Privacy Policy

This is the privacy statement of the Shetland Pony Stud-Book Society Ltd (SPSBS). In this statement ‘we’, ‘us’, ‘our’ or similar refers to SPSBS. ‘You’ or similar refers to the data owner.


The General Data Protection Regulation (GDPR) is a new regulation designed to strengthen and unite the data protection processes for all individuals within the EU. GDPR applies to any organisation processing an EU citizen’s personal data irrelevant of where the company is based.

GDPR has placed new obligations on organisations processing personal data and has conferred additional rights on data owners. This document describes how SPSBS complies with the requirements of GDPR.

Personal information we collect.

Information we collect from you is:

Sensitive personal data.

SPSBS does not record sensitive personal data relating to physical or mental health, or criminal records.

How we collect data.

Data is only collected from the data owner. Some information may be submitted to us indirectly but must be supplied and signed by the data owner. For example, if a passport is applied for by a person who is not the breeder, they will be required to obtain the breeders details and signature.

The main channels through which we collect information are:

Data we collect may be enhanced using the following third-party resources:

When you use our website, we may gather information through cookies and other technical means. ‘Cookies’ are text files placed on your computer to collect Internet log information and user behaviour information. These are only used to track website usage and monitor website activity.

Some of the cookies we use are essential for parts of the site to operate and have already been set. You may delete and block all cookies from this site, but parts of the site may not work.

What we do with your personal information.

SPSBS only uses personal data to meet its obligations as a PIO, to meet the needs of members, and to interact with suppliers, equine industry contacts and other relevant individuals. The principle ways data is used are to:

What we do not do with your personal information.

SPSBS only uses data where directly required for the operation of the Society. SPSBS does not:

Who we share your personal information with.

The organisations with whom we do or may share personal data with are:

How we process data.

Data is processed using an industry standard software package. This package is used to store and process data and to produce the outputs supplied to members, passport holders, and bodies with whom we share data.

This system is held on a password protected PCs. Encrypted backups are held locally and by our support provider.

All outputs shared electronically to other bodies are encrypted.

Some data may be held on emails or spreadsheets where required for internal SPSBS functions. This data will be destroyed when it has served its use.


There is special protection for the personal data of a child. The age when a child can give their own consent is 16. If SPSBS requires consent from young people under 16, consent will be obtained from a parent or guardian in order to process the child’s personal data lawfully.

How long do we retain personal information.

Your rights.

  1. Access to information.

You have the right to be supplied with a copy of the personal data that we hold about you. Where such a request is made we will provide the information within 30 days.

  1. Correcting information.

SPSBS will endeavour to make sure that all personal data is correct and current. You have the right to ask us to correct any data that you believe is not correct or current, and we will make the required changes.

  1. Deletion of personal data.

You have the right to ask us to delete your personal data where:

  1. Data portability.

You can ask us to pass your information to another organisation. We can only pass such data where doing so does not conflict with our legal obligations as a PIO.

  1. Right to Object.

In addition to the right to have personal data deleted, individuals have the right to object on the basis of ‘grounds relating to his or her particular situation’ to:

You can ask us to pass your information to another organisation. We can only pass such data where doing so it does not conflict with our legal obligations as a PIO.

Changes to this privacy statement.

SPSBS will keep this privacy statement under regular review and will place any updates on this website. If you wish to print a copy of the privacy statement, this can be found under “forms and information” on the homepage of the website.