Based in Northern Ireland, Croga Tours offers Coach Holidays, Day Trips & Group Coach travel all over the UK & Ireland.
POLICY FOR THE COLLECTION OF CUSTOMER EMAIL DATA
In accordance with the General Data Protection Regulation (GDPR), we have implemented a policy for the collection of customer email, the type of data stored and how we process the information.
We also include within this notice, the reasons for processing the data, the lawful basis that permits us to process it, how long we keep your data and the customers rights regarding their data.
DATA PROTECTION PRINCIPLES
Under GDPR, all personal data obtained and held by us must be processed according to a set of key principles.
In accordance with these principles, we will ensure that:
Data processing is fair, lawful and transparent
Data collected is relevant and limited to what is necessary for the purpose for which it is processed
Data is kept accurate and up-to-date; data that is found to be inaccurate will be rectified or erased
Data is not kept for longer than necessary
Data is processed in a manner that ensures appropriate security of personal information
TYPES OF DATA HELD
We hold the following types of data:
Personal details such as name; address; phone numbers; email addresses held within our computer systems and also as a manual copy
COLLECTING YOUR DATA
Customers will be asked if they wish to provide their name, email address and contact number for the sole purpose of sending related information such as tour details, itineraries, booking confirmation and promotional materials.
Customers will be fully informed as to why information is being requested and will be assured that data will not be shared with any third party.
Customers can opt-out if they wish.
LAWFUL BASIS FOR PROCESSING
The law on data protection allows us to process data for certain reasons only.
Email marketing, and the contact of customers by email, fall within our legitimate interest.
However, we will only send direct marketing materials where consent has been provided.
WHO WE SHARE THE DATA WITH
Employees within our company who have responsibility for email marketing will have access to the data which is relevant to their function. All employees with such responsibility have been trained in ensuring data is processed in line with GDPR.
PROTECTING THE DATA
We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse.
We have implemented procedures to guard against this.
We only keep the data for as long as we need it.
Customers have the following rights in relation to the personal data we hold on them:
the right to be informed about the data we hold and what we do with it
the right to access the data we hold on them
the right to correct any inaccuracies on the data we hold on them
the right to have data deleted. This is also known as erasure
the right to restrict the processing of the data
the right to object to the inclusion of any information
the right to unsubscribe at anytime
Where you have provided consent to our use of your data, you also have the right to withdraw that consent at any time, by unsubscribing. This means that we will stop processing your data.
It is imperative that consent is given by the customer for the collection and processing of any of their data. In this regard, staff should ensure that consent is received for all data collected.
DO NOT force any customer to provide any information against their will.
DO NOT use friends/ family data without their express consent
MAKING A COMPLAINT
If a customer emails, telephones or speaks directly to you regarding a complaint about how their data has been used, please advise them to unsubscribe and inform them all email marketing will cease.
If the complaint is of a more serious nature please direct them to Eoghan Rankin in his role as a data protection officer.
DATA PROTECTION COMPLIANCE
Our Data Protection Officer is: Eoghan Rankin email@example.com