Open today until 5pm!Find out more

Privacy and Cookies Policy

Last updated: June 2026 

We want to be clear and honest about how we use your personal information. This policy explains what we collect, why, and what you can do about it. 

SS Great Britain Trust is a registered charity (No. 262158) and company limited by guarantee (No. 01000878). We are the data controller for the information you provide to us. 

Our Data Protection Lead is the Director of People & Development. Contact: admin@ssgreatbritain.org | Brunel's SS Great Britain, Gas Ferry Road, Bristol, BS1 6TY 

 

What information we collect and why 

We collect personal information in the following situations: 

Buying tickets or visiting us 
We collect your name, email address, and home address (for billing and Gift Aid purposes) when you book tickets through our website. We collect your phone number, which we may in rare cases use for any issues with your booking. We do not use your phone number for any marketing purposes. For annual passes, we collect the full name of each named visitor to enable returns. This is necessary to fulfil your booking. 

Shopping with us 
Our online retail store is run on Shopify. We collect the information needed to process your order and arrange delivery (name, address, email, payment details). Payment is processed securely through Shopify Payments. 

Signing up to our newsletter 
If you opt in, we'll send you news, events, and offers by email via DotDigital, our email marketing platform. You can unsubscribe at any time using the link in any email. 

Annual pass holders may still receive essential communications (such as expiry reminders) even if not opted in to marketing. 

Making a donation or supporting us 
We use Beacon CRM to manage our relationships with donors, members, and supporters. Donations may be processed through Beacon, and direct debits are handled via GoCardless. 

We may also research publicly available information about individuals who have expressed an interest in supporting us — for example, to understand how best to engage with potential major donors. Sources may include news archives, Companies House, the Charity Commission, and similar public records. We conduct due diligence on significant donations to ensure compliance with our legal and ethical obligations. You can object to this research (see Your Rights below), though in some cases legal obligations may mean we need to proceed regardless. 

Participating in Go Aloft 
If you choose to take part in our Go Aloft rig climbing experience, we will ask you to complete a disclaimer form via JotForm before you climb. This form collects information about any relevant medical conditions and medication so that we can administer appropriate first aid and, if necessary, provide accurate information to paramedics in an emergency. This information is used solely for your safety and is not shared for any other purpose.

Getting in touch 
When you contact us by email, phone, or through a website form, we'll use your details to respond to your enquiry. 

Using our website 
We use Google Analytics 4 (via Google Tag Manager) with Google Consent Mode enabled. This means basic, anonymous traffic data may be collected even before you accept cookies. We also use Facebook Pixel for anonymous behaviour tracking. You can manage your preferences at any time via our cookie banner. 

School visits 
We collect the name of the school and the name of the lead teacher or booking contact. We do not collect any personal data from pupils. 

Accessing the collections in the Brunel Institute 
When you visit the Brunel Institute to use our library and museum collections as a researcher, we collect personal information such as your name, email address, home address and phone number. We also collect this information if you take photographs of items in our collection during your research visit, or if you make a request online for photographs or digitised transcriptions of items in our museum collection. 

This is so that we can give you access to our library and collections while following collections security and copyright requirements. The information is held securely in our collections management system Axiell. 

 

 

Our systems and partners 

We work with trusted third-party services to deliver our operations. They only use your data for the purposes we've described, and are not permitted to use it for their own marketing. 

Vennersys 
Ticketing and booking management 

Dojo 
On-site and online payment processing 

Shopify Payments 
Online retail payment processing 

GoCardless 
Direct debit processing 

DotDigital 
Email marketing and newsletters 

Beacon CRM 
Member and supporter management 

JotForm 
Go Aloft disclaimer forms, including health and medical information

CookieYes 
Cookie consent management 

GA4 & GTM 
Anonymous website analytics 

Facebook Pixel 
Anonymous behaviour tracking 

Royal Mail & Evri 
Retail order delivery 

Facebook Pixel 
Anonymous behaviour tracking 

 

We may also share your information with authorities when required by law. 

 

Cookies 

Cookies are small files stored on your device that help our website work properly and understand how it's being used. We use four types: 

  • Essential – Required for the site to function (e.g. remembering your basket) 
  • Analytics – Help us understand how visitors use the site (e.g. Google Analytics) 
  • Functional – Remember your preferences to improve your experience 
  • Advertising – Used to deliver relevant marketing via third-party platforms 

You can accept, reject, or customise your preferences at any time using our cookie banner (powered by CookieYes). Note that blocking certain cookies may affect how some parts of the site work. 

 

CCTV and photography 

We operate CCTV on and around our premises for visitor and staff safety, crime prevention and detection, incident investigation, and for legal and insurance purposes. Footage is typically retained for 30 days before automatic deletion, unless an investigation or legal matter requires it to be kept longer. 

During visits and experiences, we may capture photos or video for promotional use. We will not take or use images of children without the express written permission of their parent or guardian. 

 

Job applications 

If you apply for a role with us, we'll use the information you provide (contact details, employment history, and any correspondence) to assess your application. If your application is unsuccessful, we'll retain your details for up to 6 months in case a suitable opportunity arises, after which it will be deleted. If you'd like us to delete it sooner, just get in touch. 

 

How long we keep your information 

We keep your personal data for as long as necessary to provide our services, meet legal obligations (for example, HMRC record-keeping requirements), or as outlined above. If you'd like to know more about retention for a specific type of data, please contact us. 

 

Your rights 

Under UK data protection law, you have the right to: 

  • Access the personal information we hold about you 
  • Correct information that is inaccurate or incomplete 
  • Delete your information (in certain circumstances) 
  • Restrict how we use your information 
  • Object to us processing your information, including for marketing or supporter research 
  • Data portability – receive your data in a usable format 

To exercise any of these rights, contact us at hello@bristoldockyards.org

If you have a concern about how we've handled your data, you can complain to the Information Commissioner's Office (ICO): ico.org.uk/concerns | Tel: 0303 123 1113 

 

Changes to this policy 

We'll post any updates to this policy on this page. If changes are significant, we'll let you know by email where we're able to.