Privacy Policy

This privacy policy sets out how Bright Sparks Science CIC & Bright Sparks Events Limited uses and protects any information collected when you browse its website, make a purchase, book us a member of Active Network, or contact us. Bright Sparks is committed to ensuring that your privacy is protected. Any information by which you can be identified when using this website or any of our services will only be used in accordance with this privacy policy. Bright Sparks may change this policy by updating this page. You should check this page regularly to ensure that you are happy with any changes, and each time before you submit your personal information.

What information do we collect?

You may browse the Bright Sparks Science website without telling us who you are or revealing any personal data. The only information we gather during general browsing is from standard server logs. These include your IP address, domain name, browser type, operating system, and information such as the web site that referred you to us, the files you downloaded, the pages you visit, and the dates/times of those visits. This information is not used to develop a personal profile of you and is only recorded for the purpose of statistical analysis and to monitor website security. The log files are regularly purged. You may however choose to provide us with your personal data, for example, if you complete an enquiry form, book a service or become a member with Active Network. In circumstances such as these we will collect personal data from you to help process this request. You may be asked for:

  • name
  • occupational details
  • contact information including email address
  • demographic information such as postcode, preferences and interests
  • other information relevant to customer surveys and/or offers
  • payment details (such as debit or credit card details) if purchasing a product

What do we use personal data for?

Bright Sparks will use personal data collected through its website, through booking forms, or through email or telephone conversations with you, to answer enquiries and / or provide materials / services as requested. If you opt in to receive our occasional mailings, we will send the information to you termly. (You can unsubscribe at any time.) Our occasional mailings will relate to new activities, special offers or other information which is immediately relevant to the previous services you have enquired about or booked.

Data is shared between Bright Sparks Science CIC and Bright Sparks Events Limited, who operate within the same building using the systems. We will never sell your data to a third party.

Lawful basis for processing your personal data

Under GDPR, our lawful basis for processing your personal data when you make a purchase from us or join us as an Active Network member or make an enquiry, is performance of a contract with you.

Our lawful basis for processing any personal data that we collect as a result of a survey or competition is that it is necessary for our legitimate interests as a business (eg to survey how our customers use our services or to develop new products or services).

Our lawful basis for using log file and tracking data collected from our website, is that this is necessary for our legitimate interests as a business (ie to help keep our website up to date and secure, to improve the visitor experience on our website, and to develop our business and marketing strategy).

How long do we keep your personal data for?

We will keep your personal data for as long as necessary to fulfil the purposes outlined in this Privacy Policy, including for the purposes for satisfying any legal, accounting or reporting requirements which may require an extended retention period.

This means that we keep your account details for as long as you are an active customer of either Bright Sparks Science CIC and Bright Sparks Events Limited and for up to three years afterwards. We then keep a simplified record of the dates of your customer account with us on an ongoing basis.


Who do we share your personal data with?

We will only disclose personal data to government bodies and law enforcement agencies as required by law, successors in title to our businesses and suppliers whom we engage to process data on our behalf.

We use Active Network to manage our online booking system; this organisation is located in the USA and is EU GDPR compliant. Our website and mail servers are hosted by Ambinet, and our mailshots are managed by Active Network, both of which are located in the USA and are compliant with the equivalent US regulation known as the EU-US Privacy Shield Framework.

Your rights to your personal data under GDPR

Subject Access Requests:

You have the right to request a copy of the personal data that we hold about you; this is known as a Subject Access Request or SAR. Please send your SAR, or any of the other requests listed below, in writing to:

The Data Protection Officer, Bright Sparks Science CIC & Events Ltd Rear Office, 33 Northcourt Road Abingdon, Oxfordshire OX14 1PJ

Or via email to enquiries@brightsparksscience.co.uk

We will respond within one month of receiving your request.

Right to rectification:

If you believe that the data we hold about you is incorrect you can request that we correct it.

Right to erasure:

You have the right to request that your personal data be erased. Note that in certain circumstances we will not be able to erase all of your data immediately because we need to retain certain types of data for minimum periods to satisfy legal requirements. Note also that we cannot maintain your customer account without holding certain personal data about you.

Right to restriction:

You can ask us to restrict our use of your personal data if you believe that it is not accurate, or has been used unlawfully, or is no longer relevant, but you don’t want us to delete it.

Right to object:

You have the right to object to us using your personal data for our legitimate interests.

Right to data portability:

You have the right to ask us to provide the data that we hold about you in a commonly used format, eg as an Excel spreadsheet.


If you have a complaint about how we have kept your information secure, or how we have responded to a request to access, update, restrict or erase your data, you can refer us to the Information Commissioner’s Office (ICO).


We make all reasonable efforts to maintain security of your personal data. All of our computers are password protected and only accessible to authorised staff. Any paper records are only accessible to authorised staff.

free science show for your school
science birthday party
science club extra