top of page

Broken Spoke Bicycles Limited (the "Co-op" or "Broken Spoke")

Website: https://www.bsbcoop.org/ 

Policy Last Updated: October 2025

Data Controller: Broken Spoke Bicycles Limited (FCA number 31918R)

Data Protection (Privacy) Policy

for Broken Spoke Bicycles Limited

1. Introduction

Broken Spoke is committed to protecting the privacy and security of the personal data we collect. This policy explains how we collect, use, and process your personal data when you use our website, book services (e.g., Cycle Training, DIY Workshop), or interact with us.

By using our website, you agree to the practices described in this policy.

2. Data We Collect

We collect and process various types of personal data, including:

2.1 Information You Provide Directly

This includes data collected when you make a booking, purchase a product, sign up for a newsletter, or contact us:

  1. Identity Data: Name, title.

  2. Contact Data: Email address, telephone number, billing and delivery address.

  3. Transaction Data: Details about payments to and from you, and other details of products and services you have purchased from us.

  4. Programme Data: Information related to your booking (e.g., bike maintenance course attendance, cycle training level).

2.2 Automatically Collected Data

When you visit our website (hosted on the Wix platform), we automatically collect:

  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, location, operating system, and platform.

  • Usage Data: Information about how you use our website, including pages viewed, time spent on pages, and navigation paths.

3. How We Use Your Data and Legal Basis (GDPR)

We rely on several legal bases under the GDPR to use your data:

4. How We Store and Share Your Data

4.1 Data Location and Security

  • Wix Platform: Our website is hosted by Wix, and your data is stored through Wix's data storage, databases, and general Wix applications. Wix provides the necessary security infrastructure to protect your information.

  • Security Measures: We implement appropriate physical, electronic, and managerial measures to protect your personal data from accidental loss, unauthorised access, or disclosure.

  • DIY/Training Records: Certain programme records (e.g., cycle training notes) may be stored electronically only for the duration necessary to provide the service and for legal compliance.

​4.2 Third-Party Sharing

We may share your data with the following categories of third parties:

  • Wix: Our website host and platform provider.

  • Payment Processors: Such as Stripe, Zettle or PayPal, which securely process payments and do not store your full card details.

  • Analytics Providers: Such as Google Analytics, to help us understand website traffic and usage.

  • Law Enforcement/Regulators: If legally required to do so to comply with law or legal process, or to protect our rights, property, or safety.

5. Your Rights Under GDPR

Under data protection laws, you have the following rights regarding your personal data. To exercise any of these rights, please contact the Data Controller using the details provided above.
 

  1. Right to Access: You have the right to request copies of your personal data.

  2. Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or incomplete.

  3. Right to Erasure ('Right to be Forgotten'): You have the right to request that we erase your personal data, under certain conditions.

  4. Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.

  5. Right to Data Portability: You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.
    Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.

6. Cookies and Tracking Technologies

6.1 What are Cookies?

Cookies are small text files placed on your device by a website that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

6.2 Our Use of Cookies

Broken Spoke (via the Wix platform) uses cookies to:

  • Enable essential website functions (e.g., retaining items in your cart).

  • Analyse website traffic and measure performance (e.g., Google Analytics).

  • Remember your preferences.

By continuing to use the site, you consent to the placement of these cookies on your device.

7. Policy Changes

Broken Spoke reserves the right to update this Data Protection Policy at any time. We will post the updated policy on this page, with the "Last Updated" date revised. We encourage you to review this policy periodically to stay informed about how we are protecting your data.

8. Contact Information

If you have any questions about this Data Protection Policy or our data processing practices, please contact us at:

Email: admin@bsbcoop.org  Phone: 07551 711746

bottom of page