Skip to Main Content

Introduction

This privacy policy explains how and why we collect personal information about you and tells you about your privacy rights and how the law protects you.

Scottish African Safari Park Limited, will be referred to as “we“, “us” or “our” in this privacy policy.

We own and operate Blair Drummond Safari Park, Blair Drummond, Stirling, Scotland (the Park) and Blair Drummond Safari Park’s website (www.blairdrummond.com) (the Website)

 

Who we are 

We are the data controller, and we collect and process personal data, in the ways outlined in this privacy policy.

If you would like to discuss anything in this privacy policy, please contact us, using the following details:

Park Address: Blair Drummond Safari Park,  Blair Drummond, Stirling, Scotland FK9 4UR.

Email: enquiries@blairdrummond.com

We may amend this privacy policy from time to time. If we do so, we will publish this on our website.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

 

Purpose of this Privacy Policy

Whilst we acknowledge that children may use our websites to explore our Park and the animals, we do not knowingly collect any personal data relating to children through our Website.

 

Your personal data

Personal information, or personal data, relates to a living individual who can be identified from that information, either by that single piece of information or by combining it with another piece of information that we hold or might hold in the future. Personal data could include things like your name, address, email address or internet protocol (IP) address. We collect your personal data for the purposes outlined in the section below.

We may also collect, use and share anonymised aggregated data such as statistical or demographic data which is not personal data as it does not directly (or indirectly) reveal your identity. For example, we may aggregate individuals’ data around how they use our website to calculate the percentage of users accessing a specific website feature in order to analyse general trends in how users are interacting with our website to help improve the website and our service offering.

 

What personal data we collect

We may collect any or all of the following data:

  • Your full name
  • Address
  • Contact number
  • Date of birth
  • Email address
  • Correspondence with you
  • Details of any medical conditions or disabilities you may supply to use in relation to your visit to the Park
  • When using our Website we will collect technical data including internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID and other technology on the devices you use to access this website. Some information is collected using cookies or similar tracking technology

Unless specifically stated, we do not collect any “special categories of personal data”.

 

Where we collect personal data from

Generally, we will collect information directly from you. You have the option to withhold personal data that is not required for the process of purchasing tickets, using our Website and/or visiting the Park however we may not be able to deliver our services to you if you do so. We may also use different methods to collect data from and about you including through direct interactions or requests and automated technologies.

Unless specifically stated, we do not collect information about possible criminal offences. However, we may do so on occasion, for example though our use of on-site CCTV. Please see the CCTV section below for more information.

 

The purposes for which we intend to process personal data

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide from time to time or on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using data.

We may collect and process personal data for the following purposes:

  • To process and fulfil your ticket order, take payments from you and to deliver our services to you (i.e. to fulfil our contract to you);
  • Where it is necessary for our legitimate interests in conducting and managing our business (for example, to keep our records updated and to communicate effectively with you);
  • The processing is necessary for the purposes of our legitimate interests (or those of a third party) and your interests and your fundamental rights do not override those interests. For example, we will use personal data to respond to any complaints or enquiries from you as we have a legitimate interest in providing you with good customer service and to manage any complaints;
  • Where we need to comply with a legal obligation, for example to maintain accurate accounting records;
  • We will only use technical data collected from our Website where this is necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud); and
  • To contact you about other services we provide which may be of interest to you if you have consented to us doing so.

Generally, we do not rely on consent as a legal basis for processing your personal data and would only do so where we have obtained your active agreement to use your personal data for a specified purpose. If we do request your consent to process certain personal data, you have the right to withdraw consent in respect of such data at any time by contacting us.

 

Visiting the Park

If you visit the Park we may collect or receive personal data, including the following:

  • we will require to confirm any concession information or age restriction information including age, student status, carer status, membership status in order that we can ensure you have the correct ticket type.
  • where catering is offered as part of an event or activity, we may collect dietary information if you wish to provide this to us. This will only be done with your explicit and informed consent.

We are legally required to ensure the safety and security of visitors to the Park. We may also collect or obtain personal data in the following circumstances:

  • if you are involved in an accident or medical emergency, we may collect health data or details of any known disability. We will only collect this information to protect your vital interests in arranging to obtain medical attention and will only pass this information to trained first responders and medical professionals if you are unable to do so. We are also legally required to obtain and record personal or health information on an accident or incident report,
  • if you choose to notify us in advance of your visit of any disability or medical condition we will only collect this health data with your explicit and informed consent and only for the purposes of managing a safe and enjoyable visit to the Park
  • we use CCTV at the Park for safety and security. More information can be found on this in our CCTV section below.

 

CCTV

We will collect or obtain images of guests visiting the Park using CCTV and at the Park entrance, exit and throughout the Park in order to ensure the safety of our staff, guests and other visitors, to ensure the security of the park and to prevent and detect crime. We have a legitimate interest in protecting the Park, staff, guests and other visitors to the Park. If we collect images of a crime being committed, then our legal basis is substantial public interest in preventing or detecting unlawful acts. CCTV images will only be stored for 40 days after which they will be deleted, except where those images are of a crime being committed or suspected to be committed, in which case we reserve the right to store those images for such time as may be necessary for any related investigation and associated proceedings to be resolved.

 

Cookies

In order to make our website easier to use and to improve our service, we sometimes place small amounts of information on your device. These are known as cookies, and they are used by most major websites.

You can set your browser to refuse all or some browser cookies. If you disable or refuse cookies, please note that some parts of our website may become inaccessible or not function properly. For more information about the cookies we use and how to change your cookie preferences, please see here.

 

Marketing

We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent to do so. We will not contact you for marketing purposes by post if you have indicated that you do not wish to be contacted. You can change your marketing preferences at any time by contacting us at the above email address or by following the opt-out links on any marketing message sent to you.

 

Access to and sharing of personal data

We do not sell, rent or exchange your personal data with any third party for commercial reasons,

There may be circumstances in which we may also need to share your personal data with certain third parties (strictly on a confidential, business need-to-know basis). Whenever we share personal data, we take all reasonable steps to ensure it will be handled appropriately and securely by the third party and only in accordance with our instructions.

The third parties to which we may transfer your personal data include:

  • Service providers acting as processors who provide services to us, for example, our IT system administrators. Secutix Limited provide our secure online ticket purchasing services;
  • Payment service providers that enable us to fulfil transactions with you. For example, this might include PayPal or ApplePay;
  • Professional advisers including lawyers, bankers, accountants, auditors, banking, legal, insurance and accounting services;
  • Our agents, contractors and other third parties so we can provide our services to you;
  • Other companies in our group who provide services to us, including processing payments on our behalf;
  • Any relevant regulatory authority or law enforcement agency, including HM Revenue & Customs, courts or tribunals who require reporting of processing activities in certain circumstances;
  • Any relevant third party if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our guests; and
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.

In order to process credit/debit card transactions, the bank or card processing agency may require to verify your personal details for authorisation outside the UK and will comply with the section below: Storage and transfer of personal data.

 

Storage and transfer of personal data

The information we collect from you may be stored inside the UK or outside the UK. If you live or work outside of the UK, we may need to transfer your personal data outside of the UK to correspond with you. Where this applies, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

We may also transfer data outside the UK where our service providers host, process, or store data outside the UK.  Where we do this, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • The country to which the personal data will be transferred has been deemed to provide an adequate level of protection for personal data.
  • Where we use certain service providers, we may use specific contractual terms in place for use in the UK which give personal data the same protection it has in the UK.

 

Data security and retention periods

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

The periods for which we retain personal data depends on the purpose for which the information was obtained but, in general terms, we will retain personal data for so long as required by law, or as long as may be reasonably necessary in order to fulfil the purposes for which it was collected.

 

Third party links

Our Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

 

Your Rights where we are processing your information

The law in the UK gives certain rights to individuals whose information is being processed by a third party. The following is a summary of these rights:

Your right of access – You have the right to ask us for copies of your personal data.

Your right to rectification – You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal data in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal data in certain circumstances.

Your right to object to processing – You have the right to object to the processing of your personal data in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.

 

Withdrawal of Consent

Where you have consented to our processing of your personal data, you have the right to withdraw that consent at any time. Please inform us immediately if you wish to withdraw your consent.

You are not required to pay any charge for exercising your rights. If you make a request, we will try to respond within one month, though this may take us longer if the request is particularly complex or if there are a number of requests. In this case, we will keep you notified.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).

Please contact us using the details outlined above if you wish to exercise any of these rights.

 

Automated decision-making

We do not use automated decision-making in relation to your personal data.

 

Complaints

You have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO“), the UK regulator for data protection issues. You can contact the ICO by writing to them at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or telephone: 0303 123 1113 or online (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so as that you please contact us in the first instance.

Newsletter Signup

Sign up for our monthly newsletter to stay up to date with latest park news, updates on the animals and events.