Your privacy is very important to us and this Privacy Notice will advise you on how we collect, use, process and store the personal information we collect about you.
Broads Escapes is a trading devision of Herert Woods LLP. In this Notice, the use of “we”, “us” and “our" refers to Herbert Woods LLP; Herbert Woods LLP is the controller of your personal information and is registered as a Data Controller with the Information Commissioner's Office. Our registration number is ZA119340.
Please read this notice in conjunction with our Terms and Conditions of Booking; these are available here: https://broadsescapes.co.uk/terms
You can access this Privacy Notice from the ‘privacy’ link at the bottom of every page on our website.
We collect information about you via a number of different methods, including:
When booking a holiday directly with us, we collect the following personal information to enable us to administer and provide your holiday:
We collect the date of birth and gender of you and your party members so that we can ascertain the composition of your party for insurance and administrative reasons.
We may record telephone calls for security, training and quality purposes. Calls to our 24-hour support number are always recorded.
If you book a holiday via a Booking Agent, the Agent will request all of the information detailed in ‘1.2 Booking a holiday’. The Booking Agent may also request additional personal information. Please also review the Privacy Notice of the Booking Agent.
Our list of Booking Agents is provided below:
The information that you provide to us will be used:
We will not send you any marketing information unless you explicitly opt into receiving this information.
You can opt-in to receiving marketing information at the time of booking your holiday, via the My Booking service or by informing our Booking Office of your request.
You can opt-out of receiving marketing information by contacting us, or by clicking the ‘unsubscribe’ link in any email that you receive.
Your personal information is stored within a booking system provided by Holray Systems Limited who act as a Data Processor. Holray Systems Limited can only process your Personal Information in accordance with the specific instructions given by us. Holray Systems are also required to implement appropriate technical and organisational measures to protect your information from unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure.
Your personal information is also stored by us in paper form and electronically on our internal computers and servers.
In the event of you cancelling your holiday with us, we may request and process sensitive personal information about you or the affected party member(s). This information is only retained for as long as necessary to process the cancellation and this information is then disposed of in a secure manner.
All telephone call recordings are handled by our phone system which is provided by Gamma Networks. Telephone recordings are stored within UK based data centres and a copy of call recordings may be stored on our internal servers.
We do not store any payment card information. When booking online, our customer are redirected to SagePay - our payment provider - and they process online payments on our behalf. We only retain a reference of the transaction and the last 4 digits of the payment card used. Payments made via telephone are entered directly into our payment provider's system for immediate approval.
We take reasonable steps to protect and secure the personal information that we hold.
All staff members who handle personal information are required to undertake Data Protection and Information Security awareness training during their induction and then at yearly intervals.
All communications with our website and booking system are encrypted using Transport Layer Security (TLS). TLS is used to protect and encrypt the connection between your web browser and our website.
We may share your information if we are required by law or to help provide our services to you. This may include sharing certain information with:
We use a number of third party service providers which enable us to offer our services to you.
These providers will maintain their own connection logs, which will include the IP address of the connecting device, along with the date and time. The third party services may also process and store personal information on their servers.
These third party services providers may store and process information in countries outside of the European Economic Area.
Cookies are text files placed onto your computer that are used to collect and retain information about how you interact with our websites, communications and services.
We also use ‘web beacons’ (also known as tracking pixels) and code snippets to track user interaction with our website. We would use these in cases where a user has clicked on an advert and we wanted to track whether that ‘click’ converted into a confirmed booking or potential lead.
The Information Commissioner’s Office provides further information about cookies, including advice on how to block cookies: https://ico.org.uk/for-the-public/online/cookies
We will not keep your personal information for longer than necessary for our business purposes.
We will retain your personal information and booking history for a period of up to 3 years from the date of your last holiday with us. If you have not opted out of receiving marketing communications we may contact you about our services during this time.
For accounting reasons, your booking history will be held in paper form for a period of 6 years from the end of the financial year following the date that your holiday commenced. After this period the information will be securely destroyed by an accredited shredding provider before being recycled.
Our financial year runs from the 1st April until 31st March.
You have a right to request access to any personal information that we hold about you. This type of request is known as a 'Subject Access Request'. If you would like a copy of some or all of your personal information that we hold about you, please email or write to us using the contact details provided at the bottom of this Notice. Unless the request is unfounded and excessive, there will be no charge for this service and we will respond to your request within 30 days.
We want to ensure that your personal information is up to date. If you feel that any of the personal information that we hold about you may be incorrect or inaccurate, please contact us to allow us to rectify this issue.
This Privacy Notice does not apply to any third party websites that this website links to. You are advised to read any privacy policies that may be applicable to third party websites.
We keep our Privacy Notice under regular review and we will place any updates on this page. We will endeavour to make any changes or additions clearly distinguishable, along with showing the date that any changes come into force.
This Privacy Notice was last updated: 11th May 2018.
Please contact us if you have any questions about our Privacy Notice or the information that we hold about you:
If you wish to register a complaint about how we handle your Personal Information, you can contact the Information Commissioners Office who are the Supervisory Authority for Data Protection in the United Kingdom.
Contact details for the Information Commissioners Office are located on their website: https://ico.org.uk/concerns/