With GDPR being introduced on 25th May 2018, it is important for all business to explain how your personal data is stored and used. We just love showing our guests around the Cotswolds and we hope that the information below will give you confidence in booking a tour with us.
We encourage you to read this policy carefully and to contact us if you have any questions or concerns about our privacy practices.
Who we are?
Cotswolds Guided Tours is a small family run business, providing guided tours to guests visiting the Cotswolds, as outlined on our website.
If you have any questions and want to discuss this with us, please contact Lucy Lambert the ‘Data Controller’ by email firstname.lastname@example.org, or through the website ‘Contact Us’ page
What is Personal Data?
“Personal data” means any information that can be used to identify an individual person. Examples include your name, address, email address, telephone number, demographic information and other personal information.
Cotswolds Guided Tours collects personal data that it is voluntarily submitted by visitors to our website, for example if you make a booking through our website or submit an enquiry via the contact form on our website. Certain data may also be collected via our website or other online services by way of cookies, analytics services and similar technologies.
What information do we collect?
In order to run our Cotswolds Guided Tours, when placing a booking we collect guests, names, addresses (home / hotel accommodation) contact numbers & email addresses. This information is collected when a visitor completes the ‘Book Online’ form via invoice/email, or provided to us by third parties such as Tourist Information Centres, when guests make a booking through this method.
Payment for tours is always made through an online platform, we never have access to credit card or bank details and utilise PayPal or Stripe as an online payment method.
Any personal data collected is securely stored, until such time that it is no longer required or has no use. We will never share your personal data or contact information with third parties without your consent.
Why and how do we process your personal data?
For communication purposes
When you contact us, for example by sending us an email, submitting a message via the contact form on our website, telephoning us, sending a message via social media, or using SMS or a messenger service, we process data such as your name, address, email address and telephone number so that we can communicate with you, keep records about your enquiry or booking, and so that we are able to pursue or defend any legal claims.
For contractual purposes
When you make a reservation or purchase through the Cotswolds Guided Tours website, we process customer data including your name, title, billing address, email address, phone number, contact details, purchase details and your card details, which are necessary for us to receive and validate your payment, to enter into a service contract with you, and to keep records of such contracts.
For administration purposes
We process user data about how you use our website or other online services that connect to our website (for example social media services). We do this so that we can properly administrate our website and online services, ensure that our website is kept secure, and to maintain back-ups of our website and/or databases in the event of website failure so that we can continue to operate our business effectively.
For technical purposes
Through our use of analytical services we process technical data that provide us with information about how you use our website and online services. These data include things like your IP address, which Internet browser you are using, how long you spend on each page of our website, which pages you visit, the order in which you navigate through the pages of our website, how many times you visit our site, which time zone you are on, and which devices you use to access our site. We process this data to administer and safeguard our website and business, and to analyse the ways in which visitors use our site and services so that we can deliver relevant content, implement changes that improve the user experience and develop our marketing strategy.
“Sensitive data” includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation or gender identity, political views, trade union membership, health status or conditions, genetic or biometric data, criminal convictions and offences. We do not and have no need to collect, process or use such sensitive data.
For marketing purposes
We process data about your marketing preferences, including your subscription to newsletters and promotional information, and ‘follows’ and ‘likes’ on social media profiles. We do this so that we can send or share with you relevant promotional or informational materials where you have consented to receive this, to enable you to take part in competitions and promotions, to deliver relevant website content and advertisements, and to assess the impact of this advertising, so that we can deliver an effective marketing strategy to develop and grow our business.
Where permitted by law, some of the data described above may be processed without your knowledge or consent.
To help grow our business, deliver effective services to our customers, and in line with Privacy and Electronic Communications Regulations, we may send marketing communications to you if you made a purchase or have asked us for information about our goods and services and you have expressly given your consent to receive such communications. You may opt-out of these marketing communications at any time by using the unsubscribe link provided in the email, or by making a request in writing to email@example.com
Who we would Share your Personal Data With
We never sell the personal data you voluntarily provide to us. We may share your personal data for specified purposes and in accordance with our instructions with:
Payment processing services such as Stripe or PayPal
Professional advisers including lawyers, bankers, auditors and insurers
Government bodies that require us to report processing activities.
How long do we keep your personal data for? Known as Data retention
We only retain your personal data for as long as is necessary to fulfil the purposes for which we collected it in the first place, including for the purposes of satisfying any legal, accounting, or reporting requirements.
For tax purposes, the law requires us to keep basic customer information for six years after they cease to become customers.
We may continue to use personal data indefinitely and without further notice to you so long as it is in an anonymised form for research or statistical purposes.
Your rights in relation to personal data
Data protection laws state that you have rights to your personal data including the right to request access to it; its correction, erasure, restriction or transfer; to object to the processing or portability of your data and, where consent is required, to withdraw consent. Please see https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/ for more information about your rights and contact us at firstname.lastname@example.org if you wish to exercise any of these rights.
There is no fee to access your personal data (or to exercise any of the other rights), but we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We may also refuse to comply with your request in these circumstances.
To confirm your right to request access to your personal data, or to exercise any of your other rights in this regard, we may request specific information from you as a security measure to confirm your identity. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one calendar month, though if your request is complex or you have made several requests this may take longer and we will notify you.
You have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk) if you are not happy with how we collect and use your data. However, please contact us before you contact the ICO to give us the opportunity to resolve your issue directly.
Communication, engagement and actions taken through external social media platforms that Cotswolds Guided Tours and it’s owners participate in are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Linking to other websites / third party content
The Cotswolds Guided Tours website includes links to third party websites, plug-ins and applications over which we have no control in terms of privacy and data sharing. Clicking these links or using these applications may allow third parties to collect or share data about you. Please read the privacy statements made by each of these third parties when using their services.