At Blue Water Holidays your privacy is treated with respect. We promise that we will tell you what personal data we use and how we use it to ensure your holiday not only caters for your personal needs but is also safe. We will ensure compliance, from 25 May 2018 with the General Data Protection Regulations (EU) 2016/679, as well as with the Data Protection Act 1998 (and any amendment of or replacement for that Act) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (and any amendment of or replacement for those Regulations),and any other data protection laws that apply from time to time (the “Data Protection Laws”).
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
As a travel business, we need to collect certain personal data from you to ensure that we can make the arrangements for your cruise holiday with the cruise operator and other suppliers, and, where we act as principal tour operator for your package, in order to perform your holiday contract services. We would also like to collect your personal data to able to provide you with details of future cruise holidays and for the other purposes set out in this policy.
The data we collect
If you make an enquiry or join our mailing list we collect your name and mailing address, contact telephone number(s), and e-mail address(es) where applicable. We require this information to provide you with the service and information you have requested concerning your holiday booking or other transaction or enquiry. For training purposes we may record telephone calls to better assist our service to our customers.
When you book a holiday with us or enter into any other transaction with or via us we will need any information required to process the transaction, normally including credit or debit card number and expiry date. This is normally collected online using secure server and a transaction processor, currently SagePay. We do not hold any credit card information on our computer systems.
Purposes for which we process your personal data
To manage and administer your travel bookings
When you book your cruise holiday with us we will use your personal data in order to perform the services you have agreed to purchase, including taking payment for your cruise holiday, making arrangements with the cruise operator and other suppliers for your cruise holiday, issuing tickets, passing on your special requests to the cruise operator and other suppliers and otherwise administering and performing the booking contract that you have made with us.
As a necessary part of administering and processing your travel booking we will need to use your personal data for accounting, billing and audit, credit or other payment card verification, fraud screening, safety and security purposes, internal systems testing and maintenance and development.
Any relevant health and mobility information that you provide to us will be passed to the cruise operator and other suppliers in order to provide you with a safe holiday.
Your personal data will also be used if you ask us to amend or cancel your booking. When administering and managing your booking we will contact you using the contact information you provided at the time of booking. Please note that these communications are not made for marketing purposes and as such you will continue to receive them from us even if you have told us that do not wish to receive marketing communications from us.
To communicate with you and manage our relationship with you
If we have received a request from you, such as emailing us, telephoning us, filling in one of our webforms through our website or contacting us via social media (including from time to time, Facebook, Twitter, Instagram and YouTube), we will use the contact details you provide to reply to your request.
We value your opinion, so if you have travelled on one of our holidays we may send you a feedback request form to ask you for your views on your holiday and any concerns you have about the performance of the holiday contract. We will use this communication to manage our relationship with you as our customer and to improve our services and experience for customers.
To personalise and improve our service
We may use this information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant to you.
To inform you about new offers that you may like
We would like to send you communications about new offers of cruises and related travel services that you may like to book with us. Offers may include products and services that you may wish to add to your booking such as airport and port parking, UK chauffer transfers, flight upgrade opportunities, UK overnight hotels with parking, and mobility equipment hire. If you have previously enquired about our holidays or have made a booking with us (and so have previously shown an interest in our products and services) we will send you marketing communications [by email and post] unless you tell us that you do not want to receive these. If you have not booked or enquired with us previously, then we will only send you details of offers if you have agreed to receive these, for example, when you register on our website to receive offers. You can choose how you want to receive these communications – by email or by post or both. You may also make a request to receive marketing material from us over the phone or by email.
Please note that we do not share your personal details with other companies for their own marketing purposes without your prior consent.
You can change your preferences concerning marketing communications at any time. You can do this by clicking on the relevant unsubscribe link on any of our marketing related emails you may have agreed to receive from us, calling us on 01756 706500, writing to us at Blue Water Holidays, Bowers Wharf, Skipton, BD23 2PD, or emailing firstname.lastname@example.org.
For other lawful purposes
We will use your personal data for such other lawful purposes as are permitted under the Data Protection Laws and we will always obtain consent where required.
Security and retention of your personal data
Where we need to disclose your information to a third party for the fulfilment of your travel booking, we require that third party to have appropriate technical and organisational measures in place to protect your personal data and to process your data in accordance with our instructions.
We will only retain your personal data for as long as is appropriate and necessary for the purpose for which it is processed and we will limit the period for which personal data is stored to a minimum. To determine the appropriate retention period for personal data we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your data and whether we can achieve those purposes through other means, and the applicable legal requirements. You can request details of our retention policy. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you. We will periodically review time limits for erasure. In addition, you have a right to have your personal data restricted or erased – see more details under Section 5 below.
Sharing your personal data
We will need to share your personal data with third parties involved in performing the travel services that you have booked. This may include sharing your personal data with:
Airlines and cruise lines operators– for the purpose of fulfilling the flight and cruise elements of your holiday booking.
Other suppliers – for the purpose of fulfilling other elements of your holiday. We may for example need to share your personal data with the companies who provide ground services for us in resort, the accommodation provider, and transfer and other transport providers.
Credit and debit card companies - Blue Water Holidays shares some of your personal data, which includes information about your chosen method of payment, to the credit or debit card company that issues the card you use to make your booking. In order to ensure the security of your transactions and prevent or detect fraudulent transactions, we may also share your information with our fraud screening partner.
In the passenger information form sent to you after you book, we will ask you for your passport and visa information, insurance details and next-of-kin information and share this with the cruise line operator if they require it. We collect this information: to enable your entry to the various ports on your itinerary; and in the case of an incident during your cruise, to ensure that you are covered by insurance (including a medical evacuation) and to enable a next-of-kin to be contacted.
We will also need to share your personal data when necessary to comply with a legal obligation to which we are subject. This may include sharing your data with:
Authorities including the CAA – We may also disclose your personal data to the Civil Aviation Authority (CAA), for the purposes of ensuring compliance with the enforcement of the Civil Aviation (ATOL) Regulations 2012 (as amended from time to time).
In addition, we may disclose your personal data when this is required by the law of any jurisdiction to which Blue Water Holidays may be subject.
We require any third party that processes your personal data on our behalf to comply with high security standards for the protection of your personal data, our instructions for processing your personal data, and all other requirements of the Data Protection Laws as applicable.
If your cruise holiday is supplied by a cruise operator or other supplier established outside of the European Economic Area and or involves travel outside of the European Economic Area (“EEA”), your personal data may need to be transferred outside of the EEA in order to fulfil your booking. We will not transfer personal data outside of the EEA unless we have appropriate safeguards in place as required by the Data Protection Laws. Where we use suppliers in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
We will not share your personal details with other companies for their own marketing purposes without your prior consent.
You have the right to request a copy of the personal data that we hold about you and to check that we are lawfully processing it (commonly known as a “data subject access request”) free of charge. This could include booking information relating to holidays you have booked through us.
You can also ask us to rectify any errors in your personal data, complete any incomplete data that we hold, or transfer it to you or another person.
Where you have given your consent to our processing of your data, you have the right to withdraw your consent at any time. If you withdraw your consent and there is no other legal basis for us to process your data, you can ask us to erase your personal data. You can also require us to erase your data if we have processed your data unlawfully or if the law requires us to erase your data. We will not always be able to comply with your request for erasure or specific legal reasons which will be notified to you, if applicable, at the time of your request.
You may also restrict or suspend the processing of your data where you want us to establish the data’s accuracy, where we no longer need your data for processing but need your data for the establishment, exercise or defence of legal claims or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Where we process your personal data for direct marketing purposes, you have the right to object to such processing, including any profiling related to such direct marketing. We shall cease to process your data upon being notified of your objection. You have the right to object to any processing of your personal data where we are relying on a legitimate interest and you feel the processing impacts on your fundamental rights and freedoms. In some cases we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Full details of your rights are set out in the Data Protection Laws.
Cookies and other tracking technologies
We use Google Analytics and Call Tracking software to record general user activity in order to help customers find us, as well as improve the site and the customer experience. In particular, we may collect details of your visits to our websites (including, but not limited to, traffic data, location and time data, weblogs and other communication data), pages that you access, information about your computer, including where available your IP address, operating system and browser type.
Third parties (including, for example, advertising networks and providers of external services like web traffic analysis) may also use additional cookies, over which we have no control. These cookies are likely to be analytical, performance or targeting cookies.
The cookies we use are:
Strictly Necessary Cookies
Strictly Necessary Cookies let you move around the website and use essential features. These cookies do not gather any information about you that could be used for marketing or remembering where you've been on the internet.
We collect information about how you use our website using performance cookies. These cookies do not collect any information that could identify you – all the information collected is anonymous and is only used to help us improve how our web site works and to understand what content interests our users. These cookies do not gather any information about you that could be used for marketing or targeting adverts to you on any other website.
We use performance cookies to:
Collect information regarding how our website is used
Measure the effectiveness of our adverts
Monitor errors that you experience during your visit and improve our website
Some performance cookies are managed for us by third parties, but we do not allow the third party to use the cookies for any purpose other than those listed.
Functionality cookies are used to provide services or to remember settings to improve your visit. They help us provide enhanced, more personalised features. Cookies defined as functionality cookies will not be used to target you with adverts on other websites.
These cookies are used to deliver adverts more relevant to you and they collect information about your browsing habits. Targeting cookies are linked to services provided by third parties, such as 'like' and 'share' buttons on Facebook as well as other advertisements. We use targeting cookies to send third parties information on your visit so that they can make their advertising more relevant to you when you visit their websites.
You can control whether these targeting cookies are used by updating your browser settings. These cookies are managed by third parties, and you may alternatively use the third parties' own tools to prevent these cookies.