We would also like to note the following as regards to the usage of service providers located outside of the European Union: Liquid Leisure’s Booking Systems are offered internationally. Thus, it extends not only beyond the United Kingdom, but also beyond the European Union. We operate worldwide and our users are scattered across this planet. We would prefer to use European service providers for particular services and service offerings, where such providers can deliver the required services at a comparable and competitive price and service level. However, we also wish to be completely transparent. For many of the services that we use there is simply no comparable, acceptable alternative. As a result we therefore employ the use of a range of service providers outside the European Union, in particular from the USA and Australia. We take steps to ensure that measures according to the European Data Protection law are taken and applied so as to guarantee an adequate level of data protection.
Your personal information
Liquid Leisure collects, processes, and uses your personal information without asking for explicit consent only when this information is necessary for age restrictive activities and for billing purposes. What does this mean for you?
What Information is stored and how is it used?
Information you provide
When booking an activity or completing an activity agreement/waiver for Liquid Leisure, depending on the activity, you may be required to provide the below information:
An email address
Your first and last name
Your postal code
Your phone number
A phone number of a person to contact in case of an emergency
The email address is used to send you your login credentials for our Water Sports system (WakeSys) and/or notifications concerning your booking(s) for other activities made through our activities booking system (Roller). You always have the option to unsubscribe from email notifications. If you register on our Water Sports system, your email address will be given to our system’s email provider Sendgrid, through whom we send emails regarding our Cable and Boat Water Sports. If you subscribe to email marketing messages through our activities booking system, your name and email address will be given to our e-communications provider MailChimp.
Your first name, last name, birthday and gender are used to find you in the Liquid Leisure Booking Systems, and identify you as the holder of a valid ticket and/or season pass and/or punch card. Furthermore, your first name and your last name will be displayed on your personal receipts and if applicable on your release of liability. This information also serves for security reasons. In case of an emergency on the water, we know who you are and who to contact.
Your address, postal code, city, country, and state are only used to be displayed on receipts & invoices and if applicable on the release of liability.
Your phone number is used to inform you about last-minute cancellations of tickets and events, or any required changes to your booking.
The phone number of a person in case of an emergency is only used if something has happened to you, and we need to notify a person close to you.
WakeSys Only Data
(Data used in the membership and booking system for boat and cable water sports at Liquid Leisure – not beginner sessions booked through Roller)
Signing Up & Logging In
The pin on the Cable and Boat Water Sports system is used to give you an additional layer of protection when paying with your prepaid payments.
The specified email address, together with your password, will be your login credentials to login to the Liquid Leisure Water Sports Booking System. All passwords are stored encrypted on our systems provider’s servers, and do not exist in clear-text. Logging into your account allows you, at any time, to delete your account as well as to see which personal information is stored in Liquid Leisure.
After signing up, a member of staff will take a picture of your face, to connect you to your profile. This is necessary to identify you as the holder of a valid ticket and/or season pass and/or punch card, at the starting dock and/or cash register.
All the above data will be stored on our server in Germany, only until you delete your Liquid Leisure account. There is one exception to the above provision: For legal reasons we are required to retain billing information (first name, last name, address, postal code, city, country and state) and release of liability information (first name, last name, birthday, gender, address, postal code, city, country and state as well as, where applicable, the first name, last name and birthday of the legal guardian) for ten years.
All information that you enter into Liquid Leisure, will be transferred over an encrypted SSL connection (SHA-256 with RSA Encryption) to the WakeSys server in Germany.
Minors and Children’s Privacy
Protecting the privacy of young children is especially important. We are aware that children use our customer’s service and with that also their data is collected in Liquid Leisure. However, autonomous sign up in Liquid Leisure of underaged children is only allowed starting at the age of 16. Prior to that, the parent or legal guardian is in charge of registering the child and confirming consent with their signature in the name of the child. If we learn that personal data has been collected from persons under 16 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information or contact the parent to register the child as a relation to their own account. If you are a parent or guardian and discover that your child under 16 years of age has obtained an account within Liquid Leisure without your consent, then you may alert us at firstname.lastname@example.org and request that we delete that child’s personal data from our systems.
Information on the usage of your Liquid Leisure Booking System
When you log into your Liquid Leisure Booking System, the Liquid Leisure server automatically collects data on how you use Liquid Leisure in what is known as an activity log. The server collects information on your activity (number of sign-ins, etc.), statistical data (such as your browser, date and time of log in, cookie ID, and referrer URL), and your IP address for up to 3 months.
Logging into your account allows you to view your full transaction history at any time.
Your transaction history and activity log can be used for statistical and financial analysis, both on an individual as well as aggregated level, by the business owner.
Storage of cookies on your computer
Session cookies for identification
When you sign into your Liquid Leisure Booking System, Liquid Leisure automatically sets a cookie to recognize your browser (this is called a session cookie). This allows you to enter your password only once per session (when you log in), without being asked repeatedly to do so while using Liquid Leisure. Most browsers accept cookies by default, but it is possible to change your browser settings to refuse all cookies. If your browser is set to refuse all cookies, Liquid Leisure will not function properly. You can delete cookies at any time, however, but will have to sign in again the next time you want to edit your Liquid Leisure site.
Advertising and analytics cookies
Third-party services are used on windsor.liquidleisure.com for analysis-related purposes and not in the Liquid Leisure Booking Systems (WakeSys or Roller). Most browsers allow you to deactivate third-party cookies in their settings. You can also choose to deactivate third-party cookies by going to the Network Advertising Initiative site and following the instructions there.
Liquid Leisure uses the following third-party services
We will not intentionally disclose any personal data or client data that we collect or store on the service to third parties without the consent of the applicable Liquid Leisure user. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
We work with third party service providers who provide website, application development, hosting, maintenance, and other services for us. These third parties may have access to, or process personal data or client data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.
We guarantee that we do not collect and process your data for any other purpose than stated in the paragraphs above. This includes that we absolutely refrain from passing on and/or selling your personal data for advertising purposes or other purposes not stated above.
You can find additional information on how Google handles data related to your person in its advertising network here: https://policies.google.com/technologies/ads
What data does the Facebook pixel collect?
The Facebook pixel receives these types of data:
Http Headers – Anything present in HTTP headers. HTTP Headers are a standard web protocol sent between any browser request and any server on the internet. HTTP Headers include IP addresses, information about the web browser, page location, document, referrer and person using the website.
Pixel-specific Data – Includes Pixel ID and the Facebook Cookie.
Button Click Data – Includes any buttons clicked by site visitors, the labels of those buttons and any pages visited as a result of the button clicks.
Optional Values – Developers and marketers can optionally choose to send additional information about the visit through conversion tracking. Example custom data events are conversion value, page type, and more.
Form Field Names – Includes website field names like ‘email’, ‘address’, ‘quantity’ for when you purchase a product or service.
Find more information about Facebook Pixel here: https://www.facebook.com/business/help/651294705016616
WakeSys’ mission is to enhance any wakeboard or waterski park’s and school’s operations by reducing the manual efforts, providing an easy-to-use booking and management solution. With this mission, they seek to promote water sports and make them globally accessible to any person interested. Find more information here: https://www.wakesys.com/about
Roller provide online and POS booking systems for Amusement Parks, Trampoline Parks, Events Companies among other businesses. Find more information here: https://www.roller.software/
Domain Factory is a provider of web hosting solutions. WakeSys uses Domain Factory to store and backup data. Find more information here: https://www.df.eu/int/
Amazon Web Services
Amazon Web Services is a subsidiary of Amazon.com that provides on-demand cloud computing platforms to individuals, companies and governments, on a paid subscription basis. WakeSys uses Amazon Web Services to backup data. Find more information here: https://aws.amazon.com/
Adyen is a payments platform to accept payments anywhere, on any device. This is the payment platform used to process card payments online through the Roller booking system. Find more information here: https://www.adyen.com/about
Stripe is a technology company. Its software allows individuals and businesses to receive payments over the Internet. Stripe provides the technical, fraud prevention, and banking infrastructure required to operate on-line payment systems. Liquid Leisure uses Stripe to process online payments. Find more information here: https://stripe.com/de
PayPal Holdings, Inc. is an American company operating a worldwide online payments system that supports online money transfers and serves as an electronic alternative to traditional paper methods like checks and money orders. Liquid Leisure uses PayPal to process online payments. Find more information here: https://www.paypal.com/uk/webapps/mpp/home
When you visit a Liquid Leisure booking system, the booking system server automatically saves the information that your browser sends whenever you use the service. The information includes your request, IP address, browser type and language, and the date and time of your request. The information is used solely for analysing and maintaining the technical operation of the servers and network as a whole. It is automatically deleted after 3 months.
The communication between you and Liquid Leisure
Should you have questions, you can contact us at any time via email. We save your message so as to reply as quickly as possible, and to track and improve our support service. Your information will only be used to process your request.
Our notification emails contain links and graphics to help us learn whether you actually read our notification emails. This allows us to improve our service and increase quality control.
Visibility and publicly accessible information
Administrative access to the Liquid Leisure Booking Systems (WakeSys & Roller)
WakeSys & Roller team members are authorised to access the administrative sections of their respective systems when fulfilling requests by Liquid Leisure and tracking errors. In such cases, they are able to view all parts of the booking systems, including all password-protected areas. All members of the WakeSys and Roller teams are trained in privacy concerns and the confidentiality of data according to the respective Data Protection Acts.
Data Security Breach Procedures
We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical and physical safeguards to protect personal data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the personal data in our possession. This includes, for example, firewalls, password protection and other access and authentication controls. We use SSL technology to encrypt data during transmission through public internet.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your personal data has been compromised, please contact us (email@example.com).
If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.
Personal Data Disclosure
We will not disclose any personal data without your consent, unless:
We are required by law to do so.
We make use of third-party services to provide you with Liquid Leisure products or services. In these cases, we may need to share information.
We are happy to give you a summary of all data we have collected from you. This request for information is free of charge and will be processed as soon as it is received. Normally, we deliver such requests via email, but you can also request it to be sent via snail mail. If you want a detailed breakdown of collected data, please let us know precisely which data you would like to learn about. We want to make sure that you are really you and not someone pretending to be you, so we will need a copy or scan of your passport or driver’s license to fulfil a request for information. We only use the scan or copy to check your ID and respond to your request.
Correction, Deletion or Blocking
In accordance with Article 16 and Article 17 of the European Union’s General Data Protection Regulation (GDPR) on the protection of persons with regard to the processing of personal data, you are entitled to request that any data we collect from you be corrected, deleted or blocked from further use in cases that fall under the terms of the article. If you want to delete your data stored with us, please contact us via email (firstname.lastname@example.org) and we will process your request as soon as it is received.
Lodging a Complaint
In accordance with Article 77 of the European Union’s General Data Protection Regulation (GDPR) every data subject, in our case every customer, shall have the right to lodge a complaint with a supervisory authority, in particular in the member state of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this regulation.
Consequences of Non-Consent or Revoked Consent