Your privacy is very important to us and this Privacy Notice will advise you on how we collect, use, process and store the personal information we collect about you.
Broads Escapes is a trading division of Waterside Holidays Direct LLP. In this Notice, the use of “we”, “us” and “our” refers to Waterside Holidays Direct LLP; Waterside Holidays Direct LLP is the controller of your personal information and is registered as a Data Controller with the Information Commissioner’s Office. Our registration number is ZA119340.
Please read this notice in conjunction with our Terms and Conditions of Booking; these are available here: https://broadsescapes.co.uk/terms
You can access this Privacy Notice from the ‘privacy’ link at the bottom of every page on our website.
1. COLLECTION AND USE OF INFORMATION
1.1 HOW WE COLLECT INFORMATION
We collect information about you via a number of different methods, including:
- When you book, or enquire about booking a holiday directly with us
- When you book a holiday through one of our Booking Agents
- When you hire any of our day boats or other day hire craft
- When you complete a form on our website or send us an email
- When you request a brochure from us
1.2. BOOKING A HOLIDAY
When booking a holiday directly with us, we collect the following personal information to enable us to administer and provide your holiday:
- Your name, address, telephone number, date of birth, gender and email address
- The name, address, date of birth and gender of your party members
- We will also record your consent for receiving marketing information
We collect the date of birth and gender of you and your party members so that we can ascertain the composition of your party for insurance and administrative reasons.
1.3 PHONE CALLS
We may record telephone calls for security, training and quality purposes. Calls to our 24-hour support number are always recorded.
1.4 BOOKING A HOLIDAY VIA A BOOKING AGENT
If you book a holiday via a Booking Agent, the Agent will request all of the information detailed in ‘1.2 Booking a holiday’. The Booking Agent may also request additional personal information. Please also review the Privacy Notice of the Booking Agent.
Our list of Booking Agents is provided below:
- Booking.com – www.booking.com
- Tripadvisor – www.tripadvisor.co.uk
- Home Away – www.homeaway.com
- The Holiday Cottages – www.theholidaycottages.co.uk
2. HOW DO WE USE YOUR PERSONAL INFORMATION
The information that you provide to us will be used:
- To process your booking and to provide you with information about your holiday
- To identify your eligibility for, and to provide you with any offers or discounts, based upon your previous booking history
- At your request, to provide you with brochures and other marketing materials.
- For statistical purposes when we evaluate our services
- To manage customer service requests
- To provide any other information that you may have requested
We will not send you any marketing information unless you explicitly opt into receiving this information.
You can opt-in to receiving marketing information at the time of booking your holiday, via the My Booking service or by informing our Booking Office of your request.
You can opt-out of receiving marketing information by contacting us, or by clicking the ‘unsubscribe’ link in any email that you receive.
3. HOW DO WE STORE YOUR INFORMATION
Your personal information is stored within a booking system provided by Holray Systems Limited who act as a Data Processor. Holray Systems Limited can only process your Personal Information in accordance with the specific instructions given by us. Holray Systems are also required to implement appropriate technical and organisational measures to protect your information from unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure.
Your personal information is also stored by us in paper form and electronically on our internal computers and servers.
In the event of you cancelling your holiday with us, we may request and process sensitive personal information about you or the affected party member(s). This information is only retained for as long as necessary to process the cancellation and this information is then disposed of in a secure manner.
All telephone call recordings are handled by our phone system which is provided by Gamma Networks. Telephone recordings are stored within UK based data centres and a copy of call recordings may be stored on our internal servers.
We do not store any payment card information. When booking online, our customer are redirected to SagePay – our payment provider – and they process online payments on our behalf. We only retain a reference of the transaction and the last 4 digits of the payment card used. Payments made via telephone are entered directly into our payment provider’s system for immediate approval.
4. HOW DO WE PROTECT YOUR INFORMATION
We take reasonable steps to protect and secure the personal information that we hold.
All staff members who handle personal information are required to undertake Data Protection and Information Security awareness training during their induction and then at yearly intervals.
All communications with our website and booking system are encrypted using Transport Layer Security (TLS). TLS is used to protect and encrypt the connection between your web browser and our website.
5. WHO WE SHARE YOUR PERSONAL INFORMATION WITH
We may share your information if we are required by law or to help provide our services to you. This may include sharing certain information with:
- Our group of companies
- Other third parties where you have given your consent to the disclosure
- Owners of cottages or other accommodation where we are acting as agents, on their behalf
- Our insurance companies in cases of accident, injury or other claims.
- The emergency services and the Broads Authority
- Other law enforcement and Government agencies
5.1 THIRD PARTY SERVICE PROVIDERS
We use a number of third party service providers which enable us to offer our services to you.
These providers will maintain their own connection logs, which will include the IP address of the connecting device, along with the date and time. The third party services may also process and store personal information on their servers.
These third party services providers may store and process information in countries outside of the European Economic Area.
6. COOKIES AND TRACKING
Cookies are text files placed onto your computer that are used to collect and retain information about how you interact with our websites, communications and services.
- Tracking visitor use of the website and to compile statistical reports on website
- The use of session cookies which enable us to provide the online checkout and My Booking services to customers
- To show relevant ads to you when you have visited our website
We also use ‘web beacons’ (also known as tracking pixels) and code snippets to track user interaction with our website. We would use these in cases where a user has clicked on an advert and we wanted to track whether that ‘click’ converted into a confirmed booking or potential lead.
The Information Commissioner’s Office provides further information about cookies, including advice on how to block cookies: https://ico.org.uk/for-the-public/online/cookies
7. HOW LONG WE KEEP YOUR INFORMATION
We will not keep your personal information for longer than necessary for our business purposes.
We will retain your personal information and booking history for a period of up to 3 years from the date of your last holiday with us. If you have not opted out of receiving marketing communications we may contact you about our services during this time.
For accounting reasons, your booking history will be held in paper form for a period of 6 years from the end of the financial year following the date that your holiday commenced. After this period the information will be securely destroyed by an accredited shredding provider before being recycled.
Our financial year runs from the 1st April until 31st March.
8. ACCESS TO YOUR PERSONAL INFORMATION
You have a right to request access to any personal information that we hold about you. This type of request is known as a ‘Subject Access Request’. If you would like a copy of some or all of your personal information that we hold about you, please email or write to us using the contact details provided at the bottom of this Notice. Unless the request is unfounded and excessive, there will be no charge for this service and we will respond to your request within 30 days.
We want to ensure that your personal information is up to date. If you feel that any of the personal information that we hold about you may be incorrect or inaccurate, please contact us to allow us to rectify this issue.
9. LINKS TO THIRD PARTY WEBSITES
This Privacy Notice does not apply to any third party websites that this website links to. You are advised to read any privacy policies that may be applicable to third party websites.
10. CHANGES TO THIS PRIVACY NOTICE
We keep our Privacy Notice under regular review and we will place any updates on this page. We will endeavour to make any changes or additions clearly distinguishable, along with showing the date that any changes come into force.
This Privacy Notice was last updated: 28th August 2018.
11. HOW TO CONTACT US
Please contact us if you have any questions about our Privacy Notice or the information that we hold about you:
- Email us at firstname.lastname@example.org
- Write to us at: Data Protection Officer, Herbert Woods LLP, Bridge Road, Potter Heigham, Great Yarmouth, Norfolk, NR29 5JF.
If you wish to register a complaint about how we handle your Personal Information, you can contact the Information Commissioners Office who are the Supervisory Authority for Data Protection in the United Kingdom.
Contact details for the Information Commissioners Office are located on their website: https://ico.org.uk/concerns/