Privacy Policy

Vindolanda Trust Privacy policy

The Vindolanda Trust is committed to protecting your privacy and security. This privacy policy explains how and why we use your personal data and is intended to help ensure that you remain informed and in control of your information.

About us

The Vindolanda Trust was founded in 1970. The Vindolanda Charitable Trust's vision is to excavate and preserve the Roman remains in the Trust's ownership in the central sector of the Hadrian's Wall World Heritage Site. Its original objective was to administer the Vindolanda Roman Fort and its museum, but only two years after its founding in 1970 the Trust acquired the 'sister' Roman site of Carvoran, 15 minutes from Vindolanda and now administers the established Roman Army Museum tourist attraction next to Carvoran.

The Trust is committed to a twinned robust scholastic and visitor programme encompassing:

Research

Education

Public display and enjoyment of its monuments and finds from the Vindolanda excavations

The Trust encourages people of all ages and abilities to enrich their present and future by learning from the past. Our passion at the Trust is to preserve and share the gift of history. Our sites are not conceived as tourist attractions, they are places people can come and actively participate in historical and archaeological research.

The official address of the Vindolanda Trust, is Chesterholm Museum, Bardon Mill, Hexham, Northumberland, NE47 7JN.

When we talk about “we” or “us” in this privacy policy we mean the Trustees and senior Management of the Vindolanda Trust, working together to support and deliver the Vindolanda Trust’s aims and objectives.

When we talk about “you” or “your” in this policy we mean any living person whose personal data we collect.

When we talk about “Members” and “Membership” we are referring to subscribing members of the Friends of Vindolanda Scheme.

Your Personal Data

We collect “personal data”, which is information that identifies a living person, or which can be identified as relating to a living person.

Personal data we hold

We hold the following categories of personal data:

3.1. Personal data you provide

We collect data you provide to us. This includes information you give when you communicate with us, apply for membership, purchase tickets, products or services, sign up to receive communications from us, make a donation, apply for employment, volunteer or enter into a contract with us. For example we may hold:

personal details (name, gender, date of birth, email, address, telephone etc.)
family and spouse/partner or next of kin details
financial information (such as credit/debit card or direct debit details, and whether your donations are gift-aided);
your response to a Vindolanda Trust event or your intention to meet a member of our staff; and
details of the ways in which you wish to be contacted by us.

If you purchase Museum membership as a gift for someone, join as a family, your details will be recorded (as will the recipient’s) and your relationship to that person will be recorded.

3.2. Personal data generated by your involvement with the Museum

Your activities and involvement with the Museum will result in personal data being generated. This could include:

details of your areas of interest in the Museum’s collection
your attendance at special events
where you have asked us for information or written to us;
your visits to our websites
images of you captured by our CCTV systems
your purchasing history;
how you’ve helped us by volunteering or by donating money or objects to us, or
where you have applied for a job with us.

3.3. Personal data from third parties

We sometimes receive personal data about you from third parties, for example, if we are partnering with another organisation or where we may use third parties to help us conduct research and analysis about you to determine the success of our public offer and to help us provide you with a better experience (and this can result in new personal data being created).

We may collect information from social media about you, or if you post on any of our social media pages.

Occasionally, we may collect personal data about you (for example if you are particularly well known or influential) from the media and other publicly available sources. This may come from public databases (such as Companies House), news or other media. The sort of information we obtain from these sources might include details of other charities you may support and indicators of your leisure interests and financial status such as house value or post code.

3.4. Special category (‘sensitive’) personal data

We do not normally collect or store special categories of personal data. However there are some situations where we may need to do so. These may include, for example, if you work or volunteer with us or apply to do so, or if we need to know about any access, medical or dietary requirements you, or someone in your care, may have.

How we use your personal data

4.1. General use

We only ever use your personal data with your consent, or where it is necessary in order to:

enter into, or perform, a contract with you;
comply with a legal duty;
protect your vital interests;
carry out a task in the public interest; or
for our own (or for a third party’s) legitimate interests, provided your rights do not override these interests.

In any event, we will only use your personal data for the purpose or purposes for which it was obtained.

4.2. Marketing

We use your personal data to communicate with you in order to promote our activities and events and to help with fundraising. This includes keeping you up to date with our exhibitions, events and products in our shops, and to send you general information about fundraising, membership and other ways you may be able to support us or benefit from the Vindolanda Trust.

4.3. Administration

We use your personal data for administrative purposes including:

receiving donations (e.g. direct debits or gift-aid instructions);
maintaining databases of our Members and other supporters;
processing membership subscriptions;
performing our obligations under Membership contracts and other supporters’ agreements;
managing custody of our collection including our intellectual property rights;
carrying out due diligence to meet our compliance duties (for example, before making any acquisition into our collections, accepting financial support or making agreements for the supply of goods and services);
processing enquiries and requests for information;
managing feedback, comments and complaints we receive;
fulfilling orders for tickets, goods or services (whether placed online, over the phone or in person);
helping us respect your choices and preferences;
recruitment and staff management including pay, tax and pensions administration;
management of suppliers of goods and services;
managing your visit to Roman Vindolanda and the Roman Army Museum (e.g. health and safety; security, lost property and incident management);

4.4. Internal research and profiling

We carry out research and analysis on our visitors, Members and other supporters to determine the success of our public offer and programmes and other activities in the public interest and to help us provide you with a better experience (for example so that you only receive communications about areas of our activities or research you are mostly likely to be interested in).

We may evaluate, categorise and profile your personal data in order to tailor materials, services and communications (including targeted advertising) to your needs and your preferences and to help us to understand our audiences. For example, we may keep track of the amount, frequency and value of your support including your philanthropic involvement elsewhere. This information helps us to ensure communications are relevant, timely and in the best interest of our charitable purposes.

Disclosing and sharing your personal data

We will never sell your personal data.

If you have opted-in to marketing, we may contact you with information about our selected partners. These communications will always come from us and will usually be incorporated into our own marketing.

We use Direct Debit processors for the handling of payments and email providers for our marketing communications. Information is transferred to data processors securely, and we retain full responsibility for your personal data as the data controller. These activities are carried out under a contract which imposes strict requirements on our suppliers to keep your personal data confidential and secure.

Occasionally, we arrange events with other organisations. We may share your personal data with such organisations, for example where you register to attend events. We will only share information when necessary.

We may share your personal data where required to do so for prevention of crime or for taxation purposes (for example, with the police, HMRC) or where otherwise required to do so by other regulators or by law (e.g. the Charity Commission, Companies House).

Fundraising and marketing communications

6.1. Consent

Unless you have already given us your email address or telephone number so that we can tell you about making donations to us or about the supply of goods and services, we must ask you to “opt-in” to receive fundraising and marketing emails from us. You have the choice as to whether you want to receive or continue to receive these messages. You are also able to select how you want to receive them (post, phone, email, text) and to change your preferences at any time.

When you receive a communication from us, we may collect information about your response and this may affect how we communicate with you in future.

6.2. Newsletters and reports

If you are a Member or a Patron, we will send you the Annual Report (unless you specifically ask us not to) and you can choose to unsubscribe from general marketing communications to Members without cancelling your subscription to the Friends of Vindolanda Scheme.

Children and young people

7.1. Information for parents and guardians

We take great care to protect and respect the rights of individuals in relation to their personal data, especially in the case of those aged 13 or younger.

We will not use the personal data of children or young people for marketing purposes and we will not profile it.

Personal data about children and young people is only accessible by our staff on a strictly need to know basis.

Data security

8.1. Protection

We employ a variety of physical and technical measures to protect information we hold and to prevent unauthorised access to, or use or disclosure of your personal data.

Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Staff receive data protection training and we maintain a set of data protection procedures which our staff are required to follow when handling personal data.

8.2. Payment security

All electronic forms that ask you for your financial data will use the Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers.

If you use a payment card to donate, to buy Membership or to purchase something from us on-line, you will process your payment card details securely with our payment provider. We comply with the payment card industry data security standard (PCI-DSS) published by the PCI Security Standards Council.

CCTV

The Vindolanda Trust Museum premises are protected by CCTV and you may be recorded when you visit either Museum or the site. We use CCTV to help provide a safe and secure environment for visitors, for our staff and for the collection and to prevent or detect crime.

The system is managed in accordance with our standard operating procedures and with good practice guidance issued by the Information Commissioner’s Office. CCTV images will only be accessed by authorised security staff and are stored for up to 30 days, unless flagged for review

Storing your personal data

10.1. Where we store data

We are wholly based in the UK and store data within the European Economic Area. Some organisations which provide data processing services to us do so under contract and may be based outside of the EEA. We will only allow them to do so if your data is adequately protected.

10.2. Retention of your personal data

We will only retain your personal data for as long as it is required for the purposes for which we collected it (e.g. we have a genuine and legitimate reason and we’re not harming any of your rights and interests).This will depend on our legal obligations and the nature and type of information and the reason for which we collected it. For example, should you ask us not to send you marketing emails, we will stop storing your email address for marketing purposes; however we will need to keep a record of your preference.

We continually review what information we hold and will delete personal data which is no longer required.

Control of your personal data

11.1. Your rights

We want to ensure you remain in control of your personal data and that you understand your legal rights, which are:

the right to know whether we hold your personal data and, if we do so, to be sent a copy of the personal data that we hold about you (a “subject access request”) within one month;
the right to have your personal data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);
the right to have inaccurate personal data rectified;
the right to object to your personal data being used for marketing or profiling; and
(where technically feasible) the right to be given a copy of personal data that you have provided to us (and which we process automatically on the basis of your consent or the performance of a contract) in a common electronic format for your re-use.

There are some exceptions to the rights above and, although we will always try to respond to any instructions you may give us about our handling of your personal information, there may be situations where we are unable to meet your requirements in full.

If you would like further information on your rights or wish to exercise them, please contact our Data Protection Controller at the address below.

Should you wish to make a subject access request, we can provide you with a template form which includes guidance on how to do this. Please contact us for a copy of the template for a subject access request.

11.2. Complaints

Should you have a complaint about how we have used (‘processed’) your personal data, you can complain to us directly by contacting our Data Protection Controller in the first instance.

If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to the UK Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to do this can be found at www.ico.org.uk

Cookies

Our websites use local storage (such as cookies) in order to provide you with the best possible experience and to allow you to make use of certain functionality (such as being able to shop online).

Links to other sites

Our websites contain links to other external websites. We are not responsible for the content or functionality of any such websites. Please let us know if a link is not working by contacting [email protected]

If a third party website requests personal data from you (e.g. in connection with an order for goods or services), the information you provide will not be covered by this privacy policy. We suggest you read the privacy notice of any other website before providing any personal information

Changes to this privacy policy

We may amend this privacy policy from time to time to ensure it remains up-to-date and continues to reflect how and why we use your personal data. The current version of our privacy policy will always be posted on our website.

Any questions you may have in relation to this privacy policy or how we use your personal data should be sent to Colin Galloway at Vindolanda Trust, Chesterholm Museum, Bardon Mill, Hexham, Northumberland, NE47 7JN or email [email protected] .

Your data may also be available to our website provider to enable us and them to deliver their service to us, carry out analysis and research on demographics, interests and behavior of our users and supporters to help us gain a better understanding of them to enable us to improve our services. This may include connecting data we receive from you on the website to data available from other sources. Your personally identifiable data will only be used where it is necessary for the analysis required, and where your interests for privacy are not deemed to outweigh their legitimate interests in developing new services for us. In the case of this activity the following will apply:

Your data will be made available to our website provider
The data that may be available to them include any of the data we collect as described in this privacy policy.
Our website provider will not transfer your data to any other third party, or transfer your data outside of the EEA.
They will store your data for a maximum of 7 years.
This processing does not affect your rights as detailed in this privacy policy.

Latest

WelcoMe booking page

Page with access to the WelcoMe apps to notify staff of upcoming visits
Lost (Letters) & Found (Photographs)

Guest blog: Dr Catherine Teitz
When a photograph can’t speak a thousand words, but a letter can. Dr Teitz looks at photographs from the Vindolanda archive and how they can help us understand more about the site and its history. Continuing the blog series on Archive Archaeology.
Productive Piles of Paper

Guest blog: Dr Catherine Teitz
Continuing the blog series on Archive Archaeology, Dr Teitz is looking at where our archives are and what can be found within them.
Archive Archaeology

Guest blog: Dr Catherine Teitz
Ever wondered how archaeologists keep learning about the site beyond the excavation and the lab? Or wondered why all their paperwork might be important? Archives are so much more than silent libraries, crumbling books, and dusty boxes. Find out more here!

Tickets

How to visit Vindolanda Roman Fort and Museum and the Roman Army Museum. This page will take you through the new systems we have in place for visiting our sites, what is open and how to visit.
Roman Vindolanda Fort & Museum

Visit Roman Vindolanda today and you will find one of the North East’s most famous and not to be missed tourist attractions lying in the beautiful landscape of Hadrian's Wall Country. Formerly a key military post on the northern frontier of Britain, Vindolanda is the home of Britain's 'Top Treasure' - the Vindolanda Writing Tablets - and is one Europe's most important Roman archaeological sites, with live excavations taking place every year.
Roman Army Museum

Lying in magnificent countryside next to a sweeping section of Hadrian's Wall and based at the site of Magna Roman Fort, the Roman Army Museum is an authentic and dramatic tribute to Rome’s extraordinary military legacy. Step into the life of a Roman soldier and experience life on the front line of Emperor Hadrian’s formidable British frontier.
Booking and Visiting FAQ's

Have you got questions about what to expect when you arrive or how to book? Take a look at our Frequently Asked Questions page which answers some of our visitors most popular queries.
Luna, Moon Goddess

Volunteer blog - Jackie James
The ancient Roman moon goddess, Luna, derives her name from the Latin lucere, meaning ‘to shine’ and was seen not only as the divine embodiment of the moon but also the female counterpart of the sun, Sol.
Getting here

How to find us no matter how you like to travel. Whether biking, busing or marching, make your journey as smooth as possible and enjoy more time with us.
Day Planner

This is a suggested day planner for your visit to Roman Vindolanda and the Roman Army Museum.
Book a Place

Find out about what's involved, how to participate and when you can see the digging taking place. We are now fully booked for the 2024 Excavation season.
Work for us

Find out about any opportunities to join the award winning teams at Vindolanda and the Roman Army Musuem. We currently have three new fixed term posts with the Vindolanda Trust- Part of the Hadrian’s Wall World Heritage Site and based at the Roman Site of Magna.
Local Accommodation

There is a vast range of places to stay near to Vindolanda and the Roman Army Museum with all budgets catered for.

Carved stone depicting mystery horseman uncovered.

A beautifully carved sandstone relief which depicts a naked male figure holding a spear stood in front of a horse/donkey has been uncovered during the annual excavations at the Roman fort of Vindolanda near Hadrian’s Wall in Northumberland. Read more