1. COMMITMENT STATEMENT
The EU General Data Protection Regulation (GDPR) is the most significant piece of European privacy legislation in recent history, replacing that of the 1995 EU Data Protection Directive (European Directive 95/46/EC). It aims to support the rights individuals have on data about themselves which is collected and stored. It also aims to detect, identify and mitigate against data breaches or leaks for all companies in the EU, as well as enforcing reporting on these issues. This aims to create one uniform policy across the EU regardless of whether the UK is part of the European Union. Any business that deals with EU nationals and business alongside their data must comply with the legislation.
2. BERKELEY RED’S COMMITMENT
At Berkeley Red Limited (https://www.berkeleyred.com/), we understand the concerns about how data may be stored, sent and used by companies. We are committed to complying with all data protection laws and want you to feel confident in the measures we are taking to uphold your data privacy rights.
3. WHY WE HAVE PERSONAL INFORMATION ABOUT YOU?
In the course of running our business, we gather, store, use and sometimes share information about our customers and others, in the same way as many organisations do as you engage with them (i.e. shops, restaurants, government departments, hospitality, hotels, and airlines). We also contact you with these e-mails because we have a legitimate interest to do so based upon an existing or prospective business to business relationship and so we can send you information about the latest events which your company may be interested in. You can always tell us by unsubscribing or telling us that you do not want to receive these e-mails anymore and if required your data we hold have deleted for ever. We explain this further below.
4. WHAT INFORMATION MIGHT WE COLLECT FROM YOU?
Here at Berkeley Red Limited, we do our best to keep the information we collect about you to the minimum necessary. Depending upon how you’re interacting with us, we collect, use, store and transfer different kinds of personal information as follows:
- Personal details about you and your guests or travelling companions;
- Payment details when you make a booking with us;
- Identification documents such as passport number and expiry date;
- Details of your booking requirements;
- Records of your interactions with us via phone/web requests/feedback;
- How you are using our site, apps, social media pages or call centres;
- Job application details if you apply for a job;
- Health details or dietary requirements so we can make sure the package is suitable;
In circumstances where we need to collect personal data by law or under the terms of a contract we have with you and you fail to provide that data when requested, we might not be able to provide you with your booking.
5. HOW DO WE COLLECT THIS INFORMATION?
We collect your personal details mostly when you interact with us or our website, such as when you book any event with us, contact our staff via phone or e-mail, create an online account, provide us with feedback, fill in our web forms. We collect some information about your browsing activity when you use our website and you can see more details about this in our cookies policy.
6. WHAT ARE OUR MARKETING PRACTICES?
We would like to keep you up to date with our latest offers, partnerships, sales, promotions, competitions that we think might be of interest/relevance to you. We may send you marketing based upon an existing or prospective business to business relationship under legitimate interest or if you have specifically provided us with your consent to send marketing communications to you. You can opt-out of marketing at any time by clicking on the ‘unsubscribe’ link included in all of our e-mail newsletters, changing your preferences in your account section if you have one or by contacting us directly.
7. WHAT PERSONAL DATA RIGHTS DO YOU HAVE?
- The right to ask us to correct any information you believe is incorrect.
- The right to ask us to not to use your information for marketing purposes.
- The right to receive a copy of the personal data we hold about you or to request that we transfer this to another service provider.
- In certain circumstances, the right to ask us to stop using information about you.
- The right to lodge a complaint to the Information Commissioner’s Office or the relevant data protection authority where you live.
- The right to ask us to limit or cease processing or erase information we hold about you in certain circumstances.
- The right to withdraw consent that you have provided to us to use your personal information.
You can exercise your legal rights by contacting us or, in the case of unsubscribing to e-mail marketing, by clicking on the relevant link included in our e-mails. See Retention and Deletion later in this statement.
8. WHEN DO WE SHARE YOUR PERSONAL DATA?
In order to provide you with the services you have requested (such as flights or tickets or hospitality to a sports event) or to provide you with as good a customer experience as possible we may share your personal information with third parties such as:
- Airlines, hotels, tour operators, transport companies, excursion providers, airport authorities, insurance companies, car hire companies, ground handling agencies, and cruise companies.
- Airports, immigration / border control and/or other government authorities.
- Credit references and fraud prevention agencies.
- Courts or advisors.
- Other suppliers that we work with in connection with our business.
- We share your information with any third party that you consent to our sharing your information with for marketing purposes;
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
9. HOW DO WE KEEP YOUR DATA SAFE?
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
10. HOW LONG DO WE KEEP YOUR DATA FOR?
We will only keep your personal data for as long as necessary to fulfil the purpose we collected it for, including for the purpose of satisfying any legal accounting or reporting requirements. We operate a data retention policy and look to find ways to reduce the amount of information we hold and the length of time we hold it for. By law we have to keep basic information about booking and our customers for six years for legal clams and tax purposes.
11. DATA RETENTION AND DELETION
Should any client or employee of Berkeley Red feel they wish to make a Subject Access Request (SAR), Data subjects must request their data by phone, email or letter stipulating what data they would like to access to, and this will be processed within 48 hours. We would send confirmation of this either by email or letter (whichever is most appropriate). If data has been deleted, erased or otherwise irretrievable the subject will also be informed of this. Subjects of data have the right to be forgotten and erased from records upon request. Subjects must request their data by phone, email or letter stipulating what data they would like erased and this will be processed within 48 hours. We would send confirmation of this either by email or letter.
12. HOW CAN YOU CONTACT US ABOUT YOUR DATA PRIVACY?
We have a dedicated employee who is responsible for overseeing our data and is available to answer questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact Berkeley Red’s Data controller using the details set out below
Berkeley Red Limited Ltd