1. Who we are:
We are Travel Escapes of Suite 30, The Hyde Building, The Park, Carrickmines, Dublin D18 EY94. You can contact us at this address by post or by email at firstname.lastname@example.org
2. What Personal Data do we collect or receive:
You provide some of these details to us, if you book a holiday with us or sign up to receive or emails or interact with our social media platforms: Personal, contact ID and payment details, including your full name and contact details, age, date of birth, gender, passport details, dietary requirements, nationality, marital status, payment card details.
You may also provide us with Sensitive Personal Data/Special Category Data if you tell us about a medical condition, accessibility requirement, allergy other health-related requirement, a meal preference.
We keep personal data, including details of your previous and planned bookings with us and with our suppliers if you book with them.
3. Why we process your data, the legal basis for processing your data
A. For people who view and interact with our website, we process data:
- to respond to your query when sent through our ‘contact us’ form
- to sign up to our newsletter when you request subscription through our website
The legal basis for this processing is our legitimate interest in the administration and operation of our business as well as our legitimate interest in marketing and promoting our services. We always include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time.
B: For people who make bookings with us:
- to manage your booking with us: we will need to use your personal data when you book a holiday or travel arrangement with us, for example to send you a confirmation invoice, to book travel services, such as flights, accommodation, to process payments, to manage changes to your booking or to assist with check-in. The legal basis for processing your personal data will usually be that the processing is necessary in relation to the contract which you have entered into for a holiday or other travel arrangement or because you have asked us to do something so that you can enter into a contract for a holiday or other travel arrangement.
- for marketing and promotional purposes: we use your contact details for our marketing and promotions, including to send you information about holidays and travel services we have on offer.
The legal basis for the processing of this data is either that we have received your consent or on the basis of our legitimate interest in promoting our services. We always include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time.
We share information such as your name and email address with our newsletter services provider who sends out our newsletters. This provider is not permitted to use this data other than on our behalf.
- for compliance with our legal obligations: We may be required legally to collect, retain and disclose your personal data to customs agencies, port authorities, law enforcement agencies or to comply with a court order.
The legal basis for the processing of this data is because a legal obligation applies to us.
C. For job applicants to the firm, we process data:
- to recruit new employees
- to ascertain your suitability for a specific role
The legal basis for this processing is processing necessary for the purpose of the legitimate interests of our business in recruiting new staff.
D. Audio data may include personal data which is gathered using recording systems at our location(s)
E. We also obtain and use certain aggregated data such as statistical or demographic data for any purpose (“Aggregated Data”). Aggregated Data may be derived from your personal data but does not directly or indirectly reveal your identity. For example, we may aggregate your Operation Data to calculate the percentage of users accessing a specific feature on our website. However, if we re-combine or re-connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.
Who we share your personal data with:
- So that we can fulfill your booking and our other services to you, we may share your personal data with third party suppliers such as airlines, accommodation providers, car hire companies, third party tour operators, cruise companies, ground handlers, excursion providers, airport authorities, and insurance companies.
- Where we are required to do so, we provide your personal data to various government authorities, including airport and immigration authorities, and border control agencies.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
4. Transfers of data outside the European Economic Area
We need to share your personal data with suppliers and other parties for the purposes set out in this privacy notice. Sometimes we may transfer your personal data outside of the EEA to perform our contract with you (to provide you with your holiday or travel arrangement). We will only transfer your personal data to countries that either have been deemed to provide an adequate level of protection for personal data by the European Commission or if the suppliers or other third parties are in the U.S. and are part of the US-EU Privacy Shield,
5. How long will we hold your personal data?
We retain your personal data only for as long as necessary: (i) for the purposes set out in this privacy notice, (ii) to provide you with your holiday or other travel arrangements you have booked with us, (iii) to comply with our legal obligations such as those arising from legal proceedings or in order to file our accounts; or (iv) to comply with our usual business data retention policies.
6. Your rights relating to personal data
You have the following rights under the GDPR, in certain circumstances and subject to certain exemptions, in relation to your personal data:
- right to access the data – you have the right to request a copy of the personal data that we hold about you, together with other information about our processing of that personal data.
- right to rectification – you have the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information you may request that we update the information such that it is complete.
- right to erasure – you have the right to request us to delete personal data that we hold about you. This is sometimes referred to as the right to be forgotten.
- right to restriction of processing or to object to processing-you have the right to request that we no longer process your personal data for particular purposes, or to object to our processing of your personal data for particular purposes.
- Right to data portability – you have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used machine-readable format.
In order to exercise any of the rights set out above, please contact us at the contact details at the start of this privacy notice.
If we are processing personal data based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing which took place prior to its withdrawal.
If you are unhappy with how we process personal data, we ask you to contact us so that we can rectify the situation.
You may lodge a complaint with a supervisory authority. The Irish supervisory authority is the Data Protection Commission.
7. Automated decision-making and profiling
We do not use any personal data for the purpose of automated decision-making or profiling.
8. Changes to this Privacy Notice
This notice was last updated on 04th March 2019 and may be updated from time to time.