Bristol Airport Master Plan

Noise
Action Plan

Have your say >

You are here:
>
Privacy policy

Privacy policy

Bristol Airport Limited (“Bristol Airport”) is committed to preserving the privacy of all our passengers, visitors and job applicants, and to protecting any personal information that you may provide to us.  We believe it is important for you to know how we treat the information we receive and how we carry out data processing practices.  Please read the following Privacy Policy to understand how we use and protect the information you provide to us and how we may use and protect it in the future.

CONTENTS

ABOUT BRISTOL AIRPORT

This section sets out who we are. It provides some useful information about us including our company number, registered address and data controller registration number (provided by the Information Commissioner’s Office).

ABOUT THIS PRIVACY NOTICE

This section tells you when this privacy policy applies (e.g. when you use our website or communicate with us).

WHAT PERSONAL DATA DO WE COLLECT ABOUT YOU?

This section informs you of exactly what personal data we collect about you and why. This includes information that is provided to us directly by you as well as information that we gather from your visits to our website and information that we receive from other sources.

HOW IS YOUR PERSONAL DATA COLLECTED?

This section explains to you the different ways in which we will collect the personal data that you provide to us.

PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA?

This section explains how we will use personal data that you provide to us. We also set out what we consider to be the legal basis for processing your personal data for each purpose, this is to ensure that you have all the information that we are required to provide you by law.

OUR COMMUNICATIONS WITH YOU

This section sets out our approach to marketing communications and services communications. It explains how we will ensure that you only receive communications that you wish to receive, and also tells you how we use certain tools in order to tailor our marketing to you. We will ensure that you have total control over the information that you receive.

WHO WILL HAVE ACCESS TO YOUR PERSONAL DATA AT BRISTOL AIRPORT?

This section explains which of our employees and authorised representatives will have access to your personal data. It also explains the reason for our employees and authorised representatives accessing your personal data.

WHO ELSE MIGHT WE SHARE YOUR PERSONAL DATA WITH?

This section informs you of who we share your personal data with. It also explains the reason for sharing; this is largely so that we can provide our services to you.

HOW DO WE PROTECT YOUR PERSONAL DATA?

This section explains how we keep your personal data safe and where it will be held.

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

This section explains the length of time that we will retain your personal data. It also explains why we would hold your personal data for such time periods.

WHAT ARE YOUR RIGHTS?

This section explains that you have rights in relation to your personal data. It also explains what these rights are and how you can go about exercising them.

WHO CAN YOU ASK FOR MORE INFORMATION?

This section provides you with contact information should you have any questions or concerns about the way we handle your personal data. It also explains how you can contact the data protection regulator should you be unsatisfied with our response to your data protection issues.

CHANGES TO THIS PRIVACY NOTICE

This section sets out how we’ll tell you about changes to this privacy notice.

COOKIES

For information about the cookies we use, please see our cookies policy.

About Bristol Airport Limited

Bristol Airport Limited (“Bristol Airport”, “we", "our" or "us") is a company registered in England and Wales (company number 05403024) whose registered office is Administration Building, Bristol Airport, Bristol BS48 3DY.

We are registered as a data controller with the Information Commissioner’s Office and our registration number is Z5378995.

About this Privacy Notice

This privacy notice applies to the personal data we collect about:

Passengers or Visitors to our Airport:

Job Applicants:

What personal data do we collect about you?

This section informs you of what information we collect about you and why. Personal data means any information about an individual from which that individual can be identified.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, surname, username or similar identifier, marital status, title, date of birth, and gender and CCTV and BWV footage
  • Contact Data includes billing address, delivery address, postcode, email address and telephone numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details as to your flight bookings, details about payments to and from you and other details of products and services you have purchased from us such as car parking or fast track.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Profile Data includes your username and password, purchases or orders made by you, any interests communicated to us to enable the personalisation of services, travel preferences, feedback and survey responses, and your marketing or communications preferences.
  • Usage Data includes information about how you use the Website, products and services.
  • Health Data includes information relating to your mobility and disability status to enable us to provide assisted travel and any information detailed within any accident or incident reports that relates to personal injury or receipt of medical attention.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data is not considered personal data in law as this data does not directly or indirectly reveal your identity. An example of aggregated data would be where we use your Usage Data to calculate the percentage of users accessing a specific Website feature. If the aggregated data is combined with other personal data to directly or indirectly identify you, we will treat this combined data as personal data and in accordance with this privacy policy.

Special Category Personal Data includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not seek to collect or otherwise process your Special Category Data, except where:

  • we have obtained your explicit consent prior to processing your Special Category Data (e.g. you consent to us processing your health data to provide travel assistance services to you);
  • the processing is necessary for compliance with a legal obligation;
  • the processing is necessary for the detection or prevention of crime to the extent permitted by applicable law;
  • you have manifestly made those Special Category Data public;
  • the processing is necessary for the establishment, exercise or defence of legal rights; or
  • processing is necessary for reasons of substantial public interest and occurs on the basis of an applicable law that is proportionate to the aim pursued and provides for suitable and specific measures to safeguard your fundamental rights and interests.

How is your personal data collected?

We use different methods to collect data from and about you depending on which services you use. We set out below the various types of interactions we may have with you together with a summary of the data we collect. 

When you visit our Website, we collect personal data about you if you fill in forms on our Website or correspond with us by telephone, email or otherwise. This includes information you provide when you:

  • register an account with us
  • sign up to our "Rewards" marketing emails;
  • enter our competitions; 
  • book our services (e.g. car parking, fast track and executive lounge bookings)
  • make an enquiry or complaint to us or enter a survey;  
  • respond to our consultations about Bristol Airport and our future.

We may process personal data that you manifestly choose to make public,including via social media.

Automated technologies or interactions

If you use our Website, we automatically collect the following information:

  • web usage information (e.g. IP address), your login information, browser type and version, time zone setting, operating system and platform; and
  • information about your visit, including the full Uniform Resource Locators (URLs) clickstream to, through and from our Website (including date and time); time on page, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs).

 Where we collect information about you in the ways described above, we do so on the basis that it is in our legitimate interests to collect and process this data.  We do this to find out things such as the number of visitors to the various parts of the site. This information is processed in a way which cannot identify you as an individual. We do not make, and do not allow our third party service providers to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be clear about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

Use of Cookies by Bristol Airport

Cookies are small text files that are stored on your computer when you use our website.  You can read more about how we use cookies on our Cookies Policy

Other Websites

Our site may contain links to other websites which are outside our control and are not covered by this privacy notice.  If you access other websites using the links provided, the operators of these websites may collect information from you which will be used by them in accordance with their privacy policy, which may differ from ours.  We do not accept any responsibility or liability for these policies.  Please check these policies before you submit any personal data to these websites.

Internet Based Transfers and Disclaimer

Your privacy and the security of your data matters to us. We use the measures we think are necessary to protect against viruses and other harmful components but the nature of the internet is such that it is impossible to ensure that your access to the Website will be uninterrupted or error-free, or that this Website, its servers or emails which may be sent by us are free of viruses or other harmful components. 

CCTV

We use CCTV cameras across our site including our offices, carparks and terminals.

The purpose of the CCTV system is to promote safety, prevent and detect crime or disorder and to protect the rights and freedoms of others.
Additionally, specifically at Bristol Airport the images are used to:

  • Monitor passenger throughput
  • To monitor the security of our business premises
  • Monitor occupancy levels
  • Maintain customer service standards
  • Monitor queue lengths
  • Monitor operational processes 

Images produced by the CCTV equipment are intended to be as clear as possible so that they are effective for the purposes set out above.  
If you are driving onto our site, your vehicle registration details will also be collected by our automatic number plate recognition system.

Body Worn Video Cameras

Bristol Airport employees responsible for the security and safety of people on our site may wear body worn video cameras (BMV) to enable an incident to be recorded.

BWV will only be initiated when absolutely necessary. Our employees will initiate the recording of an incident by pressing a button on the BWV camera.  The footage being recorded is clearly visible on a screen facing outwards towards the data subject.  Recordings include video images of the data subject, audio of the incident and vehicle registration details.

Wherever possible, our employees will also attempt to capture the following information:

  • Salutation, First name and Surname
  • Email address
  • Postcode and house number
  • Contact telephone number

Images produced by BWV are intended to be as clear as possible so that they are effective for the purposes set out above.

We may disclose CCTV and BWV footage if requested to do so by any law enforcement agency, by any of our regulators, or otherwise in relation to any legal claims made by or against us.

Purposes for which we will use your personal data

In this section, we set out how we will use the personal data you provide to us in order to carry out the activities relevant to the provision of our services to you.

We must have a legal basis for processing your personal data. We consider that we have a legal basis where:  

  • you have given us consent to do so for the specific purposes which we have told you about - for example, we will need your consent to process any health information you provide to us, such as information relating to mobility;
  • it is necessary for us to do so to enable us to provide you with the services that you have requested from us - for example, contacting you about your journey;
  • it is necessary in order to fulfil our legitimate interests (or those of our Business Partners) and your interests and fundamental rights do not override those interests; or
  • the law otherwise permits or requires it.

Where we process your personal data on the basis of our legitimate interests, these are:

  • our (or our Business Partners) interests in providing our services to you in an efficient and secure manner;
  • our interests in attracting and retaining customers, and improving customer engagement with our website and marketing communications;
  • other legitimate interests as outlined in the section below.

We have set out below a list of all the ways we may use your personal data and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.

In some cases we may use more than one legal basis for processing your personal data; this will depend on the specific purpose for which we are using your personal data. Please contact us if you have any queries about the specific legal basis that we rely on for processing your personal data.

Visitors to our website and people who sign up to our “rewards” marketing e-mails

Why do we process personal data (our purpose)?

  • To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
  • To use data analytics to improve the Website, products/services, marketing, customer relationships and experiences
  • To make suggestions and recommendations to you about goods, services or content that we feel may interest you
  • To notify you about changes to our Website, services, terms or privacy policy
  • To maintain a suppression list should you opt-out of receiving communications

What personal data may be processed? Identity, Contact, Profile, Usage and Technical data

What is our legal basis for processing?

  • Necessary to comply with a legal obligation
  • Consent
  • Performance of a contract with you
  • Necessary for our legitimate interest:
  • to study how you use our products/services, to develop them, to grow our business and to inform our marketing strategy
  • to define types of customers for our products and services, to keep the Website updated and relevant

  • to develop our business and to inform our marketing strategy

  • to ensure that we are not at risk of breaching data protection laws by communicating with you where you have asked us not to

  • to tell you important information about changes that may affect you

Passengers and Visitors to our airport

Why do we process personal data (our purpose)?

  • To capture boarding card details to validate customers through airport security
  • To improve customer journeys through our airport
  • To help provide a safe environment for our employees and customers; and to improve the quality of evidence available for submission to the authorities including the use of CCTV and BWV
  • To conduct health and safety assessments and record keeping and compliance with related legal obligations
  • To provide access to our airport site

What personal data may be processed? Identity, Technical, Profile and Health data

What is our legal basis for processing?

  • Performance of a contract with you
  • Necessary to comply with a legal obligation
  • Necessary to protect the vital interests of any individual
  • Necessary for our legitimate interests:
  • to enable us to improve our customer journeys through our airport

  • to protect employee and customer safety and assist with the verification of any claims

  • in providing a safe and secure environment at our premises.

People who enter our competitions

Why do we process personal data (our purpose)?

  • To enable you to partake in a prize draw or competition 

What personal data may be processed? Identity, Contact, Profile and Usage data.

What is our legal basis for processing? Performance of a contract with you.

People who are purchasing services from the airport (i.e. car park bookings, fast track bookings, executive lounge bookings and Airport flyer bookings)

Why do we process personal data (our purpose)?

  • To register you as a new customer for our services
  • To carry out our obligations arising from any contracts entered into between you and us (e.g. car parking, Fast Track and Executive Lounge Bookings) including managing payments, paying refunds or compensation, fees and charges; collecting and recovering money owed to us; running fraud checks if we have reasonable suspicions
  • To provide you with the information, products and services that you request from us including, but not limited to, contacting you about your experience of our airport
  • To ask you to leave a review or take a survey

What personal data may be processed? Identity, Contact, Financial, Profile

What is our legal basis for processing?

  • Performance of a contract with you
  • Necessary for our legitimate interests:
  • to recover debts due to us, to pay refunds or compensation owed to you and to prevent us facilitating fraud)
  • to receive feedback on the performance of our services and study how customers use our products/services to enable us to develop and grow our business

People who sign up for airport Wi-Fi services

Why do we process personal data (our purpose)?

  • For statistical purposes
  • To enable us to administer your “Rewards” account where you have signed up to such an account

What personal data may be processed? Identity, Contact and Technical

What is our legal basis for processing?

  • Consent
  • Necessary for our legitimate interest (to study how you use our products/services, to develop them, to grow our business and to inform our marketing strategy)

People who make general enquiries to the airport and People who make complaints to the airport

Why do we process personal data (our purpose)?

  • To respond to your enquiries, complaints or to process your requests in relation to your information (including lost property).

What personal data may be processed? Identity, Contact and Financial

What is our legal basis for processing? Performance of a contract with you. Necessary for our legitimate interests (to ensure that we are able to hold and return lost property to the right individuals).

People who require access to secure areas of the airport

Why do we process personal data (our purpose)?

  • To provide access to our airport site

What personal data may be processed? Identity and Contact data

What is our legal basis for processing? Necessary for compliance with a legal obligation.

People who have opted to receive updates on Bristol Airport consultations and people who provide feedback on our consultation website

Why do we process personal data (our purpose)?

  • To provide you with information about our consultations
  • To analyse responses to our open consultations

What personal data may be processed? Identity, Contact and Profile data

What is our legal basis for processing? Consent.

Stakeholders who are kept up to date about the Airport

Why do we process personal data (our purpose)?

  • To provide our stakeholders with updates and news on the airport and its services

What personal data may be processed? Identity, Contact and Profile data

What is our legal basis for processing? Necessary for our legitimate interest (for conducting our day-to-day business and communicating with business contacts).

People who are doing business with the airport on behalf of another organisation

Why do we process personal data (our purpose)?

  • To communicate with our business contacts

What personal data may be processed? Identity, Contact, Technical and Profile data

What is our legal basis for processing? Necessary for our legitimate interest (for conducting our day-to-day business and communicating with business contacts).

Other purposes necessary for business operations

Why do we process personal data (our purpose)?

  • To administer and protect our business and the Website (including training our employees, troubleshooting, data analysis, testing, system maintenance, security audits, support, reporting and hosting of data)
  • To establish, exercise and defend our legal rights

What personal data may be processed?  Identity, Contact, Financial, Transactional, Technical, Profile, Usage, Health

What is our legal basis for processing?

  • Necessary to comply with a legal obligation
  • Performance of a contract with you
  • Necessary for our legitimate interest:
  • for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise
  • for the purpose of establishing, exercising or defending our legal rights.

Our communications with you

Marketing Communications

We will only use your personal information to send you marketing messages if we have either your consent or a 'legitimate interest'. A 'legitimate interest' is when we have a business or commercial reason to use your information, and only if it does not unfairly go against what is right and best for you. For example, if you do not opt out of receiving email marketing from us when you make a booking with us, we will use your information to send you marketing emails about our own similar products and services which we think might interest you.

If you consent to receive additional communications (by mail, telephone, SMS, text/picture/video message, app push notifications or email) from us and any named third parties that feature at the point of obtaining consent  in respect of such information, we will process your personal data in accordance with this privacy policy.

The personal data we have for you is made up of what you tell us, the data we collect about you when you use our services and the data provided to us by third parties we use to deliver our marketing communications.

If you no longer wish to receive marketing communications from us, you may unsubscribe at any time by unsubscribing from the relevant communication channel or by contacting us at [email protected]. If you choose not to receive this information we will be unable to keep you informed of new products, services and promotions that may interest you.
Whatever you choose, you'll still receive booking confirmations and information relating to your journey through the airport.

How we tailor our marketing communications to you

We regularly conduct research about how individuals use the services we offer. That research helps us gain a better understanding of what we are doing well, and where we can still improve. If you receive our e-mail offers, it also helps us to send you offers which are most relevant to your specific situation.

In order to send you marketing information which we think is the most relevant to you, we combine the data we hold on you in order to build up a picture of the types of products and services which might be of interest to you in the future.  The data used to do this may come from information you have previously shared with us, your past transactions and online behaviour as well as information about our marketing emails you have opened or clicked on.

Service Communications

We may send you communications such as those which relate to any service updates (e.g. service disruption) or provide customer satisfaction surveys. We consider that we can lawfully send these communications to you as we have a legitimate interest to do so, namely to effectively provide you with the best service we can and to grow our business.

Remarketing Cookies

You may notice that sometimes, after visiting a website, you see increased numbers of adverts from the site you visited. That’s because the website you visited has placed a cookie on your web browser. Using that cookie and web analytic tools, the website owner will be able to show you adverts on third-party websites that they think you might be interested in. This cookie does not give access to your computer or mobile device, but may be able to identify you from other details. Bristol Airport sometimes does this.

Google Advertising

Our Website uses Google Advertising to show relevant adverts to users who have previously visited us as they browse the web. This enables us to tailor our marketing to better suit your needs and only display ads that are relevant to you. You may see Bristol Airport in search results pages (using Google Adwords), on YouTube, in banner adverts on Gmail and on other services run by Google.

Any information collected will be used in accordance with our own privacy policy and Google’s privacy policy.

If you do not wish to see ads, you can:

  • opt out of Google’s use of cookies through Google’s Ads Settings; or
  • refuse the use of cookies by downloading and installing Google Analytics Opt-out Browser Add-on.

Facebook Advertising

We also use similar targeted advertising technology to ensure that we only serve people with adverts on their Facebook pages that are relevant to them. To enable us to do this, we include a piece of code on our websites, called the Facebook Pixel. The information collected, for example which pages you visited, which device you used and what actions you took, will be used in accordance with our own privacy policy, as well as Facebook’s privacy policies. The Facebook Pixel only lasts for 60 days. Using the Facebook Pixel, we can also remarket adverts to you through Instagram, which is owned by Facebook. You can set preferences for how Facebook advertises to you using your Facebook ad preferences.

We undertake some of these activities by using cookies. Our cookies policy sets out more information about the use of cookies including details about how to switch off our use of cookies.

Job Applicants

If you apply for a position with us, we will collect, store and use information about you to carry out our activities and obligations as your potential employer. We will only do this where:

  • it is necessary in order to comply with legal obligations which apply to us;
  • it is necessary for the performance of your employment contract;
  • it is necessary in order to fulfil our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or
  • the law otherwise permits or requires it. 

We use a third-party provider, Harbour, to manage details of individuals who have expressed an interest in working for us. Harbour will collect the following information about you:

  • First name and surname
  • Email address
  • Phone numbers
  • Address
  • Other CV content

Details received are only accessible by our employees and authorised representatives who have a legitimate business need to access your personal data for the purposes of reviewing your application, including our resourcing team and the hiring manager. To comply with our legal, statutory and regulatory obligations we may share your personal data with authorities including but not limited to the Civil Aviation Authority.

If we receive applications outside of the Harbour system, our employees will attempt to contact you to direct you to the appropriate channel. Any personal data received outside the accepted process will not be retained and will be securely destroyed.

REFERENCING CHECKS

If you are successful in your application for a position with us, you will be contacted by our third-party provider, Procius, who will request details from you for referencing purposes.  In some cases, our Resourcing Team may contact you and submit your data on your behalf directly into the Procius system.

Upon successful completion of the referencing process, these details will be transferred to the ID Gateway system.

Prior to starting employment with us, successful candidates will be required to complete a new employee questionnaire form which captures the following personal information:

  • Salutation, First name and Surname
  • Aliases / Previous Surname
  • Phone numbers
  •  Address
  • Date of Birth
  • National Insurance Number
  • Gender
  • Marital Status
  • Bank Account Details
  • Emergency contacts

We may share your personal data with third-party service providers who assist us with administering our potential employment relationship with you. This may include occupational health, benefits administration providers, employment screening bureaus, communications service providers (e.g. to facilitate video interviews), insurance providers and legal services providers. Any such third parties will only be permitted to use your personal data for specific purposes in accordance with our instructions and not for their own purposes.

We will not keep the personal data belonging to any unsuccessful applicants for longer than 12 months after you have been notified.

Who will have access to your personal data at Bristol Airport

Your personal data will only be seen or used by our employees or authorised representatives who have a legitimate business need to access your personal data for the purposes set out in this privacy notice.

We are committed to protecting your data. We have implemented appropriate physical, technical and organisational security measures designed to secure your personal data against accidental loss, destruction or damage and unauthorised access, use, alterative or disclosure.

Who else might we share your personal data with?

This section sets out who we share your personal data with and why. Except as explained in this privacy notice, we will not share your personal data without your consent unless required to do so by law.

We may share your personal data with you, and where appropriate, your family, your associates and your representatives.

We may disclose your personal data to the British Transport Police, the Civil Aviation Authority or any other law enforcement agency or court to the extent necessary for purposes including preventing, investigating, detecting, and prosecuting criminal offences; preventing threats to public security in accordance with applicable law; or validating a claim.

We will share your personal data with our suppliers and contractors for the purposes of providing our services to you. Where we refer to our ‘Business Partners’ in this Privacy Notice, we are referring to these organisations. Specifically, we share your personal data with the following third parties for the purposes set out below:

Function Our third party service provider(s)
Queue monitoring: to improve customer journeys through our airport
Blip Track 
Boarding cards: to capture board card details to validate customers through airport security
ICTS Systems 
Lost property 

City Sprint

First Flight 

 Left Luggage EirPoint
 To distribute email marketing and consultation communications 

Dotmailer

Preact

 Parking, fast track security and lounges 

Mego Ltd

Airport Valet Company Ltd

Chauntry

Apcoa

Three Cherries

Swissport

 Customer surveys: for the purposes of obtaining customer feedback on our services  Reevo
 Airport flyer: for the purposes of processing bookings on our flyer service  Spider Online
 Wi-fi for the provision of our Wi-fi service Virgin Media
 Consultations on the future of the airport including for the purposes of analysing responses to our open consultations 

Delib

Wood PLC

 Managing the provision of secure access to our site   ICTS
 Administering prize draws and competitions   Great State 

In addition to the above named third party service providers, we may also share your personal data with the following third party service providers who assist us with administering the provision of our services to you

  • business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
  • analytics and search engine providers that assist us in the improvement and optimisation of our site;
  • other aviation industry bodies in order to comply with our regulatory obligations and to help resolve complaints or other issues; and
  • agents we engage to perform functions on our behalf including sending customer communications, analysing data, providing marketing assistance, processing payments and researching customer satisfaction. They have access to personal data needed to perform their functions, but may not use it for other purposes.

We also share limited personal data with our shareholders. If there is a change in our ownership (or if a change is contemplated), we may share your personal data with the new owner (or a prospective new owner).

How do we protect your personal data?

This section explains how we keep your personal data safe and where it will be held.

We take your privacy seriously and are committed to maintaining the privacy and security of the personal data you provide to us, and the choices you have regarding our collection and use of your personal data.

Once we have received your personal data, we follow strict security procedures as to how your personal data is stored and used, and who sees it, to help stop any unauthorised access.

Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. You should not share this information with anyone.

We do not transfer your information outside the European Economic Area (EEA).

Unfortunately, the transmission of your personal data via the internet is not completely secure and although we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us over the internet and you acknowledge that any transmission is at your own risk.

How long do we keep your personal data?

In this section, we explain the length of time that we will retain your personal data.

We will keep your personal data for no longer than is necessary for the purposes for which it was obtained. The criteria for determining the duration for which we will retain your personal data are as follows:

1. the period for which:

  •  we have an action relationship with you; or
  • your personal data is necessary in connection with the lawful purposes set out in this policy for which we have a valid legal basis.

PLUS

2. the period of:

  • any applicable limitation period under applicable law (i.e. any period during which any person could bring a legal claim against us in connection with your personal data, or to which your personal data may be relevant); or
  • an additional reasonable period following the end of such applicable limitation period.

AND

3. in addition to 1 and 2, if any relevant legal claims are brought, we may continue to process your personal data for such additional periods as are necessary in connection with that claim.

During the periods in paragraph 2 above, we will restrict our processing of your personal data to the storage of, and maintaining the security of, those data, except to the extent that those data need to be reviewed in connection with any legal claim or obligation under applicable law.

After this period your personal data will be anonymised so that you are no longer identified or identifiable from such information, or securely deleted/destroyed.

Any third parties that we engage will keep your data stored on their systems for as long as is necessary to provide the relevant services to you or us. If we end our relationship with any third party providers, we will make sure that they securely delete or return your personal data to us.
The retention periods for CCTV and BWV vary depending on the location and system in use. For more information please contact us using the details provided in “Who can you contact for more information?”. 

What are your rights?

You have certain rights in relation to the collection, storage and deletion of your personal data. Specifically, you have the following rights:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

Under your right of access, you have the right to ask us what personal information we hold on you. This is called a ‘Subject Access Request’ or ‘SAR’. The best way to do this is by competing the ‘Contact Us’ page on our website, or by writing to us at Bristol Airport, Bristol BS48 3DY. We will respond to your SAR within 30 days. You may also ask for information that may be incorrect to be rectification (your right to rectification).

You can request that we delete the data we hold on you. However, if we require the data to fulfil a contract, or for legal purposes, then we may not be able to fulfil your request, but we will always let you know if this is the case.

If you have asked Bristol Airport to see, change, delete or restrict the data we use, and you are not satisfied with the response you have received, you have the right to refer the matter to the Information Commissioner's Office (ICO)

Who can you ask for more information?

If you have any comments, queries or requests relating to our use of your personal information or any questions about this Privacy Notice, please contact us using the details provided on the Contact Us page or email us at [email protected]. We welcome your questions and any suggestions you may have about our Privacy Notice.

We have appointed a Data Protection Officer. They are responsible for our approach to data protection and protecting your privacy. You can contact them at [email protected]
If you are unsatisfied with our response to any data protection issues you raise with us or our DPO, you have the right to make a complaint to the Information Commissioner’s Office (ICO).The ICO is the authority in the UK which is tasked with the protection of personal data and privacy.   

Changes to this Privacy Notice

We keep our Privacy Notice under regular review and the latest version will always be available on our Website. If we make any important changes, we will tell you about these.

This privacy notice was last updated June 2018.

10% off parking when you sign up to our emails
Close