This privacy policy applies to www.silverspitfire.com (“our website”) which is operated by Spitfires.com (“Spitfires.com” or “us”). Spitfires.com is a company incorporated in England and Wales with company number 07623458 whose registered office is at Hangar 8, Goodwood Aerodrome, Chichester, West Sussex, PO18 0PH. Spitfires.com is a trading name of Boultbee Flight Academy Ltd with VAT number 114286138.

When you interact with us through our website (or otherwise) you may provide, or we may collect, certain information from which you are personally identifiable (which is referred to as personal data). For the purposes of the General Data Protection Regulation or “GDPR” (and all other laws relating to the use your personal data), we are the “data controller”, meaning that we are responsible for deciding how your personal data is used and more importantly, for keeping your data safe and only using it for legitimate reasons.

We are committed to protecting your privacy and will take all steps necessary to comply with our legal obligations when using your personal data. This Privacy Policy explains how we fulfil this commitment, so please read this carefully.

What information do we COLLECT AND WHAT DO WE USE IT FOR?

You may provide us with the following types of personal information when you interact with us (when using our website or otherwise):

We may collect the following types of information from you when you use our website (using Cookies or other tracking technologies):

The table below sets out how we use your personal data and our lawful basis for doing so.

Reason why we use your data What data Legal ground for using your data
For internal administration and record keeping purposes All Necessary to comply with a legal obligation

Necessary for our legitimate interests (for effective business administration and service provision)

To process payments which you make through our website (and Paypay) for our products Identity, Contact, Financial Performance of a contract with you
Notify you of changes to our Privacy Policy, our Terms and Conditions or other changes to our services or products Identity, Contact

 

Necessary to comply with a legal obligation
Answer your enquiries which may involve contacting you by post, e-mail or phone Identity, Contact

 

Necessary for our legitimate interests (to ensure our customers are informed and satisfied with our services)
Administer our website, including website trouble shooting, testing and analysis and to enable you to participate in interactive features of our website All Necessary for our legitimate interests (to ensure that our website are fully functional and operating in the most effective way for you)
Verify your identity and detect fraud and security issues All Necessary for our legitimate interests (to prevent and detect fraudulent activity, security incidents and criminal activity)

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

WHO DO WE SHARE YOUR DATA WITH?

We share your personal data with third parties to help us deliver our products and services to you in the most effective way possible. These include third parties who assist us with:

If we share personal data with third parties, we will ensure that access is limited on a strictly need to know basis and is subject to suitable obligations relating to confidentiality and security.   In addition to the above, we may also be required to share your personal data with third parties if required by law or regulation. In such circumstances, we will make sure that the disclosure is only to the extent required by law or regulation.

DO WE SEND ANY OF YOUR DATA OUTSIDE OF THE EEA?

The European Economic Area or “EEA” is seen to have good data protection standards. As such, we limit the occasions when we may need to send your data outside of the EEA. Where we do, for example, where our service providers are based outside of the EEA, we make sure that your data is still treated fairly and lawfully in all respects (including making sure we have a legal ground for sending your data outside the EEA and putting in place all necessary safeguards for such arrangement). Where relevant, you will have the right to see a copy of any safeguards we put in place for international transfers of your data. Just get in touch with us if you would like to find out more.

HOW WE KEEP YOUR DATA SECURE                                                              

We have put in place suitable physical, technical and administrative controls to protect your information. Despite the security measures we implement, please be aware that the transmission of data via the internet is not 100% secure. On such basis, we cannot guarantee the security of the information transmitted to us via the internet and any such transmission is at your own risk.

HOW LONG DO WE KEEP YOUR DATA FOR?

We will retain your personal data only for as long as is strictly necessary for the purposes for which such data was originally collected (as referred to above), and thereafter for such longer period as may be required by law.

YOUR RIGHTS

In certain situations, you are entitled to: (i) access to your personal data; (ii) update your personal data; (iii) erase your personal data; (iv) object to processing of your personal data where we are relying on a legitimate interest; (v) restrict the processing of your personal data; (vi) request the transfer of your personal data to a third party; or (vii) where you have provided your consent to certain of our processing activities, you may withdraw your consent at any time (but please note that we may continue to process such personal data if we have legitimate legal grounds for doing so).

Please contact us (using the details below) if you would like to exercise your rights.

Please note that you also have a right to complain to the Information Commissioner’s Office if you are concerned about the way we are handling your personal data.

AMENDING THIS PRIVACY POLICY

This policy may be amended from time to time. Any such changes will be posted on this page. We will notify you of any significant or material changes by placing a prominent notice on our website or emailing you (if appropriate).

CONTACT US

If you would like to discuss anything in this policy or if you want to exercise your rights, please get in touch:

info@spitfires.com

LAST UPDATED: JULY 2019