top of page



We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.

When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.

We collect such Non-personal and Personal Information for the following purposes:
1.    To provide and operate the Services;
2.   To provide our Users with ongoing customer assistance and technical support;
3.   To be able to contact our Visitors and Users with general or personalised service-related notices
      and promotional messages;
4.   To create aggregated statistical data and other aggregated and/or inferred Non-personal Information,
      which we or our business partners may use to provide and improve our respective services; 
5.   To comply with any applicable laws and regulations.

Our company is hosted on the platform. provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through’s data storage, databases and the general applications. They store your data on secure servers behind a firewall. All direct payment gateways offered by and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

Our K3/Merac online shop uses WorldPay as the payment gateway and uses the PCI-DSS standards as above. This website stores product data and your data on secure servers, which contains your:

  • Name

  • Telephone number

  • Email address

  • Order details

  • Postal address

We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.

If you don’t want us to process your data anymore, please send us notification to: Mid-Norfolk Railway, The Railway Station, Station Road, Dereham, Norfolk, NR19 1DF or


We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. 

Please contact for further information.

Working Members Data -

Membership information is primarily contained within a secure database system using HOPS (further information here) which has a heirachy to permissions with limited access to different levels of administration (Trust Council, Managers, Administrators/Coordinators, Roster Clerks, etc)

Information held for working members, in addition to above:

  • Name & Address

  • Contact details

  • Communication preferences

  • Membership type & expiry and related members

  • Emergency contacts

  • Date of birth 

  • Gift aid status

  • Roster records (e.g. times, dates, locations, roles)

  • Competency records (e.g. exams, certificates)

  • Safety-critical medical information

  • Time register records (location/date/time)

This information is held whilst the working member is active and is archived once the person is confirmed as no longer a working member. Information is held for a variety of lengths for legal/insurance reasons.

Membership renewal payments on HOPS are processed by HOPS (further information here).

Please contact for further information about MNR's use of HOPS.

Membership Data

This information is kept on a secure database with the full database being limited access to the Membership Secretary & Assistant and limited information provided to the Volunteer Coordinator, Trust Council, Operations Management and Business Management.

Information held:

  • Name & Address

  • Related members at same address

  • Membership type & expiry

  • Contact details

  • Communication preferences

Please contact for further information.

bottom of page