Welcome to the website of the Hertford Carnival


Privacy policy and Cookie declaration

Privacy Policy;


How Hertford Carnival Committee uses your personal information

Website specific


Cookie declaration


Privacy Policy

The GDPR came into force on 25 May 2018.

The link to the Information Commissioner’s Office (the UK independent authority looking at data rights) is here.

The GDPR – general principles

The GDPR sets out six key principles which govern how any organisation is allowed to process personal data. We will process personal data in compliance with these principles. Personal data will be:
 1. Processed lawfully, fairly and in a transparent manner in relation to individuals.
 2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
 3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
 4.  Accurate and where necessary, kept up to date.
 5. Kept in a form which permits identification of data subjects for no longer than is necessary;for the purposes for which the personal data are processed.
 6. Processed in a manner that ensures appropriate security;of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
 Underpinning these is the principle of ‘accountability’. This requires us to be able to demonstrate compliance with each of the principles above.

For the Hertford Carnival, this affects the way Hertford Carnival Committee store and use your data, for example contacting you using your email address, and the way the website works.

We have also added a section on the use of photos in this document.

Return to top of the page.



What we do with your information

We have always displayed such statements as this under any ‘contact us’ sub section of the website (eg Join us as a business supporter/sponsors);
Sponsor information will only be used by the Hertford Carnival Committee for the purposes specified and will not be passed to third parties.

We only use your personal details – name, email, phone number etc – for the purpose for which you have agreed to give it to us.

You contact us via our published email addresses, via our twitter account, etc.

You contact us as either a stall-holder, performer, sponsor or supporter, potential/actual beneficiary, or other (eg donor).

We will then use this data for this specific purpose only.

We will be in contact with you pre (or post) the event.

We may include this information;
On the website (for example a list of stall-holders, a photo of you attending (with either your name captioned or your banner visible).
On the twitter feed (for example sponsors involved).
Occasionally in printed material.

Where we use pictures of sponsors’ and organisers logos, these organisations are involved to publicise their businesses, and we have stated on the website before that we will use their material.

We never pass on your information to third parties without your knowledge and agreement.

Using information for the purpose of our event is also what GDPR calls our ‘legitimate interest’.

Contacting you

We may contact you about future events, in the same context as you first registered with us (eg as a performer).
We will do this with your consent.


We keep your data securely, both electronically and when on paper.

How long we keep it

We apply national guidelines for retention where appropriate; these advise that information shouldn't be kept for years or when that contact hasn’t been involved for said purpose for some time.


The Hertford Carnival Committee is the Data Controller for the information you give us.
Thus if you have any queries about what we hold about you, or you want to change or remove it, you can contact us.

Return to top of the page.



Please see our cookie declaration.

Site visitation tracking

We do not use Google analytics (a tool which tracks visitors and locations etc) on this page.


We do not currently use forms that collect data, we have no forums on this website, and we do not rely on e-commerce.  We do not require users to register for use of the website, and we do not have group emails based on the details given at enrolment (thus we are not asking for users to opt in/out of marketing etc). 

For information collected by the committee (including where you email us using the contacts given); see above.

Our website links to our twitter account; user preferences for contacts and cookies etc can be set in the Twitter tool.

Links to other sites

Our website contains links to other sites.
Hertford Carnival Committee are not responsible for the content of external websites.
Nor are we responsible for the privacy practices (and content affected by them, eg cookies) within any of these other sites.
Please be aware of privacy statements on other websites you visit after having left our site and which collect personally identifiable information.
This privacy statement applies solely to our website.

Return to top of the page.



Photos taken at the event

Our website and twitter feed contains numerous pictures of people at our events. 
These are either spectators (in small or large groups) or participants (eg performers, stall-holders or volunteers).

We state prior to the event (on the Plan for the Day page)).
Please note that official and non-official photos, any of which may be used in our publicity, will be taken on the day. If you have any objection to you or your child being photographed, please make this known to the appropriate photographer(s) at the time.

There are no actual laws that restrict the photography of people in public.
However our professional photographer for example states he will not photograph or will delete pictures already taken if people indicate (verbally or by their behaviour) they are unhappy with their photos being taken.  Members of the committee will also do this.
We have no control over other individuals taking pictures at our event.

(According to the professional photographer we normally use)
In terms of explicit compliance with GDPR, people attending events are photographed within the parameters of GDPR legislation on the basis of ‘legitimate interests’. The taking of photographs at events when regarded as a form of processing personal data is necessary for the legitimate interests of our community event.
This is unless there is a good reason to protect a given individual’s personal data which overrides those legitimate interests.  In this case we will avoid having a picture of them taken or shared.

All personal information collected at such events (ie image data and performer names) is processed on the basis of legitimate interest.

Other people eg stall-holders might take pictures of the event and publish to the public domain, eg their social media feeds, with or without tagging us. 
It is the responsibility of these people to follow guidelines when taking/sharing etc.

Use of pictures

Different organisations have different rules about using photographs, ranging from a consent form for each picture (even if it’s the same individual in many) to objection to images being used.  Due to the nature of the event and the crowds of unnamed people, we necessarily go with the latter.

If a photo containing your child or yourself appears on the website and you object, please contact the webmaster, describing the photo. Please make sure you add the email subject header 'Hertford Carnival'. We will be happy to take it down.
(A statement about this is always displayed is repeated in each year’s archive (‘Archive_year_Day pages) and pre the event (on the Plan for the Day page).

We use images that we are sent or that are found publicly on social media.

(According to the photographer we normally use) Whilst photos of people are defined as personal data by the General Data Protection Regulations (GDPR), this only becomes “sensitive” biometric data if the purpose of the photo is to uniquely identify someone (ie headshots for ID badges).

In our pictures typically identification is possible eg when a stall or performer has a banner to publicise their business or service.  They are taking part in the event to do this.
We do not name individuals in our pictures.

We use images on our account on twitter and on our website, and very occasionally for printed material.  This is an integral part of publicising and then recording our event.

Once they are out in the public domain, people could for instance save them to their facebook, which would allow tagging.  Facebook allows people to be tagged and therefore identified by other Facebook users. Facebook also allows those who have been tagged to remove those tags.

Performers for instance could use them as publicity or share them as a record of events attended.
It would be their responsibility to credit us/the source etc, and to use these responsibly.

We do not sell on pictures.
We may occasionally use one of the website of the organisers (The Hertford Rotary club).  These are credited to the original source and linked to our website etc.

If anyone asks us to delete a picture, we forward on this information to anybody who might have taken the original picture or shared it.

Where we use pictures of sponsors’ and organisers’ logos, these organisations are involved to publicise their businesses, and we have stated on the website before that we will use their material.

Photo sourcing and crediting

We use images that we are sent or that are found publicly on social media.

Every year prior to the event we ask for photo submissions from the public – original photos are owned (ie that haven't been sent in without someone else's permission).

We use images that we are sent, either from the public, participants, amateurs or professionals.

We may also use photos publicly shared on Twitter or facebook
We search for these, using hashtags, @s, tagging of the location etc.
We may or may not use these images from other parties. 

All photos are credited with their source, including wherever possible a link to an account or webpage.

We will take down any picture from any source if so asked.

If anyone asks us to delete a picture, we forward on this information to anybody who might have taken the original picture or shared it.

(A statement about this is always displayed prior to the event (on the Plan for the Day page), and in each year’s archive (Day tabs)).


Many of our pictures are from a professional photographer; the link to his privacy notice is here.
We have used certain lines on the use of photography for this section.

Return to top of the page.


Cookie declaration


Further information (our personalised text);

Cookies are small files placed on a user’s computer by a website/web server and which remember information about the user for future visits.  They make it quicker for a web server to display the website as the user’s preferences have been remembered.  Cookies are commonly used to store personal registration data like name, address, the contents of a shopping cart, someone’s preferred font size for the webpage, etc. 

We do not actively install cookies, however they are sometimes present from links to other sites/by third party services that appear on our pages. 
Hence we have included a declaration. 
You consent to any cookies on our website if you continue to use it.

These cookies might be used in any way, for example to collect limited personal information such as location, or to show content to individuals, or to log traffic to certain pages.

Websites linked from ours should have cookie declarations and the option to opt in/out.  This is their responsibility.

You can use your browser settings to restrict or disable cookies on the websites you visit, or to alert you when websites set or access cookies.  The method varies for different browsers but this might be useful;  How to disable cookies.

You can also clean your browser of previously collected cookies.

Return to top of the page.


Where now?

Return to top of the page.

Click here to return to the Home page.



The EU data regulation to protect personal data

Date privacy policy and cookie declaration reviewed; Aug 2018