We need to collect, use and disclose personal information for lawful and legitimate interest, to perform our business functions and activities, including making and managing all travel and event bookings on behalf of our customers. We are firmly committed to protecting the privacy and confidentiality of personal information and to maintaining various physical, electronic and procedural safeguards to protect personal information in our care.
We will be a “data controller” for the purposes of the General Data Protection Regulation(“GDPR”) for any personal information you provide to us, in connection with our relationship.
By providing personal information to us, you agree that this Notice will apply to how we handle your personal information and you consent to us collecting, using and disclosing your personal information as detailed in this Notice. If you do not agree with any part of this Notice, you must not provide your personal information to us. If you do not provide us with your personal information, or if you withdraw a consent that you have given under this Notice, this may affect our ability to provide services to you or negatively impact the services we can provide to you. For example, most travel bookings must be made under the traveller’s full name and may include contact details and appropriate identification (e.g. passport details). We cannot make bookings for you without that information.
2. What personal information do we collect?
Personal information, as identified under GDPR, generally means information which relates to a living individual, who can be identified from that information.
Generally, the type of personal information we collect about you is the information that is needed to facilitate your travel arrangements, events and bookings and to arrange travel related services and/or products on your behalf.
We therefore typically ask you to provide the following types of personal information for us to process:
- contact information (such as name, mailing address, telephone number, email address);
· passport details;
· other details relevant to your travel arrangements or required by the relevant travel service
provider(s) (e.g. airlines, hotels, tour or activity providers).
· Payment or bank details personal travel / extras (credit/debit card details, including card type, card number, security number and expiry date) for a given service;
When you contact us for other purposes, we may also collect personal information in relation to those purposes. For example, we may collect your personal information so we can contact you to respond to an enquiry or feedback you have sent to us. We also collect information that is required for use in the business activities, or other relevant personal information you may elect to provide to us.
In some circumstances, (for example recruitment) we may collect personal information which may be regarded as sensitive information, which may include (without limitation) your racial or ethnic origin, criminal record and the alleged commission of an offence, financial, or health information.
We will only collect sensitive information in compliance with data protection laws, with your explicit consent and where it is reasonably necessary, or directly related to, one or more of our functions or activities (e.g. to make travel arrangements, issue travel insurance etc. / HR), unless we are otherwise required or authorised to do so by law. We will not use sensitive information for purposes other than those for which it was collected, unless we subsequently receive your consent to use it for another purpose.
3. How do we collect personal information?
We will only collect personal information in compliance with data protection laws. We usually collect your personal information from the information you submit during the course of your relationship with us. We will collect this information directly from you unless it is unreasonable or impracticable to do so.
Generally, this collection will occur:
- when you deal with us either in person, by telephone, letter, email;
· when you visit our website
· when you fill in an online registration form
· when you connect with us via social media.
We may collect personal information about you:
- when you purchase or make enquiries about travel arrangements or other products /services;
· when you subscribe to receive marketing from us (e.g. e-newsletters);
· when you request information from us
· When you complete a survey or provide feedback (unless you chose to do so anonymously)
In some circumstances, it may be necessary for us to collect personal information about you from a third party. This includes where a person makes a travel booking on your behalf which includes travel arrangements to be used by you (e.g. a family or group booking or a travel booking made for you by your employer or when you are invited as a guest on an incentive or event, by a company who has engaged us. Where this occurs, we will rely on the authority of the person making the travel booking to act on behalf of any other traveller/guest on the booking.
Where you make a travel booking on behalf of another person (e.g. a company, guest, family or group booking, or a travel booking made for an employee), you agree you have obtained the consent of the other person for Travel Options Ltd. to collect, use and process the other person’s personal information in accordance with this Notice and that you have otherwise made the other person aware of this Notice.
You should let us know immediately if you become aware that your personal information has been provided to us by another person without your consent or if you did not obtain consent before providing another person’s personal information to us.
We make every effort to maintain the accuracy and completeness of your personal information to ensure it is up to date. Please help us to do this by promptly contacting us if there are any changes to your personal information, or if you become aware that we have inaccurate personal information relating to you (see section 13 below). We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal information that you, or a person acting on your behalf, provide to us.
4. How do we use your personal information?
We will only process your information, where:
- you have given your consent to such processing (which you may withdraw at any time – see
section 8 below);
· the processing is necessary to provide our services to you;
· the processing is necessary for compliance with our legal obligations; and/or
· the processing is necessary for our legitimate interests or those of any third party recipients that receive your personal information (as detailed in sections 5 and 6 below).
When you book or otherwise arrange travel or any related products and services through us, we usually act as an agent for the relevant travel service providers (e.g. for a hotel / airline). In this case, we process your personal information as necessary to provide the services you requested from us. This usually includes collecting personal information about you both for our internal purposes as described in this Notice and for the travel service provider for whom we act as agent (e.g. to provide you with the booked services). For example, if you book a flight through us, then we use your personal information to enable your flight to be booked and disclose it to the airline to enable the airline to provide the flight service to you.
If you have any concerns regarding the transfer of your personal information to a travel service provider, or you wish to contact us for further information, please refer to the “Feedback / Complaints / Contact” section below (section 13).
The purposes for which we collect personal information further include:
- regulatory reporting and compliance;
· identification of fraud or error;
· servicing our relationship with you by, among other things, creating and maintaining a
customer profile to enable us service you better or presenting options we think may interest
you based on your preferences;
· involving you in market research, customer satisfaction and seeking feedback regarding our
relationship with you and/or the service we have provided;
· to facilitate your participation in loyalty programs;
· internal accounting and administration;
· to comply with our legal obligations and any applicable customs/immigration requirements
relating to your travel;
· other purposes as authorised or required by law (e.g. to prevent a threat to life, health or
safety, or to enforce our legal rights).
We may use your personal information to send you targeted marketing activities relating to our products and services that we think may interest you, unless you have requested not to receive such information. These may include, but are not limited to, mail outs, electronic marketing and notifications as described below, and telephone calls). We will only use your personal information to send electronic marketing materials to you if you have opted-in to receive them.
Should you no longer wish to receive promotional/marketing material from us, participate in market research or receive other types of communication from us, please refer to the “Feedback / Complaints / Contact” section below (section 13). You can unsubscribe from receiving electronic marketing materials by following the unsubscribe prompt in your email, other form of electronic marketing.
5. Is personal information disclosed to third parties?
We do not and will not sell, rent out or trade your personal information. We will only disclose your personal information to third parties in the ways set out in this Notice. Note that, in this Notice, where we say “disclose”, this includes to transfer, share (including verbally and in writing), send, or otherwise make available or accessible your personal information to another person or entity.
Your personal information may be disclosed to the following types of third parties:
- our contractors, suppliers and service providers, including without limitation:
- in each of the circumstances set out in section 4 (“How do we use your personal information?”);
- suppliers of IT based solutions that assist us in providing products and services to you (such as any external data hosting, e.g google.com, vamoos APP, or other providers we may use);
- publishers, printers and distributors of marketing material;
- event and expo organisers;
- mailing, freight services, courier services;
- external business advisers (such as lawyers, accountants, auditors and recruitment consultants);
- travel service providers such as travel wholesalers, tour operators, airlines, hotels, car rental companies,
- transfer handlers and other related service providers;
- any third party to whom we assign any of our rights or obligations;
- a person making your travel booking on your behalf, where you are travelling on a booking made on your behalf by another person (for example, a company hosting an event, family member, friend or work colleague);
- your employer, where you are an employee of one of our corporate, business or government clients and you are participating in an event or travelling for work purposes;
- a person who can verify to us that they have a relationship with you (e.g. a family member) where you are not contactable, the person correctly answers our required security questions and the request is, in our opinion, in your interest (for example, where the person is concerned for your welfare or needs to undertake action on your behalf due to unforeseen circumstances);
- as required or authorised by applicable law, and to comply with our legal obligations;
- customs and immigration to comply with our legal obligations and any applicable customs/immigration requirements relating to your travel;
- government agencies and public authorities to comply with a valid and authorised request, including a court order or other valid legal process;
- various regulatory bodies and law enforcement officials and agencies, including to protect against fraud and for related security purposes;
- enforcement agencies where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter.
Other than the above, we will not disclose your personal information without your consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health or safety of an individual or to public health or safety or for certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offences), or where such disclosure is authorised or required by law (including applicable privacy / data protection laws).
On our website, you may choose to use certain features that can be accessed through, or for which we partner with, other entities that are not otherwise affiliated with us. These features, which include social networking and geo-location tools, are operated by third parties, including social networks, and are clearly identified as such. These third parties may use or share personal information in accordance with their own privacy policies. We strongly suggest you review the third parties’ privacy policies if you use the relevant features.
6. Is personal information transferred overseas?
We may disclose your personal information to certain overseas recipients, if any such international transfers are necessary to provide the service for you. These are subject to appropriate or suitable safeguards as required by local data protection laws. (e.g. GDPR).
a. Travel service providers located overseas
In providing our services to you, it may be necessary for us to disclose personal information to relevant overseas travel service providers. We will only provide the minimum information to allow them to provide services (e.g. hotel). We deal with many different travel service providers all over the world, so the location of a travel service provider relevant to your personal information will depend on the travel services being provided. The relevant travel service providers will in most cases receive your personal information in the country in which they will provide the services to you or in which their business or management is based.
b. Our third party service providers located overseas
We may also disclose your personal information to third parties located overseas for the purpose of performing services for us, including the storage and processing of such information. Generally, we will only disclose your personal information to these overseas recipients to facilitate your travel booking and/or to enable the performance of administrative and technical services on our behalf.
7. Security of information
We are committed to safeguarding and protecting personal information and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect any personal information provided to us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal information transmitted, stored or otherwise processed. Sky Blue Adventures.com has implemented various physical, electronic and managerial security procedures to protect the personal information it holds from loss and misuse, and from unauthorised access, modification, disclosure and interference. Sky Blue Adventures.com regularly reviews security technologies and will strive to protect your personal information as fully as we protect our own confidential information. Sky Blue Adventures.com is not responsible for any third party’s actions or their security controls with respect to information that third parties may collect or process via their websites, services or otherwise.
We will destroy or de-identify personal information once we no longer require it for our business purposes, or as required by law.
8. Your rights in relation to the personal information we collect
If you wish to:
- update, modify, delete or obtain a copy of the personal information that we hold on you; or
- restrict or stop us from using any of the personal information which we hold on you, including by withdrawing any consent you have previously given to the processing of such information; or
- where any personal information has been processed on the basis of your consent or as necessary to perform a contract to which you are a party, request a copy of such personal information in a suitable form so that you can request this by emailing us at the address set out in section 13 .
You will receive acknowledgement of your request and we will advise you of the time frame within which you will receive your information. We endeavour to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.
Further correspondence regarding your request should only be made in writing to the Data Protection Officer at the address set out in section 13.
Please note that, if you request that we restrict or stop using personal information we hold on you, or withdraw a consent you have previously given to the processing of such information, this may affect our ability to provide services to you or negatively impact the services we can provide to you. For example, most travel bookings must be made under the traveller’s full name and must include contact details and appropriate identification (e.g. passport details). We cannot make bookings for you without that information.
You must always provide accurate information and you agree to update it whenever necessary. You also agree that, in the absence of any update, we can assume that the information submitted to us is correct, unless we subsequently become aware that it is not correct.
To assist with accuracy of data, we send registration forms and consent for each group / incentive we arrange, and do not keep or use data from previous trips you may have been on (this will be deleted).
You can at any time tell us not to send you marketing communications by email by clicking on the unsubscribe link within the marketing emails you receive from us or by contacting us as indicated below (section 13).
In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification for us to comply with our security obligations and to prevent unauthorised disclosure of personal information.
We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal information, and for any additional copies of the personal information you request from us.
9. Social media integrations
Our website and mobile applications may use social media features and widgets (such as “Like” and “Share” buttons/widgets). These are provided and operated by third party companies (e.g. Facebook/ Vamoos) and either hosted by a third party or hosted directly on our website or mobile application. SM Features may collect information such as the page you are visiting on our website/mobile application, your IP address, and may set cookies to enable the SM Feature to function properly.
If you are logged into your account with the third party company, then the third party may be able to link information about your visit to and use of our website or mobile application to your social media account with them. Similarly, your interactions with the SM Features may be recorded by the third party. In addition, the third party company may send us information in line with their policies, such as your name, profile picture, gender, friend lists and any other information you have chosen to make available, and we may share information with the third party company for the purposes of serving targeted marketing to you via the third party social media platform. You can manage the sharing of information and opt out from targeted marketing via your privacy settings for the third party social media platform.
10. IP addresses
When you access our website, use any of our mobile applications or open electronic correspondence or communications from us, our servers may record data regarding your device and the network you are using to connect with us, including your IP address. An IP address is a series of numbers which identify your computer, and which are generally assigned when you access the internet.
We may use IP addresses for system administration, investigation of security issues and compiling anonymised data regarding usage of our website and/or mobile applications. We may also link IP addresses to other personal information we hold about you and use it for the purposes described above (e.g. to better tailor our marketing and advertising materials, provided you have opted in to receive electronic marketing).
11. Tracking technologies / cookies
We may use third-party web analytics services on our websites and mobile apps. The analytics providers that administer these services use technologies such as cookies and web beacons to help us analyse how visitors use our websites and apps.
12. Linked sites
13. Feedback / complaints / contact
If you have any enquiries, comments or complaints about this Notice or our handling of your personal information, or wish to inform us of a change or correction to your personal information, would like a copy of the information we collect on you, or would like to raise a complaint or comment, please contact Paul Reeve the Data Protection Officer (using the details set out below) :
Post: Sky Blue Adventures, 33 Bonneville Close, Millisons Wood, Coventry CV59QH We will respond to any enquiries or complaints received as soon as practicable.
14. Changes to our Notice
We may amend this Notice from time to time. If we make a change to the Notice, the revised version will be posted on our website. We will post a prominent notice on our website to notify you of any significant changes to our Notice and indicate at the end of the Notice when it was most recently updated. It is your responsibility, and we encourage you, to check the website from time to time to determine whether there have been any changes. If we update our Notice, in certain circumstances, we may seek your consent.
This Privacy Notice was last updated on 1st October 2020