6. Name and phone number for emergency contact: for the Instructor whilst training
  7. Bank card details: to take payment for your  training

Sharing of your information

The web developer has access to all information.

Your address is submitted to Google to create a location map viewable by Instructors when they are logged in to the system.

Your personal details are viewable by Instructors when logged in to the system so they can put themselves forward to teach the course. This is in two stages; all Instructors logged in can see your location as displayed on the map but only the Instructor allocated to the course can see all your personal information.

Payments are processed via WorldPay - please see here for more information.

Where your information is stored

The personal information you share with us is stored in a database on a live server. A list of pages you visit are stored on a live server in separate log files.

No credit card, bank details or any other personal financial information is stored on our servers.

Retention of your personal information

Your personal information is automatically deleted 60 days after your training has been completed or, if you did not complete your booking, 60 days from the time you booked. That period of time allows us to attend to any follow-up queries.

Should you wish to receive further training you will need to provide your details again.

How information is protected against breaches

The servers are protected with two independent firewalls. All ports excepting those required for operation of a website are closed or access regulated by IP address.

All communications with the servers are encrypted to prevent man-in-the-middle attacks.

The hosting is cloud-based so there is no single physical presence, however data centres are protected by 24 hour security. The data centres are located in the UK.

How information is protected against losses

Data are backed up daily and stored securely off-site for 1 month. After one month data are destroyed.

Cloud-base hosting ensures there is no single point of hardware failure.