At Osprey Holidays we are dedicated to safeguarding and preserving your privacy when visiting our site or communicating with us. We adhere to the requirements of the EU General Data Protection Regulation (GDPR) and the Data Protection Act 1998.
We do update this Policy from time to time so please do review this Policy regularly. Last updated: 22/05/2018
How we collect information
We will only collect personal information from you by specifically asking for it:-
- When you make a booking with us over the telephone.
- When you write to us, telephone or email us; or complete a form on our website to make an enquiry or other communication.
- When you register with us to receive brochures, newsletters or email updates; and when you enter competitions or take part in surveys and customer feedback.
Information we collect
We may collect all or some of the following information relating to you or other members of your holiday party:-
- Names, dates of birth and contact details (email address and telephone numbers);
- Credit/ debit card or other payment details;
- Special requirements such as those relating to any dietary requirements (which may disclose your religious beliefs), disability or medical condition which may affect your chosen holiday arrangements;
- Passport details;
- Travel insurance details;
How we use the information you give us
When we make your booking, we must use your information in the following ways:-
We will use the names of all people on your booking to pass on to the providers of the services making up your travel arrangements such as hotels, tour providers, attractions, transfer operators and transport options (all of which could be located outside the UK/EEA). They need this information in order to arrange and secure your travel arrangements. When we are required to do so, and only ever to adequately manage your booking, your information may be passed to our suppliers located outside the UK/EEA.
We will use the postal and email address you give us to send you confirmation and itinerary documentation and, with your specific consent, we will use it to contact you with future offers and information about the services we provide.
We will use the details of your travel insurance policy to contact relevant individuals and insurance companies in the event of an emergency involving you.
Your credit/ debit card or other payment details will be used to take authorised payments for your travel arrangements.
We need to understand any special requirements you have (such as those relating to any dietary requirement, disability or medical condition) so that we can check that the travel arrangements you have selected are appropriate for you. Where appropriate and with your consent we will pass this information on to the suppliers of your travel arrangements so that they can plan your travel requirements effectively.
The passport details of all members of the travelling party will be used order to book flights/rail/ferry etc and to expedite immigration processes when possible. We may also pass on other information relating to you for immigration, security and anti-terrorism purposes; or for any other purposes which a government authority determines appropriate. IATA rules state airlines require passenger contact details (e.g. a mobile number) when making a flight booking. Contact details will be made available to the airline so that in the event of possible flight disruptions the airline can contact passengers directly and inform them about flight changes. Contact details will not be used for any other purpose. If you do not wish these details to be passed to the airline, please let us know at the time of booking.
We may need to use your personal information to comply with a relevant legal or regulatory obligation that we have. For example, in some countries, we are required to provide API to border control, customs and law enforcement officers at ports of entry and exit on your itinerary.
If you fail to provide us with this information, we may not be able to plan or confirm your booking. And/or (after we have confirmed your booking) we may not be able to assist in you checking into your hotel or notify your insurers about any emergency situations involving you.
Where we rely on consent to use your information, you have the right to withdraw that consent at any time. Please refer to the ‘Your Rights’ section of this policy for further details. Please note the implications if you withdraw your consent to us using your information as described.
Disclosing Your Information
Where applicable, we may disclose your personal information to any member of our group. This includes, where applicable, our subsidiaries, our holding company and its other subsidiaries (if any).
We may also disclose your personal information to third parties:
- Where we provide information to our suppliers as detailed in the section above so that they have everything they need to allow your holiday to run smoothly.
- Where we provide information to certain third party technology providers for the purposes of email marketing and online live chat services, or for the purposes of reviewing your experience with us.
- Where we sell any or all of our business and/or our assets to a third party.
- Where we are legally required to disclose your information.
- To assist fraud protection and minimise credit risk.
These third parties have agreed to confidentiality obligations and to use any personal information we share with them or which they collect on our behalf solely for the purposes of providing their service to us.
Sometimes we will need to transfer your information outside of the UK in which case we will make sure that we transfer your information in a way that complies with the GDPR (for example in some circumstances we may ask you for your explicit consent to make a transfer of your information).
We will never sell your information to any third parties.
Storing Your Personal Data
Information is stored by us on secure servers located in the UK. We may transfer the information to other to other reputable third party organisations as required in order for us to fulfil our obligations to you – they may be situated inside or outside the European Economic Area.
Details relating to any transactions entered into on our website will be encrypted to ensure its safety.
The transmission of information via the internet is never completely secure and therefore we cannot guarantee the security of data sent to us electronically and transmission of such data is therefore entirely at your own risk.
We also store information in paper files that are stored securely.
We will keep your information for only as long as we need it for or until such time as you instruct us to delete it.
We’d like to stay in touch
We will only send you direct marketing in accordance with your marketing preferences. When we collect your name, postal and email address as part of our booking process or when you make an enquiry, we will ask you for your permission to make use of those details for these purposes and if you give us that permission, you can change your mind and ask us not to stay in touch at any time by contacting us via telephone on 0131 243 8098, email at email@example.com or by post to 21 Logie Mill, Edinburgh, EH7 4HG. We will never share information about you with third parties for their own marketing purposes. Be aware that if you unsubscribe completely from our marketing communications we may be unable to notify you of tailored offers to meet your needs.
Third Party Links
You mind find links to third party websites on our website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
Google Analytics and Google AdWords
We may use Google Analytics for the following purposes:
- Google Analytics Demographics and Interest Reporting. Osprey Holidays use data from Google's Interest-based advertising or 3rd-party audience data (such as age, gender and interests) with Google Analytics to inform our marketing strategy.
Visitors can opt out of Google Analytics for Display Advertising and customise Google Display Network ads using Google's Ad Settings page. Visitors can opt out of Google Analytics using this browser add-on.
You always have the right to review the personal information we keep about you. Your rights include:
- the right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed
- the right to prevent your data being used for direct marketing
- the right of access to a copy of the information we hold about you (known as a subject access request)
If you wish to exercise any of these rights please contact us in writing at 21 Logie Mill, Edinburgh, EH7 4HG or by emailing firstname.lastname@example.org. Please note it is our policy to charge the statutory maximum fee of £10 for a subject access request.
For more information about your rights under General Data Protection Regulation, or to lodge a complaint, go to the website of the Information Commissioner’s Office at ico.org.uk.