Bob Graham

The Bob Graham 24 Hour Club

Privacy Notice


As of May 2018, the General Data Protection Regulation (GDPR) governs how organisations large and small handle personal data about individuals along with any exemptions that may apply. This privacy policy explains how we collect and use such data. The links on this page will take you to the Information Commissioner’s Office (the ICO) for further background information.

Why We Hold Data

The Club has a role as the keeper of basic data about attempts and successes on the Bob Graham Round. We are also the keeper of an archive of written records of successful attempts.

We use this data to maintain a historical record/archive of the Club’s activities as described in its constitution. The regulations recognise such use: “Preserving personal, community and corporate identities, memories and histories”.

The data we hold allows us to respond to requests such as “How old is the oldest person to have succeeded on the Round?”, “How many persons from <country> have been successful?”. The data also allows us to produce the record lists that answer common questions about past achievements.

We regard the above as our legitimate interests.

What data we hold

We collect a variety of data depending on how you interact with the site. For example we don’t ask for your age or first part of your post code until you have succeeded on the round.

Personal details

First name, last name, age (on day you completed the Round), gender, nationality, area & zone components of post code

Bob, Graham, 43, male, British, CA12
These details are used in the membership and record lists on the club website.
Contact details

email address


We do not ask for telephone numbers or postal address.

We do not share the above details.

Round details

The basic details of your round split into proposed, i.e. your registered start time, etc. and your actual round.

registered start date, registered start time, direction, schedule
These details are used anonymously on the club website to assist others when deciding on their start date and time.
completion date, finishing time, time taken, direction
These details are used publicly on the club website for informational purposes.
Website usage

The website logs any interactions you make with the registration/calculator forms in order to track down bugs and problems.

Our ISP also holds logs regarding access to individual pages and any errors that may occur on their system.

We do not ask for what the regulations refer to as “special categories of personal data” such as: race; ethnicity; religion; health.

When you register an attempt on the Round with us, you give us your consent to hold and retain this data for the above stated purposes. Similarly, when you submit a ratification form for membership, you give us consent to hold and retain this data. If you provide a written account of a successful attempt on the Round, you give us consent to hold and retain this data, to the extent that it contains personal data.

We do not process your personal data to infer information that we have not been provided with.

Data Principles

GDPR has three guiding principles that any organisation must consider when collecting and holding data...

Data Minimisation

The data minimisation principle means that we only ask for, and hold, the minimal information about you to allow the Club to perform its administrative duties including but not limited to:

  • registering and ratifying attempts
  • invitations to the club dinner
  • producing annual reports
  • maintaining membership and record lists

We do not ask for, record or keep information such as a health condition as that is not essential to the purposes of the club and we do not have a legitimate interest to do so.


Accuracy: all organisations holding data should strive (“Take reasonable steps”) to ensure that it is accurate. Most errors in the data have resulted from transcribing handwritten records.

Storage Limitation

The Storage limitation principle states that we shouldn’t keep personal data for longer than the purposes for which it was collected. We take advantage of two express exemptions to this (Research and Statistics and Archiving in the Public Interest) which apply to personal data processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

Third Parties

We will not sell or pass on any data about you to third parties with two exceptions.

Requests for contact details of members, e.g. from the press or media, will be forwarded to the individual member or members concerned for them to handle as they wish.

Your Rights

The regulations also provide you with rights. These include:

Right of Access

The Right of Access states that you have access to all data held by us about you.

In all instances please email the Membership Secretary should you wish to do one of the above.


The above is not an exhaustive list. If you have any queries about how we store and process data then please contact the Membership Secretary whose details are on the contacts page.

Cookies and LocalStorage

Cookies, localStorage and any other browser side storage mechanisms, generally referred to as “Cookies”, are covered by the Privacy and Electronic Communications Regulations (PECR), specifically Regulation 6. The regulations state that such cookies require the user’s consent with two exceptions, the second of which, the “strictly necessary exemption”, applies to this site, namely:

That the cookie is strictly necessary to provide an “information society service ” (eg a service over the internet) requested by the subscriber or user.

This applies in three situations where it is not possible to provide the services without storing data:

  1. Registering an attempt.
  2. Saving data from the calculator form.
  3. Setting your preferred language.

Note that we do not store cookies from third parties. Nor do we share the data stored via this site with third parties.

The site uses the following cookies and localStorage: those items in the Consent column marked as “Y” are only set when the user performs the indicated action (in bold text).

Name Type Expires Consent Contents Rationale
bgr_language cookie 1 year Y A language name, e.g. “spanish” Allows the user to choose and save their preferred language for the site. The user must set their preferred language.
bgr_registered cookie 2 years Y A date-time string Allows the user to access the "Manage your Registration" page. The user must have completed the registration process.
bgr_registration_id cookie 1 year Y A ten character ID such as “a1b2c3d4e5” Used to help in debugging any problems. The user must have completed the registration process.
bgrApp localStorage Indefinite Y The data entered via the registration and/or the calculator Allows the user to manage their registration. This also handles synchronisation across devices. The user must have completed the registration process.
attempts sessionStorage current session N The number of attempts in the next seven days. Fills out information in the site footer.
<year>_cur_reg sessionStorage current session N The number of registrations for the current year. Fills out information in the site footer.
<year>_cur_successes sessionStorage current session N The number of successes for the current year. Fills out information in the site footer.
prev_attempts sessionStorage current session N The number of attempts so far this year. Fills out information in the site footer.
total_mem sessionStorage current session N The current total number of members. Fills out information in the site footer.

The above is a condensed summary of the information stored and used by this site. If you require more information then please contact the Membership Secretary using the details on the contacts page.