top of page
IMG_5191.heic

Privacy Policy

see policy

 Rapid Horizons Ltd

Privacy Policy

 

1. Introduction

Rapid Horizons Ltd is committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy explains how we collect, use, store and protect personal information when you interact with us, including through our website, booking systems and activities.

This policy applies to customers, participants, website visitors and group organisers.

 

 

2. Data controller

Rapid Horizons Ltd is the data controller responsible for your personal data.

Company details:
Rapid Horizons Ltd
149–155 Canal Street
Nottingham
NG1 7HR
Email: info@rapidhorizons.com

 

 

3. Information we collect

We may collect the following types of personal data:

Website and enquiries

  • Name

  • Email address

  • Phone number

  • Enquiry details

Bookings and activities

  • Participant names

  • Contact details

  • Emergency contact details

  • Booking information

  • Waiver and consent information

  • Medical or health information (only where necessary for safety)

Payments

  • Payment confirmation and transaction details

  • We do not store full card details ourselves

 

 

4. How we collect your data

Personal data may be collected:

  • via our website built using Wix

  • through our online booking system provided by FareHarbor

  • in person when you attend an activity

  • when payments are taken using Square

  • through email, phone or direct communication

 

 

5. How we use your data

We use personal data to:

  • process bookings and deliver activities

  • communicate important information before and after activities

  • manage safety, supervision and emergency response

  • meet legal, insurance and regulatory requirements

  • improve our services and customer experience

We do not sell your data or use it for unsolicited marketing.

 

 

6. Lawful basis for processing

We process personal data under one or more of the following lawful bases:

  • Contract – to deliver booked activities

  • Consent – where explicitly provided

  • Legal obligation – including health, safety and safeguarding

  • Vital interests – to protect health and safety

  • Legitimate interests – for business operations and safety management

 

 

7. Medical and special category data

Some activities require the collection of medical or health information. This information:

  • is collected only where necessary

  • is used solely for safety and operational purposes

  • is accessed only by authorised staff

  • is retained only for as long as necessary

 

 

8. Payments

Payments may be taken:

  • online through FareHarbor

  • in person using Square terminals

Rapid Horizons Ltd does not store full payment card details. All payment processing is handled securely by the relevant payment provider.

 

 

9. Third-party activity providers

Some activities (such as climbing or biking) may be delivered in partnership with trusted third-party providers.

Where required, relevant participant information may be shared with these providers only where necessary to deliver the activity safely and effectively. All partners are expected to handle personal data responsibly and in line with data protection legislation.

 

 

10. Data sharing

We may share personal data only where necessary, including with:

  • activity partners

  • emergency services

  • insurers or legal advisers

  • regulatory or governing bodies

Data is shared on a need-to-know basis only.

 

 

11. Data storage and security

We take appropriate measures to protect personal data, including:

  • secure digital systems

  • restricted access to sensitive information

  • reputable third-party platforms with appropriate security controls

 

 

12. Data retention

Personal data is retained only for as long as necessary:

  • booking and financial records are retained in line with legal requirements

  • waiver and safety records are retained for a reasonable period

  • data no longer required is securely deleted or destroyed

 

 

13. Photography and media

Photos or videos may be taken during activities for operational or promotional purposes.

  • Consent will be obtained where required

  • Images of children will not be used without appropriate consent

  • Individuals may request not to be included

 

 

14. Your rights

Under UK GDPR, you have the right to:

  • access your personal data

  • request correction of inaccurate data

  • request deletion (where applicable)

  • restrict or object to processing

  • request data portability

Requests should be made in writing using the contact details above.

 

 

15. Changes to this policy

This Privacy Policy may be updated from time to time to reflect changes in our operations or legal requirements.

bottom of page