As an Independent Travel Agency we need to collect, use and disclose personal information in order to perform our business functions and activities, including making and managing travel bookings on behalf of our customers. We are firmly committed to protecting the privacy and confidentiality of personal information and to maintaining various physical, electronic and procedural safeguards to protect personal information in our care.
It is important to note that we will not disclose personal information without consent unless it is necessary to facilitate the effective provision of services with regard to a booking, we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, or where such disclosure is authorised or required by law (including applicable privacy/data protection laws). The Privacy Notice shown below outlines your rights under the General Data Protection Regulation 2016/679 and shows how we propose to maintain these rights. In particular it outlines:-
1. Background
This Privacy Notice (“Notice”) sets out how Wordsworth Travel Limited, a company incorporated in the United Kingdom, protects the privacy of customer personal information. As an Independent Travel Agency we need to collect, use and disclose personal information in order to perform our business functions and activities, including making and managing travel bookings on behalf of our customers. We are firmly committed to protecting the privacy and confidentiality of personal information and to maintaining various physical, electronic and procedural safeguards to protect personal information in our care.
We will be a registered “data controller” for the purposes of the General Data Protection Regulation 2016/679 (“GDPR”) for any personal information we collect and hold for our customers in connection with our relationship and a “data processor” for any holidays booked through us an agent for a third party travel service provider.
2. What personal information do we collect?
Personal information has the meaning of personal data given under the GDPR. Personal information generally means information which relates to a living individual who can be identified from that information.
Generally, the type of personal information we collect about customers is the information that is needed to facilitate travel arrangements and bookings and to arrange travel related services and/or products on their behalf. We therefore typically process the following types of personal information :
We will only collect sensitive information (e.g. ethnic origin, religion etc) with customer explicit consent and where it is reasonably necessary for, or directly related to, one or more of our functions or activities (e.g. to make travel arrangements), unless we are otherwise required or authorised to do so by law.
3. How do we collect personal information?
We usually collect personal information during the course of the customer relationship with us. We will collect this information directly from the customer unless it is unreasonable or impracticable to do so.
Generally, this collection will occur:
We may collect personal information :
In some circumstances, it may be necessary for us to collect personal information from a third party. This includes where a person makes a travel booking on another customer’s behalf which includes travel arrangements to be used by that customer (e.g. a family or group booking). Where this occurs, we will rely on the authority of the person making the travel booking to act on behalf of any other traveller on the booking.
We make every effort to maintain the accuracy and completeness of your personal information which we store and to ensure all personal information is up to date.
4. How do we use personal information?
We will only process customer information, where:
Where customers contact us in relation to a travel booking or query, the purpose for which we collect personal information is generally to provide travel advice and/or to assist with booking travel and/or travel related products and services.
When customers book or otherwise arrange travel related products and services through us, we usually act as an agent for the relevant travel service providers (e.g. for a package holiday provider or Cruise Company ). In this case, we process the personal information as necessary so as to provide the services requested from us. This usually includes collecting personal information for our internal purposes as described in this Notice and for the travel service provider for whom we act as agent (e.g. to provide the booked services). For example, if ca customer books a package holiday through us, then we use their personal information to enable the holiday to be booked and disclose it to the holiday provider to enable them to provide the holiday.
We may therefore share information with our travel service providers such as package holiday or cruise companies, car rental, or other providers, who fulfil travel bookings.
Please note that these travel service providers also may use personal information as described in their respective privacy policy. We encourage customers to review the privacy policies of any third-party travel service providers whose products they purchase through us. We will provide with copies of all relevant travel service provider terms, conditions and privacy policies on request.
The purposes for which we collect and process personal information further include
Where agreed by the customer we may use personal information to send information on travel related issues and special offers that we think may be of interest. These may include, but are not limited to, Newsletters, Special Offers and Special Events.
5. Is personal information disclosed to third parties?
We do not and will not sell, rent out or trade personal information. We will only disclose personal information to third parties in the ways set out in this Notice and, in particular, as set out below, and in accordance with data protection laws. Note that, in this Notice, where we say “disclose”, this includes to transfer, share (including verbally and in writing), send, or otherwise make available or accessible your personal information to another person or entity.
Customer personal information may be disclosed to the following types of third parties:
Other than the above, we will not disclose personal information without consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health or safety of an individual or to public health or safety or for certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offences), or where such disclosure is authorised or required by law (including applicable privacy / data protection laws).
6. Security of information
We are committed to safeguarding and protecting personal information and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect any personal information provided to us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal information transmitted, stored or otherwise processed.
Wordsworth Travel has implemented various physical, electronic and managerial security procedures in order to protect the personal information it holds from loss and misuse, and from unauthorised access, modification, disclosure and interference. We regularly review security and will strive to protect your personal information as fully as we protect our own confidential information. In particular we have implemented the following procedures to safeguard your information:-
7. How long do we retain your personal information
We will retain customer personal information whilst they are still receiving services from us, unless they request for it to be removed from our database. This will be reviewed on an annual basis. Bookings information will be retained for a period of 5 years after the completion of the booking. This is in line with the current regulations for the storage of financial business data.
8. Customer rights in relation to the personal information we collect
Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) customers have a number of rights with regard to personal data. They have the right to request from us access to and rectification or erasure of personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.
If they have provided consent for the processing of data they have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before their consent was withdrawn.
Customers have the right to lodge a complaint to the Information Commissioners’ Office if they believe that we have not complied with the requirements of the GDPR or DPA 18 with regard to their personal data.
Please note that, if customers request that we restrict or stop using personal information we hold on them or withdraw a consent they have previously given to the processing of such information, this may affect or negatively impact our ability to provide services to them.
For example, most travel bookings must be made under the traveller's full name and must include contact details and appropriate identification We cannot make bookings without that information.
Customers can opt out at any time from any of our travel related communications via post or email. On the email they can ‘Unsubscribe’ at the bottom of the communication and their data will be omitted from our database automatically. If they choose to unsubscribe from our posted travel related communications they will need to contact us via telephone, letter or email to inform us of their decision
9. Feedback / Complaints / Contact
If customers have any enquiries, comments or complaints about this Notice or our handling of their personal information, or wish to inform us of a change or correction to their personal information, please contact us using the details set out at the beginning of this notice:
We will respond to any enquiries or complaints received as soon as practicable and no later than one month after your notification.
10. Changes to our Notice
We may amend this Notice from time to time. If we make a change to the Notice, the revised version will be posted on our website and be available for viewing at our offices. Major changes to the notice will be notified to all relevant customers and stakeholders.
This Privacy Notice was last updated on 10 May 2018.