Privacy Policy
1. Introduction
Place to Place Travel Limited (“we, us, our”) is a company registered in England and Wales with company registration number 08341165, whose registered office is at Tempo House, 15 Falcon Road, London, United Kingdom, SW11 2PJ. We are committed to protecting your Personal Data. This privacy policy gives you detailed information on when and why we collect your Personal Data, how we use it and how we keep it secure. Please read this policy carefully alongside our Cookie Policy to understand our views and practices regarding your Personal Data and how we will treat it.
More information can be provided on request. Capitalised terms are defined at the end of this privacy policy in Section 12 (Definitions).
2. Our responsibilities
For the purpose of the applicable Data Protection Legislation, we are the Data Controller of any personal data we Process. As a Data Controller, we are responsible for ensuring our systems, processes, suppliers and people comply with Data Protection Legislation in relation to the Personal Data we handle.
We provide our People with training and require our People to comply with this privacy policy and our Cookie Policy when dealing with Personal Data.
We take Personal Data Breaches very seriously, and are required to notify the Information Commissioner’s Office in the event of such a breach.
When using, collecting and disclosing Personal Data, we follow the core data protection Principles underlying the Data Protection Legislation.
We have policies, procedures and records to demonstrate compliance with the Principles. Please contact us using details in Section 11 for further information on these policies, procedures and records.
3. How we collect, use and disclose your Personal Data
Generally, we collect your Personal Data when you interact with us (for example, when entering into a relationship with us as Customer, a Third Party service provider or one of our People). However, from time to time we also need to collect personal data from other Third Parties in connection with our relationship with you. We also look at how our users access and use our Website, so we can offer the best possible experience. We collect, use and disclose your Personal Data in the following ways:
OUR CUSTOMERS
Types of Personal Data
nformation such as:
· your full name;
· your date of birth;
· your contact details (such as your postal and email address and your phone number(s));
· Sensitive Personal Information such as details of any disability or medical condition which may affect the chosen holiday arrangements, dietary requirements, nationality and passport details (which may disclose your religious beliefs);
· credit/debit card details;
· your mother’s maiden name, next of kin or emergency contact details. You must ensure you obtain the Consent of any Third Party whose Personal Data you provide to us.
Collection
Your Personal Data will be collected from various sources including:
· when you contact us via email, telephone or in person;
· notes and records kept for the duration of your engagement with us as a Customer (including details of any instructions, complaints and meetings with us regarding our relationship and your engagement as a Customer);
· any ID documents you provide to us (including your passport and driving licence);
· any frequent flyer card(s) you provide us; and
· publicly available sources.
Purpose
Your Personal Data will be used for the following Purposes:
· delivering and improving the services we provide to you;
· internal administration management purposes;
· fulfilling our contractual obligations;
· fulfilling our legal obligations; and
· where you have given us your clear, unambiguous Consent to do so, your Personal Data may be used to contact you about and provide you with:
o communications and/or marketing material for which you have specifically subscribed; and/or
o to contact you about, and provide you with, the communications we think are relevant to your interests and preferences.
Disclosure
Your Personal Data may be transferred to:
· our Third Party service providers who support the operation of our business;
· other Third Parties involved in the provision of travel services, for the purposes of fulfilling our contractual obligations (for example, tour operators, flight brokers, hotels, transfer companies);
· other Third Parties such as our legal and other professional advisers and government departments; and
· where you have given us your clear, unambiguous Consent to do so, we may pass your Personal Data to selected Third Parties to provide you with information about services we feel may interest you.
We shall only transfer personal data to Third Parties which is limited to the relevant Purpose and is adequately protected.
THIRD PARTY SERVICE PROVIDERS
Types of Personal Data
Information such as your:
· name and business information;
· name and email address of your representatives;
· identification documentation; and
· payment details.
Collection
Your Personal Data will be collected from you directly.
Further information (e.g. to verify your identity) may be collected from Third Parties, such as publicly available sources.
Purpose
Your Personal Data will be used for relationship management and file opening, administration, to fulfil our contractual obligations and as required by law (e.g. anti money laundering).
Disclosure
Your Personal Data may be disclosed to our Customers for the purposes of fulfilling our contractual obligations.
We shall only transfer personal data to Third Parties which is limited to the relevant Purpose and is adequately protected.
Retention Period
Personal Data is not usually held for more than 5 years.
Please contact us using details in Section 11 if you require further information regarding how long your Personal Data will be held.
USERS OF OUR WEBSITE
Types of Personal Data
Information such as:
· technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, type of device used to access our Website and the location of where you access our Website via a mobile device;
· information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number; and
· your name and email address/other contact details.
Collection
Where you have given us your clear, unambiguous Consent to do so, your Personal Data is collected when you:
· use our Website (e.g. browsing, searching);
· provide us with personal information to enable us to contact you and let us know of your marketing preferences;
· contact us via email; and
· contact us using our online forms.
Purpose
Where you have given us your clear, unambiguous Consent to do so, your Personal Data is used to:
· tailor and enhance your user experience;
· improve the functionality of our Website;
· ensure our Website caters to our users’ preferences;
· contact you about, and provide you with, the communications we think are relevant to your interests and preference; and
· contact you and provide you with information about our services.
Disclosure
Your Personal Data may be transferred to our Third Party service providers who support the operation of our business.
Where you have given us your clear, unambiguous Consent to do so, we may pass your Personal Data to carefully selected Third Parties (including but not limited to Facebook) who may process your personal data to provide you with information about properties and/or property related services.
We shall only transfer personal data to Third Parties which is limited to the relevant Purpose and is adequately protected.
Retention Period
Personal Data is not usually held for more than 5 years.
Please contact us using details in Section 11 if you require further information regarding how long your Personal Data will be held.
4. Transfers of Personal Data
We also use a number of Third Party suppliers in connection with the operation of our business, and they may have access to the personal data we process. For example, an IT supplier may collect data on our behalf and/or see our Personal Data when providing software support. For the purpose of providing you with our services, we may also disclose your Personal Data to Third Party providers (e.g. hotels or flight brokers) making up your holiday arrangements.
When contracting with third parties and/or transferring Personal Data to a different jurisdiction, we take appropriate steps to ensure that there is adequate protection in place and that the Principles are adhered to.
In order for you to travel overseas, it may be mandatory (as requested government authorities) to disclose your information for immigration, security and anti-terrorism purposes, or any other purposes which they determine appropriate. Even if not mandatory, we may exercise our discretion to assist where appropriate.
5. Your rights
Personal data must be processed in line with an individual’s rights, including the right to:
· request a copy of your Personal Data;
· request that your inaccurate Personal Data is corrected;
· request that your Personal Data is deleted and destroyed when causing damage or distress; and
· opt out of receiving marketing communications from us.
The Data Protection Legislation gives you the right to access information held about you. Should you wish to make a request in line with your rights as an individual, please forward it to us using the contact details provided in Section 11 at the end of this Privacy Policy. We aim to respond to you within 21 days from the date of request.
6. Security
Information security is a key element of data protection. We take appropriate measures to ensure our systems, processes, Third Party suppliers and People secure Personal Data and protect it from loss or unauthorised disclosure or damage. Please contact us using details in Section 11 if you require further information regarding our policy and approach to information security.
7. Computer Security
Keep yourself safe from malware and viruses with adequate, up to date security on your computer. You can usually download free basic protection from providers such as AVG and McAfee, but for more comprehensive cover, it's best to choose security software. Keep your software switched on and up to date, and make sure that your operating system has the latest updates. It's a good idea to run regular scans on your computer.
When you're opening emails, be careful. Don't click on links to download files or open attachments you haven't asked for, or aren't expecting, as they may contain viruses. Back up all your files so they're available if the worst happens and your computer is infected by a virus.
8. Cookies
Our Website uses cookies to distinguish you from other users of our Website. This helps us to provide you with a good experience when you browse our Website and also allows us to improve our Website. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.
9. Consent to marketing
Where we wish to transfer your Personal Data to third parties who are not involved in the provision of our services but who we consider might interest you, we will always ask you to give your Consent.
10. Changes to our Privacy Policy
We keep our privacy notice under regular review. If we make changes to our Privacy Policy that affect how we handle your data, we will let you know by email. Minor changes will not be notified. You can check our Privacy Policy at this page at any time.
11. Contacts and complaints
Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to our customer service team at 020 7228 4296 or by writing to us at Place to Place Travel Ltd, Tempo House, 15 Falcon Road, London, SW11 2P or emailing us at info@place-to-place.co.uk.
12. Definitions
Consent: means the freely given, specific, informed and unambiguous consent given by a data subject in relation to his/her personal data being processed.
Controller: a personal/organisation who determines the purpose for which, and the manner in which, any personal data is processed.
Customer: a current or prospective Place to Place customer.
Data Protection Legislation: the Data Protection Act 1998 and any other applicable laws relating to the processing of personal data including the Privacy and Electronic Communications (EC Directive) Regulations 2003 and all related regulations, regulatory codes of practice, opinions and guidance issued from time to time, including by the Information Commissioner, and in each case any amending, superseding or replacement applicable law including (from and including 25 May 2018, where applicable) the General Data Protection Regulation 2016/679/EU.
People: all people providing services to or working for us, including but not limited to our employees, directors, and contractors.
Personal Data: information (including opinions) which relates to an individual and from which he or she can be identified either directly or indirectly through other data which we have or are likely to have in our possession, and including special category data. These individuals are sometimes referred to as data subjects.
Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed by an organisation electronically. A personal data breach may mean someone outside the organisation gets unauthorised access to personal data, but a breach can occur if there is unauthorised access within the organisation or if an employee accidentally alters or deletes personal data.
Principles: these core principles specify personal data should be: processed lawfully, fairly and in a transparent manner; collected for specified, explicit and legitimate purposes; adequate, relevant and limited to what is necessary; accurate and, where necessary, kept up to date; kept for no longer than is necessary; processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. Additionally, organisations must adhere to the principle of accountability.
Process: the ‘processing’ of personal data captures a wide range of activities, and includes obtaining, recording and holding personal data and performing any operation of the personal data (including erasure/destruction).
Processor: any person (other than an employee of the data controller) who processes the data on behalf of the data controller.
Purpose: the purposes identified in the “Purpose” column of the tables in section 3 of this privacy policy (How we collect, use and disclose your personal data), as applicable.
Special Category Data: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and genetic and biometric data and data concerning health or sexual orientation.
Third Party: a person, organisation or other body other than the data subject, controller or processor.
Website: www.place-to-place.co.uk (including all pages linked within the site map).