02890 662 007
Register or Login

Opening hours

Monday – Friday: 10am – 10pm
Saturday/Sunday 10am – 8pm.

Bookings & Questions

028 90 662 007
boulderworld@gmail.com

Get Directions

Social media

Facebook
Instagram

Privacy Policy 

Boulderworlds Privacy Notice

UK GDPR & Data Protection Act 2018 Compliant (Northern Ireland)

Effective Date: 01.01.2019
Last Updated: 17.06.26

1. Who We Are

Boulderworld operates an indoor bouldering and climbing facility in Northern Ireland.

We are the data controller responsible for your personal data and are committed to protecting your privacy and handling your personal information transparently and securely.

Contact Details

Boulderworld Belfast Climbing Gym (Boulderworld Ltd)
Address: 41 Boucher Road
Email: boulderworld@gmail.com
Telephone: 02890662007

If you have any questions about this Privacy Notice or your personal data, please contact us using the details above.

2. Scope of This Privacy Notice

This Privacy Notice explains how we collect, use, store, share and protect personal information relating to:

  • Visitors and customers
  • Members
  • Online account holders
  • Participants in climbing activities, courses and events
  • Parents and guardians of junior climbers
  • Website users
  • Prospective customers

3. Personal Information We Collect

Identity and Contact Information

We may collect:

  • Full name
  • Date of birth
  • Home address
  • Email address
  • Telephone number
  • Emergency contact details

Membership Information

Where you hold a membership, we may collect:

  • Membership number
  • Membership status
  • Attendance records
  • Booking history
  • Membership preferences

Waiver and Safety Information

To help us provide a safe climbing environment, we may collect:

  • Signed participation waivers
  • Acknowledgement of climbing risks
  • Relevant medical information voluntarily provided by you
  • Incident and accident reports
  • Records of safety concerns

We only collect health-related information where necessary for safety, legal compliance, insurance requirements, or where you choose to provide it.

Payment Information

When processing memberships, passes, coaching sessions or merchandise purchases, we may collect:

  • Payment transaction records
  • Direct Debit details
  • Billing information

We do not store full payment card details on our systems where payments are processed by secure third-party payment providers.

Website and Online Account Information

When you use our website, booking system or member portal, we may collect:

  • IP address
  • Browser information
  • Device information
  • Website usage data
  • Login activity
  • Cookie data

CCTV Footage

CCTV operates within and around Boulderworld premises for security and safety purposes.

Footage may capture:

  • Customers
  • Visitors
  • Staff
  • Contractors

4. How We Collect Information

We collect personal information:

  • When you create an account
  • When you purchase a membership
  • When you complete a waiver
  • When you make a booking
  • When you sign up for coaching or events
  • Through correspondence with us
  • Through CCTV systems
  • Through our website and cookies
  • From parents or guardians of junior climbers

5. How We Use Your Personal Information

We use your information to:

Provide Our Services

  • Register customers and members
  • Manage memberships
  • Process bookings
  • Administer coaching sessions and events
  • Verify eligibility to climb

Ensure Health and Safety

  • Maintain signed waivers
  • Manage incidents and accidents
  • Contact emergency contacts when necessary
  • Comply with health and safety obligations

Process Payments

  • Collect membership fees
  • Process Direct Debit payments
  • Manage billing and account administration

Customer Service

  • Respond to enquiries
  • Resolve complaints
  • Provide support relating to memberships and bookings

Business Operations

  • Improve our services
  • Analyse facility usage
  • Maintain business records
  • Prevent fraud and misuse

Legal and Regulatory Compliance

  • Meet insurance requirements
  • Respond to lawful requests from authorities
  • Comply with applicable laws and regulations

6. Our Lawful Bases for Processing

Under UK GDPR, we rely on the following lawful bases:

Contract

Processing necessary to provide memberships, bookings and climbing services.

Legal Obligation

Processing required to comply with health and safety, accounting and other legal obligations.

Legitimate Interests

Processing necessary for:

  • Running our climbing facility
  • Managing customer relationships
  • Maintaining security
  • Preventing fraud
  • Improving services

We carefully balance these interests against your rights and freedoms.

Consent

Where required, such as:

  • Email marketing communications
  • Certain optional cookies

You may withdraw consent at any time.

Special Category Data

Where health information is processed, we rely on:

  • Explicit consent; and/or
  • Health and safety obligations; and/or
  • Establishment, exercise or defence of legal claims

as permitted under UK GDPR and the Data Protection Act 2018.

6A. Participation Waivers and Assumption of Risk Records

As climbing and bouldering involve inherent risks, all participants must complete an appropriate waiver before using our facilities.

We retain waiver records to:

  • Demonstrate acceptance of climbing risks
  • Meet health and safety obligations
  • Respond to insurance claims
  • Defend legal claims where necessary
  • Verify parental consent for junior climbers

Waiver records may be retained for extended periods where required by insurance providers or applicable limitation periods for legal claims.

7. Direct Debit Memberships

If you pay by Direct Debit:

  • Payment information is processed through authorised payment providers.
  • We receive information necessary to administer your membership and payment status.
  • Payment providers act as independent controllers or processors according to their contractual arrangements.

Please refer to the privacy notices of the relevant payment provider for further details.

8. Marketing Communications

With your consent, we may send information about:

  • Membership offers
  • Competitions and events
  • Coaching programmes
  • New facilities and services
  • Boulderworld news and updates

You may unsubscribe at any time by:

  • Clicking the unsubscribe link in emails; or
  • Contacting us directly.

We will not sell your personal information to third parties for marketing purposes.

9. Junior Climbers and Children’s Data

We welcome young climbers and take children’s privacy seriously.

For climbers under 18:

  • Registration must be completed by a parent or legal guardian where required.
  • Waivers must be completed by a parent or legal guardian where applicable.
  • Emergency contact information may be collected.
  • We collect only information necessary for participation and safety.

Parents and guardians may contact us to review, update or request deletion of their child’s information, subject to legal and safety obligations.

10. CCTV Monitoring

Boulderworld uses CCTV for:

  • Safety of customers and staff
  • Security of premises
  • Crime prevention and detection
  • Investigation of incidents and accidents
  • Protection of property

Signage is displayed throughout the facility informing visitors of CCTV operation.

Access to CCTV footage is restricted to authorised personnel and may be shared with:

  • Police Service of Northern Ireland (PSNI)
  • Insurers
  • Legal advisers
  • Regulatory authorities

where lawful and appropriate.

Footage is retained only for as long as reasonably necessary.

11. Who We Share Your Information With

To operate Boulderworld efficiently and securely, we use trusted third-party service providers who process personal information on our behalf.

These providers may include:

Membership, Booking and Facility Management

Vertical-Life

We use Vertical-Life to manage:

  • Memberships
  • Customer accounts
  • Bookings
  • Waivers
  • Attendance records
  • Climbing activity records

Vertical-Life processes personal information in accordance with its own privacy and security obligations.

Online Payments

Stripe

We use Stripe to process online card payments.

When making a payment, certain personal and payment information will be provided directly to Stripe. Boulderworld does not store full payment card details on its own systems.

Direct Debit Payments

GoCardless

We use GoCardless to administer Direct Debit memberships and recurring payments.

GoCardless processes payment information and banking details necessary to collect membership fees securely.

Website and IT Service Providers

We may use trusted third-party providers for:

  • Website hosting
  • Email services
  • Data storage
  • Technical support
  • Security monitoring

Professional and Legal Advisers

We may share information where necessary with:

  • Insurers
  • Solicitors
  • Accountants
  • Regulatory authorities

Emergency Services and Law Enforcement

Where necessary to protect the safety of individuals or comply with legal obligations, we may share information with:

  • Emergency services
  • The Police Service of Northern Ireland (PSNI)
  • Courts and regulatory bodies

We require all third-party service providers to respect the security of your personal information and to process it only in accordance with applicable data protection laws.

 

12. International Transfers

Where any service provider stores or processes information outside the United Kingdom, we will ensure appropriate safeguards are in place, including:

  • UK International Data Transfer Agreements (IDTAs)
  • UK-approved standard contractual clauses
  • Adequacy regulations where applicable

13. Data Retention

We retain personal information only for as long as necessary.

Customer account information, waivers, and booking records held within the Vertical-Life platform will be retained in accordance with Boulderworld retention policies and may remain archived for legal, insurance, health and safety, and operational purposes.

Typical retention periods may include:

Data Type Retention Period
Membership records Up to 7 years after membership ends
Financial records 6 years plus current financial year
Waivers Up to 7 years after last visit
Junior climber records Up to 7 years after reaching age 18 where required
Accident and incident records Up to 7 years, or longer where legal claims may arise
CCTV footage Typically 30–90 days unless required for investigation
Marketing records Until consent is withdrawn

Retention periods may be extended where required by law, insurance obligations or legal proceedings.

14. Your Rights

Under UK GDPR, you have rights including:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights relating to automated decision-making

Requests should be sent to the contact details provided above.

We may require proof of identity before responding.

15. Complaints

If you are unhappy with how we handle your personal information, please contact us first so we can attempt to resolve your concerns.

You also have the right to complain to:

Information Commissioner’s Office (ICO)

The ICO can be contacted via:

Information Commissioner’s Office Website

16. Changes to This Privacy Notice

We may update this Privacy Notice from time to time.

The latest version will always be available on our website and at our reception desk.

Version Control

Version: 1.0
Approved By: Lucy Mitchell (Manager)
Review Date: 17.06.26

2023 © All Rights Reserved
Made by Glaze