Introduction
Beyond Swim is an open water swimming venue accreditation programme, managed by Triathlon England and supported by Swim England and Royal Life Saving Society (RLSS UK).
Triathlon England, part of the British Triathlon Federation, is committed to protecting your privacy. We are providing this Privacy Notice to tell you about how we process your personal data when you interact with us when you:
- Visit the Beyond Swim website;
- Engage with us as a representative from an open water swimming venue; or
- Otherwise contact us.
British Triathlon, which is registered with the Information Commissioner’s Office with registration number Z6521217, is the data controller for the processing that we undertake that is outlined in this Privacy Notice. As the data controller, we are responsible for deciding how we hold and use the personal data we collect.
Throughout this Privacy Notice we refer to Data Protection Legislation which means the Data Protection Act 2018 (DPA2018), United Kingdom General Data Protection Regulation (UK GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the aforementioned legislation. Where we process the personal data of people in the European Union, it also includes the EU General Data Protection Regulation (EU GDPR). This includes any replacement legislation coming into effect from time to time.
How we collect your personal data
We may collect your personal data in a number of ways, including:
- Directly from you when you call, email or text us;
- When you visit our website
What personal data do we collect and for what purposes?
Venue representatives
| Personal data processed | Purposes for processing | Legal basis |
| Personal details (name, title, email address, address, telephone numbers)Participation details (venue affiliated with)Records of your interactions with us (calls, emails and other correspondence) | contact you or the venue contacts with important service-based communications related to your venue’s accreditation. For example, renewal reminders; updates if there are changes to venue accreditation rules or any technical aspects that venues need to be aware of etc.so we can manage your venue’s accreditation | Legitimate Interests |
Website visitors
| Personal data processed | Purposes for processing | Legal basis |
| Online identifiers collected through cookies and pixels embedded in the website | To maintain the security of our website To ensure that the website functions correctly | Legitimate Interests |
| For marketing and analytics purposes, for example, to see which pages you visit and what you do on those pages, to see whether you are viewing the website on a computer or mobile etc. | Consent |
Where you get in touch with us via email or post, we rely on legitimate interests to process any personal data which you share with us in order for us to help you with your query.
Failing to provide personal data
You are not under any contractual or statutory requirement to provide us with your personal data, however, if you do not provide us with certain personal data we may not be able to effectively work with you or help you with your queries or concerns.
Sharing your personal data
We may share your personal data with the following categories of third party organisations:
- Swim England and Royal Life Saving Society (RLSS UK), who support us to deliver Beyond Swim. We will only share your personal data with these organisations where there is a need to do so;
- Carefully selected data processors who provide elements of services for us, such as website hosting and the provision of other IT services. We have Data Processor Agreements in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us or further sub-processors who must comply with our Data Processor Agreement. They will hold your personal data securely and retain it for the period we instruct.
In general, British Triathlon does not share your personal data with third parties located outside of the UK or EEA. However, if in the future we were to share your personal data with third parties located in countries that are not deemed by the UK government to have an adequate level of personal data protection, we would implement standard contractual clauses with the UK Addendum to safeguard the transfer and ensure your personal data protected.
Retaining your personal data
Your personal data will be retained in accordance with our Retention Schedule which categorises all of the information held by British Triathlon and specifies the appropriate retention period for each category of data. Those periods are based on the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and British Triathlon’s organisational purposes.
Protecting your personal data
Data security is of great importance to British Triathlon and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your collected data.
We take security measures to protect your information including:
- Limiting access to our buildings to those that we believe are entitled to be there by use of passes and monitoring our offices with CCTV;
- Implementing access controls to our information technology. Any access to your personal data at British Triathlon is restricted to those individuals that have a need to know in order to fulfil their job responsibilities;
- Utilising technical measures such as firewalls, anti-virus software, and encryption to safeguard the data we hold; and
- Implementing organisational measures such as regular staff training and awareness exercises, internal information security policies, and data handling procedures to ensure our staff are aware of how to process personal data securely and responsibly.
Your rights
Under data protection legislation, you have the right to:
- ask for access to your personal data via a ‘subject access request’;
- ask for personal data we hold about you to be corrected;
- ask for your personal information to be deleted. This enables you to ask us to delete or remove your personal data where there is no good reason for us continuing to process it;
- object to the processing of your personal data where we are relying on a legitimate interest, and there is something about your particular situation which makes you want to object to processing it;
- ask for the processing of your personal data to be restricted. This enables you to ask us to suspend the processing of personal data about you;
- ask for your personal data to be transferred to another company; and
- Where we rely on consent to process your personal data, you also have the right to withdraw your consent at any time.
You can exercise any of the following rights by contacting us using the contact information outlined in the Contact Us section. In addition, to manage your preferences regarding non-essential cookies on our websites, click on the Cookie icon in the bottom left of the screen.
Please note that not all of the above rights are absolute and British Triathlon will assess each request on a case by case basis to ensure that we respond in line with our obligations under data protection legislation.
Complaints or queries
British Triathlon tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. Please contact us using the contact details provided further down this page.
You also have the right to lodge a complaint with a supervisory authority, which, in this instance, is the Information Commissioner’s Office (ICO). If you want to make a complaint about the way we have processed your personal information, you should do so on the ICO website: https://www.ico.org.uk/concerns.
Contact us
If you have any questions about how we process personal data or this Privacy Notice, would like to exercise your data protection rights, or submit a complaint about how we have handled your personal data, you can contact our Data Protection Officer using the details below:
Data Protection
British Triathlon
PO Box 25
Loughborough
LE11 3WX
dataprotection@britishtriathlon.org
Changes to this website
We keep this policy under regular review. We may change this Privacy Notice from time to time by updating this page in order to reflect changes in the law and/or our privacy practices.
Last updated September 2024.