Privacy Policy and Notice

This policy explains how we use the data you share with us, or that we collect about you. It details why and how we collect your data, why we keep it, what we use it for, and what you can do if you’re unhappy about how we use it. Holyhead Maritime Museum processes data in accordance with the European Union’s General Data Protection Regulation, also referred to in this document and elsewhere as GDPR, and the Privacy and Electronic Communications Regulations (PECR).

Who are “We”?

When we use “We”, “Us” or “Our” in this policy we are talking about Holyhead Maritime Museum and the Trustees of the museum.


Holyhead Maritime Museum is a charity registered in England and Wales (No. 514840) and a company registered in England and Wales at Holyhead Maritime Museum, Newry Beach, Holyhead, Anglesey (01785592)

What is personal data?

Personal data is information that can be used to identify an individual. This might include your name, address, telephone number or email address. We might store a variety of other information depending on the relationship we have with you. As well as these basic personal details, examples of other things this might include are:

  • Data we require to process any agreement we have with you regarding any memberships you hold with us, purchases you make from our shop or other transactional arrangements or donations you make to us. This could include bank details to process direct debits or gift aid information to enable us to process gift aid claims.

  • Specific events you have attended or activities or visits you have undertaken as an organiser, exhibitor or visitor

  • Objects in our collection that you have loaned, gifted or sold to us, and audio, paper or electronic copies of archive material, oral histories, associated with those objects or with the maritime history of the area.

  • If you are a Trustee or Volunteer with us we will store details we need to ensure your safety and that of our visitors, including information required for DBS checks if appropriate.

  • Data provided by suppliers or contractors necessary to fulfil a contract and allow for payments for goods or services.

How do we collect personal data?

Data is primarily collected during transactions with you. You might share your data with us when you are buying a ticket, making a donation, attending or participating in an event, or working for us in voluntary capacity. You will also share it with us when you sign up for our newsletters or enter competitions, either in person at the Museum or via our website or social media channels. You will know we have this information because you will have given it to us.



We may have your information if it has been shared with your consent by a third party.


We may supplement information we hold with other relevant, publicly available information, such as social media accounts, published articles or information available through places like Companies House.


What do we use personal data for?

We use your personal data in a variety of ways, depending on the relationship we have with you. The most common of these ways include:

  • Communicating with you

  • Fulfilling requests from you or agreements we have with you, such as applications for and delivery of Membership and its benefits

  • Processing sales transactions, donations or other payments

  • Identifying visitors, suppliers and participants to the Museum and its events

  • Recording any contact we have with you

  • Providing you with information that we think may be of interest to you, including information about the Museum, its events and the projects it is undertaking, including fundraising and marketing

  • If you are a volunteer, participant or supplier, we will use your information to help us manage the Museum and its events.


When we contact you

Depending on the communication preferences you have indicated, we will contact you about things that we think will interest you, based on the data we hold and our reasonable assumptions. This correspondence might include:

  • Information about upcoming events based on your consents and your historical attendance

  • Information about the Museum and its displays and exhibitions, including occasional requests to consider giving financial support to the Museum


Opting out

Our correspondence will always include contact details or links to enable you to change your contact preferences, so even if you’ve opted-in to receiving information from us, you can opt-out at any time. You can also check and change your contact preferences at any time by emailing This email address is being protected from spambots. You need JavaScript enabled to view it.


There are some Membership and donation communications that we are required to send regardless of your contact preferences. These are essential communications, deemed necessary to fulfil our contractual obligations to you. Examples would include Direct Debit confirmations and advanced notices, thank you letters.


Who do we share your information with?

We will never sell or share your information to other organisations to use for their own purposes.


As part of our service to you, we do need to share your information with third-party organisations who we engage to carry out work on our behalf.


We only share information with these companies if they agree to abide by GDPR regulations, that they keep the information secure and confidential and that they only use the information for the purposes it was supplied.


We will also share your information if legally required to do so by the police, regulatory or other legal bodies, or if we think it is necessary to protect or defend our rights, property or the personal safety of our staff and volunteers or visitors to our premises or websites.

Joint Promotions
Occasionally, we promote and manage events in partnership with other organisation, and personal data specific to that event is collected by both us and the partner organisation. When this is the case it will be clearly advised at the time the information is collected.


CCTV
We use CCTV for security purposes which records movements of individuals around our site. This data is kept for an appropriate time, dependent on the assessment of current risk.


How do we keep your information safe and secure?
We store information on paper files in our registered office, on computers located in the UK, and on reputable cloud services and third party organisations that may be situated inside or outside the European Economic Area.


The security of your data is of the greatest importance to us and we have measures in place to protect against loss and misuse of personal data through staff training, password protection and secure filing systems.


We will only keep your information for as long as we need it to manage the relationship we have with you, based on the parameters of that relationship, or for as long as we are legally required to. When we dispose of your data it will be done securely.


Personal information regarding Trustees and Volunteers may include information that is classified as sensitive. All such personal information is processed in line with the Information Commissioner’s Office Employment Practices Code.


What are your rights?
You have the right to change your communication consents at any time. You can do this by contacting us via email at  This email address is being protected from spambots. You need JavaScript enabled to view it. or by writing to The Data Controller, Holyhead Maritime Museum, Newry Beach, Holyhead, Anglesey, LL65 1YD. also have the right to access a copy of the information we hold about you. This is known as a ‘Subject Access Request’ and you can make this by contacting us via email at This email address is being protected from spambots. You need JavaScript enabled to view it. by writing to The Data Controller, Holyhead Maritime Museum, Newry Beach, Holyhead, Anglesey, LL65 1YD. If we believe your request is manifestly unfounded, excessive or repetitive, we reserve the right to charge a reasonable fee.
For more information about your rights under GDPR, visit the website of the Information Commissioner’s Office at ico.org.uk
Whenever we update our privacy policy we will update this page on our website. This notice was last updated on 7 February 2019.


Cookies and Tracking
This website uses cookies to improve the user's experience while visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer / device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user's computer / device.


Cookies are small files saved to the user's computers hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.


Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.


This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google's privacy policy for further information


Other cookies may be stored to your computers hard drive by external vendors when this website uses referral programmes, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.