Brampton Travel Ltd, T/A The Travel Team
Privacy Policy – Introduction
The purpose of this policy is to outline how The Travel Team has established measures to protect your privacy and information rights.
Your rights
We recognise that you have rights as a ‘data subject’, and that we have an obligation to uphold these. This privacy notice aims to outline how we maintain these rights. In particular, it outlines:
- How we collect and process your information
- Why we do this
- How you can exercise your rights;
- Who to contact in the event you’re unhappy with our performance. Depending on why we have collected your information, your information rights could include:
| Right | Explanation |
| Right to be informed | This encompasses the obligation for us to be transparent in how we collect and use your personal data. |
| Right of access | You have the right to access your personal data and supplementary information. |
| Right to rectification | If the information we hold on you is inaccurate or incomplete, you can request we correct this. |
| Right to erasure | You can request we delete or remove personal data where there is no compelling reason us to continue processing |
| Right to restrict processing | You have the right to request we cease processing your data, if:
You consider it inaccurate or incomplete; Where you object to processing and we are considering whether we still have a legitimate interest to process it. Where we don’t need the data for the original reason we collected it, but may need it to support a legal claim |
| Right to data portability | Where you have consented to our processing your data, or where the processing is necessary for us to deliver a contract, you can request a copy of that data be provided to a third party in electronic form. |
| Right to object | You have the right to object to our processing under certain circumstances. For example, you can object to: direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics |
| Rights relating to automated decision making including profiling | Where we apply automated decision making, we must give you information about the processing; introduce simple ways for you to request human intervention or challenge a decision. We carry out regular checks to make sure that our systems are working as intended Information related to automated decision making is contained later in this notice. |
Information we collect & Transfer of Data
Please find below a summary of the information we collect and how we use this to deliver services to you.
| Information we collect | Why we collect this | How we process this | Transfer of Data |
| When enquiring with the The Travel Team for a holiday or business travel reservation, we may collect your personal details including Name, family details (including children’s ages) Postal/Billing Address, email addresses, phone numbers and date of birth. | This information is collected so that we can contact you under contractual obligations and offer suitable offers for a proposed sale. | Our email provider will store any received/sent email and may store the email address used. Hard copies of any proposed sale may be kept for a number of weeks before being destroyed. Information may be given to third parties for quotation purposes (such as Tour Operators, car hire companies, accommodation suppliers) but is rarely identifiable. | Microsoft provide our emails, so any email received or sent will be stored on their servers which maybe outside of the EU but are fully GDPR compliant.
Your data/information may be given to any tour operator/supplier that requires information to provide the quotation |
PRIVACY NOTICE
| When making a reservation with the The Travel Team we will collect full names & dates of birth for all passengers, a postal/billing address and at least one contact telephone number. Whilst not essential, we will ask for an email address for communication purposes (email of confirmations/receipts and optional marketing activities conducted by us). We may collect some personal medical information (disabilities, special requirements). | This information collected is required due to Contractual obligations for the provision of a travel related sale. During the reservation process we will give you the opportunity to join our mailing list which will include email, postal and SMS campaigns. You may ask us to remove your details at any stage. We will never sell or share your personal information with any third party for their direct marketing activities. | We store this information on a Travel Industry approved Back Office Database System. The data is encrypted and password restricted meaning all your data is safe and secure. Local hardcopies are stored securely. Certain personal data is shared with the tour operator/supplier that your reservation is with. A record of your travel history made through The Travel Team is collected and used to personalise any marketing that we think may be suitable. Email campaigns are processed within our office using a third party marketing system in which your email addresses are stored. Unsubscribe links are included in every email. Postal and SMS campaigns are conducted on our behalf but are not shared beyond its intended use. | The office database system is hosted by MSN Ltd (Wizz) Microsoft provide and host our emails, so any email received or sent will be stored on their servers which maybe outside of the EU but are fully GDPR compliant.
MailChimp is used to send email advertisement campaigns and store personal email account information and basic travel history information (i.e. type of holiday previously travelled on, year in which you last booked etc). Their servers may be outside of the EU but are fully GDPR compliant. We are members of TTNG/Worldchoice and are responsible for providing our SMS/Postal marketing activities and use approved GDPR suppliers based in the UK. |
| We may also request Passport Information for provision of Boarding Passes, and loyalty club membership details to gain loyalty. | This information is requested to increase the level of service we provide, but is not compulsory for the provision of a sale. You may refuse and provide the information directly to the supplier (where relevant). | We store this on a password restricted internal database that is backed up to a cloud storage supplier (also password restricted). We share this information with a travel supplier to obtain boarding passes/obtain loyalty benefit and also to provide API where required for Government travel regulations. | For data backup we use Cloud Storage and whilst the servers hosting this information maybe outside of the EU, they are fully GDPR complaint.Your data will be shared with the approved Third Party supplier that requires the information with your approval. |
| When a passenger for some reason is unhappy, we will request this in writing, which may include personal information such as name, ages, family information (including children and health information, where relevant) address and travel details. | This information is required to be able to submit a complaint is a part of the Contractual obligations. | We keep hardcopies of any complaints received and store with your booking information. Emailed complaints may remain on our email servers and is shared with the supplier that the issue is with. | Comtec provide our emails, so any email received or sent will be stored on their servers which maybe outside of the EU but are fully GDPR compliant.
Your data will be shared with the approved Third Party supplier that requires the information with your approval. |
| When providing the sale of travel insurance, we will need names and dates of birth (for all travellers that require insurance) plus any pre- existing medical condition. | This information is required to be able to provide the sale of insurance and is a contractual obligation. | We keep a financial record of the insurance sale on our back office system and may keep a hardcopy of the insurance sale which may include any disclosed pre-existing medical conditions. The information of which is shared with the insurer and their approved medical screening company. | Holiday Extras are our approved insurance company, so will receive your data for issuance purposes. In turn they have an approved Medical Screening Company and also recommend we use Latitude insurance for persons with certain pre- existing medical conditions or over a 80 years of age. |
PRIVACY NOTICE
| When ordering foreign exchange, we require your name and contact information (telephone number) plus the order details. | This information is required to be able to provide the sale of foreign exchange and is a contractual obligation. | We store this information on an internal database and is not shared with anyone. | For data backup we use Cloud Storage and whilst the servers hosting this information maybe outside of the EU, they are fully GDPR complaint. |
| When recording a foreign exchange transaction, we may require personal identification such as Passport/Drivers License plus proof of Address. | This information is required to be stored for HMRC regulations. | We use a Third Party sales system for recording any Foreign Exchange transactions and your personal information relating to a currency purchase may be shared with them (Personal Identification including Name, Date of Birth, Passport/Drivers License, Proof of Address). | The sales system we use is provided by Tekbag Ltd and keeps record of any foreign currency sale and associated identification. Due to money laundry regulations, information may be shared with HMRC. |
| When assisting in the procurement of Entry Visas, country dependent, paper or digital application forms are often required to be completed. This information may include Name, Date of Birth, Address, Religion, Family information (children/parents), Travel History, Career information (including current work address), any Criminal Convictions and health information. Quite often either a hardcopy or digital photo and scanned copy of your passport is also required. | Any information requested from you, is required by the country you intend to visit. | If the country you are intending to visit requires digital forms/images to be submitted we will offer to securely store your data locally on our network to access at a later stage if you wish to repeat and reapply for another visa, saving you time completing application forms. | Embassy of the Country you are visiting Occasionally a tour operator will include Visa costs within the holiday cost and in these instances, the applications will be sent to the tour operator thus sharing information with them too. |
Retention of data
The Travel Team retains information for seven (7) years from our point of last contact. We hold this information to support our legal and regulatory requirements. If you object to this retention, please contact us – details provided in the ‘Contact’ section.
Securing your information
The Travel Team applies technical and organisational security measures in line with industry good practices such as ISO 27001.
Contact details
We recognise that you may have questions on how we process and/or store your data, or may want to change either the data we hold on you or how we communicate with you in the future.
If you have given consent for processing, you are free to withdraw that consent. To let us know this is the case email
e.beaty@thetravelteam.info
If you have any questions in respect of this notice, or would like to exercise your rights as a data subject (for example, to correct data or to exercise your right to access):
- The Travel Team, 34 Front Street, Brampton, Cumbria CA8 1NG
- Liz Beaty
Email: e.beaty@thetravelteam.info
Telephone: 016977 2929 / 07803 506 505 By post at above address
PRIVACY NOTICE
If you are unhappy that we have responded to your query adequately, of if you have a further complaint, The Information Commissioner’s Office can be contacted on 0303 123 1113
